2009/10/12 Josh Gooding <josh.good...@gmail.com>: > To my knowledge the Single Sign on in Tomcat is a way for all of your back > end applications in your VH to recognize that you have logged in to one > place, and all of the apps belonging to that VH will be logged into.
Correct. > What I am trying to do is restrict the login from users to one single > session. (i.e. if you are logged in once, you cannot log in again unless > your session expires or you log out.) Is this possible with what is > included with Tomcat or is this going to take some custom code? You'll need custom code. Are you sure this is an appropriate requirement? In particular, how do you plan to handle (say) a browser or client crash that loses the in-memory session cookie? The user can neither log out from the old session nor log into a new session until the server times out the session. - Peter --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org