I've integrated Java jar based application with WSO2 identity server, this application has login portal whereas it is possible to login with same user simultaneously through different systems and browser. Is there any way to restrict Simultaneous or concurrent login at WSO2 server end. if there is any way to prevent concurrent logins with same user then please let me know. thanks
Asked
Active
Viewed 666 times
1
-
There are so many ways that a user can log out without you being notified (simple deleting of cookies, for example). How do you want to deal with things like this? – Joe C Jan 19 '17 at 06:24
-
It doesn't use any cookie, it is a windows based jar application and purpose is to restrict multiple logins with same user. – Kai Mathers Jan 19 '17 at 06:30
-
OK, that makes it easier to deal with. – Joe C Jan 19 '17 at 06:34
-
How ? can u please help to sort out this. how to prevent multiple logins in wso2. thanks – Kai Mathers Jan 19 '17 at 06:40
1 Answers
3
With IS 5.3.0 you can find all the login sessions of a given user. To get this done you need to write an interceptor for the login flow and check whether that user has a login session already - and if so fail the authentication.
Prabath Siriwardena
- 5,891
- 1
- 27
- 34
-
-
1For anyone seeing this now (and maybe OP as well), I was able to get a pretty good answer in my own question [here](https://stackoverflow.com/questions/52975279/wso2-get-active-sessions-for-user) – maggiomj Nov 06 '18 at 15:33