Martin Bednář wrote:
Hello,

In our application I must guarantee that user is logged only once to the
application.
I have the following problem.

1,User logged to aplication, create session1
2,User browser crased, but session1 is still alive for next 30minutes
(session expiration time is 30minutes).
3,User open new browser and login to application (session2 is created).

And in point 3 I need close session1 before I log user in.

I hold userId in user session, but I don't know how to iterate over all
sessions and check if another session for same user is here.

Any advice ?

Have a look at how Acegi Security handles concurrent sessions management:

http://www.acegisecurity.org/guide/springsecurity.html#concurrent-sessions

hth

--
Leszek Gawron

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org

Reply via email to