[
https://issues.apache.org/jira/browse/SHIRO-456?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13766838#comment-13766838
]
Les Hazlewood commented on SHIRO-456:
-------------------------------------
Thanks very much for the issue!
> A way to limit the numer of current sessons with the same credentials
> ----------------------------------------------------------------------
>
> Key: SHIRO-456
> URL: https://issues.apache.org/jira/browse/SHIRO-456
> Project: Shiro
> Issue Type: New Feature
> Components: Authentication (log-in)
> Affects Versions: 1.2.1
> Reporter: JD Evora
> Priority: Minor
> Labels: features
>
> A usual requirement is to limit the number of users that can be
> simultaneously logged in using the same credentials (or invalidate previous
> sessions)
> Even you can find a possible implementation in
> https://kenai.com/projects/shirospring I think that it is important to add
> it as standard
> As a reference, spring security implements it with the max-sessions="1"
> attribute
> <security:concurrent-session-control
> max-sessions="1" exception-if-maximum-exceeded="true" expired-url="/login"
> />
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
