Return-Path: 
 <user-return-5918-apmail-shiro-user-archive=shiro.apache.org@shiro.apache.org>
X-Original-To: apmail-shiro-user-archive@www.apache.org
Delivered-To: apmail-shiro-user-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 6969D10B36
	for <apmail-shiro-user-archive@www.apache.org>;
 Wed, 26 Mar 2014 15:35:20 +0000 (UTC)
Received: (qmail 89854 invoked by uid 500); 26 Mar 2014 15:35:18 -0000
Delivered-To: apmail-shiro-user-archive@shiro.apache.org
Received: (qmail 89515 invoked by uid 500); 26 Mar 2014 15:35:14 -0000
Mailing-List: contact user-help@shiro.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:user-help@shiro.apache.org>
List-Unsubscribe: <mailto:user-unsubscribe@shiro.apache.org>
List-Post: <mailto:user@shiro.apache.org>
List-Id: <user.shiro.apache.org>
Reply-To: user@shiro.apache.org
Delivered-To: mailing list user@shiro.apache.org
Received: (qmail 89485 invoked by uid 99); 26 Mar 2014 15:35:12 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 26 Mar 2014 15:35:12 +0000
X-ASF-Spam-Status: No, hits=1.5 required=5.0
	tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of brian.demers@gmail.com
 designates 209.85.217.179 as permitted sender)
Received: from [209.85.217.179] (HELO mail-lb0-f179.google.com)
 (209.85.217.179)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 26 Mar 2014 15:35:06 +0000
Received: by mail-lb0-f179.google.com with SMTP id p9so1612907lbv.38
        for <user@shiro.apache.org>; Wed, 26 Mar 2014 08:34:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=bTZJiHLe/Nx18oJpd7WOZo7oCWstiAmsy0AIQtsnnek=;
        b=qJ6jJP7OopgEGot0Ig6RHZbM2yFZY++1/xFCexfWHHTMn4hzIFurcJ6kgJ1B4mzVrI
         o0wpvUFPI762MuGcZw0F+ychrdHBxuHOOZ/NRoR9oZVHvIU/BvICkn+inoI/Ik+YzbbO
         tpf/v6Sa+nTJn2/+1NnZbOP000Yzii+37bBrmEtx7xouLQC2aKr1Obc+D0nKcWx0rZv2
         5f65Goua9LudXyWDbfJxKuvGbtwKLgj+HufmZuIX9MpEtkIaPSD6gqPu4nx1Ym39AuIr
         sqIRrTH1oObq6lUnx/258S/neBOK+qAwoA1XFHKMilmih6OaBekP5ieJwJ7mJ2Dhqt9v
         HGyg==
MIME-Version: 1.0
X-Received: by 10.112.186.98 with SMTP id fj2mr1306556lbc.54.1395848085076;
 Wed, 26 Mar 2014 08:34:45 -0700 (PDT)
Received: by 10.112.181.38 with HTTP; Wed, 26 Mar 2014 08:34:44 -0700 (PDT)
In-Reply-To: 
 <CAA8BW8H+ZxQG65+o_M39yMELz=1PrJqMcgockF6RRU863-N3LA@mail.gmail.com>
References: 
 <CAA8BW8EqZrLxYV0riUrXd+WMoMmt-GnWq6ngYRQUKVpA-5+w+Q@mail.gmail.com>
	<CAH9eYVrM7pt7Qs7NDLw2rDyCd8STwweNta66kiEYiyfd_uVdRQ@mail.gmail.com>
	<CAA8BW8H+ZxQG65+o_M39yMELz=1PrJqMcgockF6RRU863-N3LA@mail.gmail.com>
Date: Wed, 26 Mar 2014 11:34:44 -0400
Message-ID: 
 <CAH9eYVq=gqDT5v_m3as_SsbAJOXSTGj1-BN8ECGZf1At0w+6+w@mail.gmail.com>
Subject: Re: Single and last login wins feature
From: Brian Demers <brian.demers@gmail.com>
To: "user@shiro.apache.org" <user@shiro.apache.org>
Content-Type: multipart/alternative; boundary=001a113619424580ab04f584354f
X-Virus-Checked: Checked by ClamAV on apache.org

--001a113619424580ab04f584354f
Content-Type: text/plain; charset=ISO-8859-1

Not that i'm aware of.  I have run into a similar situation after
introducing bugs into an apps session storage (my fault), so i'm guessing
it in't far off.



On Wed, Mar 26, 2014 at 10:01 AM, David Hoffer <dhoffer6@gmail.com> wrote:

> Yeah actually I was thinking that the message would be displayed at the
> new login (that the old sessions will be invalidated) then if they should
> go back to those old sessions they just get a normal session expired
> message.  So if that's how it works...that should be fine.  Is this use
> case considered a standard feature of Shiro?
>
> -Dave
>
>
> On Mon, Mar 24, 2014 at 9:42 PM, Brian Demers <brian.demers@gmail.com>wrote:
>
>> Take a look at the SessionManager class
>> As far as displaying a message to the user about the old session, that
>> could get a little tricky.  You would need to store old sessions around,
>> and treat them different then an invalid session id.
>>
>> You may want to display a message on login, that other sessions from this
>> user are invalidated.
>>
>>
>>
>> On Sun, Mar 23, 2014 at 9:34 AM, David Hoffer <dhoffer6@gmail.com> wrote:
>>
>>> Does Shiro support a mechanism where I can limit the number of logins
>>> per user to 1 and the last login wins?  (Other sessions would be
>>> invalidated and message displayed if they tried to use old sessions.)
>>>
>>> Thanks,
>>> -Dave
>>>
>>
>>
>

--001a113619424580ab04f584354f
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Not that i&#39;m aware of. =A0I have run into a similar si=
tuation after introducing bugs into an apps session storage (my fault), so =
i&#39;m guessing it in&#39;t far off.<div><br></div></div><div class=3D"gma=
il_extra">
<br><br><div class=3D"gmail_quote">On Wed, Mar 26, 2014 at 10:01 AM, David =
Hoffer <span dir=3D"ltr">&lt;<a href=3D"mailto:dhoffer6@gmail.com" target=
=3D"_blank">dhoffer6@gmail.com</a>&gt;</span> wrote:<br><blockquote class=
=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padd=
ing-left:1ex">
<div dir=3D"ltr">Yeah actually I was thinking that the message would be dis=
played at the new login (that the old sessions will be invalidated) then if=
 they should go back to those old sessions they just get a normal session e=
xpired message. =A0So if that&#39;s how it works...that should be fine. =A0=
Is this use case considered a standard feature of Shiro?<div>

<br></div><div>-Dave</div></div><div class=3D"HOEnZb"><div class=3D"h5"><di=
v class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">On Mon, Mar 24, =
2014 at 9:42 PM, Brian Demers <span dir=3D"ltr">&lt;<a href=3D"mailto:brian=
.demers@gmail.com" target=3D"_blank">brian.demers@gmail.com</a>&gt;</span> =
wrote:<br>

<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div dir=3D"ltr">Take a look at the SessionM=
anager class<div>As far as displaying a message to the user about the old s=
ession, that could get a little tricky. =A0You would need to store old sess=
ions around, and treat them different then an invalid session id.</div>


<div><br></div><div>You may want to display a message on login, that other =
sessions from this user are invalidated.</div><div><br></div></div><div><di=
v><div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">
On Sun, Mar 23, 2014 at 9:34 AM, David Hoffer <span dir=3D"ltr">&lt;<a href=
=3D"mailto:dhoffer6@gmail.com" target=3D"_blank">dhoffer6@gmail.com</a>&gt;=
</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div dir=3D"ltr">Does Shiro support a mechan=
ism where I can limit the number of logins per user to 1 and the last login=
 wins? =A0(Other sessions would be invalidated and message displayed if the=
y tried to use old sessions.)<div>



<br></div><div>Thanks,</div><div>-Dave</div></div>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div>
</div></div></blockquote></div><br></div>

--001a113619424580ab04f584354f--