The implementation for concurrent session control, kindly follow the steps below to enable it.
  1. Please download the attached 2 jar files and put it in "[tomcat directory]/webapps/jw/WEB-INF/lib".

  2. Modify "[tomcat directory]/webapps/jw/WEB-INF/applicationContext.xml" with following

    <security:http>
  <security:session-management>
    <security:concurrency-control max-sessions="1" error-if-maximum-exceeded="true" expired-url="/web/login" session-registry-ref="clusterSessionRegistry"/>
  </security:session-management>
</security:http>
<bean id="clusterSessionRegistry" class="org.joget.session.service.ClusterSessionRegistryImpl"></bean>

  3. Uncomment the following in "[tomcat directory]/webapps/jw/WEB-INF/web.xml".

    <!-- Uncomment this listener to support concurrent session control>
<listener>
      <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>
<-->

  4. Please modify the following from 'error-if-maximum-exceeded="true"' to ' error-if-maximum-exceeded="false"'.

    <security:session-management>
    <security:concurrency-control max-sessions="1" error-if-maximum-exceeded="false" expired-url="/web/login" session-registry-ref="clusterSessionRegistry"/>
</security:session-management>

    If you run into any errors, other users have had success by removing the piece of code below:

    session-registry-ref="clusterSessionRegistry"

    This implementation will create a new table in the database named "cluster_session". Note that this implementation is out of our official product support scope.


    Download the attached files below: