max session in spring

Sep 23, 2010 at 4:01 AM

 <security:http entry-point-ref="negotiateSecurityFilterEntryPoint" auto-config="false">
//other intercept url
<security:form-login login-page="/login.jsp" authentication-failure-url="/login.jsp?error=auth" />
<security:concurrent-session-control max-sessions="1" />
 </security:http>

 

above is how my appcontext.xml look like.  i open internet explorer, do ntlm and success go into portal. then i open firefox, login ntlm with same user, able to login portal.  seem to me, the concurrent session control no longer working. is this waffle bug?

Coordinator
Sep 23, 2010 at 2:36 PM

I think you'll have to do some research here. I don't know how concurrent-session-control is implemented in Spring and what makes a session unique. It's probably someting Waffle needs to change so that spring can think that a login with the same credentials is the same login.