I am using Spring Acegi for my application security. It is amazing. It works perfectly fine and also very open for customization. Recently, there is a request from the customer to disallow concurrent sessions. I thought it may be a challenge but yet again, it prove that I have made the right choice:
After googling for a couple of minutes I found this
<concurrent-session-control max-sessions=”1″ exception-if-maximum-exceeded=”true”/>
And that’s it. Everything is running smoothly after restarting the app server.