The implementation for concurrent session control, kindly follow the steps below to enable it.

  1. Please download the attached 2 jar files and put it in "[tomcat directory]/webapps/jw/WEB-INF/lib".
  2. Modify "[tomcat directory]/webapps/jw/WEB-INF/applicationContext.xml" with following

    <security:http>
      <security:session-management>
        <security:concurrency-control max-sessions="1" error-if-maximum-exceeded="true" expired-url="/web/login" session-registry-ref="clusterSessionRegistry"/>
      </security:session-management>
    </security:http>
    <bean id="clusterSessionRegistry" class="org.joget.session.service.ClusterSessionRegistryImpl"></bean>
  3. Uncomment the following in "[tomcat directory]/webapps/jw/WEB-INF/web.xml".

      <!-- Uncomment this listener to support concurrent session control>
      <listener>
    		<listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
      </listener>
      <-->
  4. Please modify the following from 'error-if-maximum-exceeded="true"' to ' error-if-maximum-exceeded="false"'.

    <security:session-management>
    	<security:concurrency-control max-sessions="1" error-if-maximum-exceeded="false" expired-url="/web/login" session-registry-ref="clusterSessionRegistry"/>
    </security:session-management>

    If you run into any errors, other users have had success by removing the piece of code below:

    session-registry-ref="clusterSessionRegistry"

This implementation will create a new table in the database named "cluster_session". Note that this implementation is out of our official product support scope.


Download the attached files below:

  • No labels