For that you may need to do your own session tracking using an HttpSessionListener<http://download-llnw.oracle.com/javaee/5/api/javax/servlet/http/HttpSessionListener.html>, and trying to handle yourself a Session cache (Be carefully of not leaking those session by not preventing the container to reclaim that memory when needed if they got stale).
Also i believe Spring Security (former Acegi) has builtin support for this use case. On Thu, Jul 29, 2010 at 5:56 AM, MelmanRo [via Apache Wicket] < ml-node+2306158-2052172248-229...@n4.nabble.com<ml-node%2b2306158-2052172248-229...@n4.nabble.com> > wrote: > Hi guys, > > I'm trying to achieve the behavior where if a user is logged in and he is > logging in from some place else again, he would be logged out and prompted > the login page in the first place. > > For now, I've experimented with Session#invalidateNow and > ApplicationSettings#setExpiredErrorPage on the current session and it works > fine. I can't figure out how I can invalidateNow other session than the > current one. Besides this, a method that wouldn't require storing the > sessionId for one user in the DB would be preferred (a Map at WebApplication > level maybe?). > > Any suggestions are welcome. I've searched the forum for similar threads > but didn't quite understand how to do it... > > Thanks > > ------------------------------ > View message @ > http://apache-wicket.1842946.n4.nabble.com/Single-session-per-user-tp2306158p2306158.html > To unsubscribe from Apache Wicket, click > here<http://apache-wicket.1842946.n4.nabble.com/subscriptions/Unsubscribe.jtp?code=amNnYXJjaWFtQGdtYWlsLmNvbXwxODQyOTQ2fDExOTE5MDc4OTQ=>. > > > -- Sincerely, JC Work smarter, not harder!. -- View this message in context: http://apache-wicket.1842946.n4.nabble.com/Single-session-per-user-tp2306158p2308007.html Sent from the Wicket - User mailing list archive at Nabble.com.
