Would it not suffice to check whether subject.isAuthenticated() and then either do subject.logout() before accepting the new login attempt or deny the new login attempt? Am I missing something here?
-- View this message in context: http://shiro-user.582556.n2.nabble.com/Re-Control-Prevent-concurrent-user-logins-from-different-browsers-devices-tp7579195p7579381.html Sent from the Shiro User mailing list archive at Nabble.com.
