Hi,

Is there a way to prevent or disable multiple logins with same user?

Thanks

Hey Eugene,

I've moved your post to a category that is more appropriate to your question. That way you'll have more chances of getting answers.

Regarding your question, I think there is a property that controls that in portal.properties.

Hi,

Jorge is right. There is "auth.simultaneous.logins=true" . Set it to false and you're done.

kind regards
Tobias

Hi,

Thanks guys, but I look at portal.properties and i can't find the "auth.simultaneous.logins=true".

By the way i'm using Liferay 5.1.1 bundled with glassfish. :-)

Thanks,

We are facing problem.

In LifeRay 5.1.2 source i found that "auth.simultaneous.logins" key is OBSOLETE in com.liferay.portal.util.PropsUtil.VerifyProperties class.

private static final String[] _OBSOLETE_PORTAL_KEYS = new String[] {
"auth.simultaneous.logins"
};

Is there any other solution for that.

Any suggestions will be appreciated.

Hi Maulin,

You're right, I hadn't noticed it but that property has been removed recently. I've done some research and found that it might be related to http://support.liferay.com/browse/LEP-5239, although I can't tell for sure since the connection of JIRA and subversion is not working properly right now.

I would recommend you to do some further research on the LEP tickets and commits to find out what was the reason.

Thanks Jorge.
We will write our own logic in following class to prevent multiple logins with same user.
login.events.post=com.liferay.portal.events.LoginPostAction,com.asite.liferay.portal.events.AsiteDefaultLandingPageAction

hye, anyone have solution for this? cos i really need this to be added to my portal so that the same user cannot login at multiple terminal at a time. im using 5.1.1

Hi Mo,

As I mentioned in earlier comment, you need to write you own logic to handle this. What you can do is create one class which implements logic to disable multiple logic with same user. Add your class to following property of portal-ext.properties file

login.events.post=com.liferay.portal.events.LoginPostAction,com.asite.liferay.portal.events.DefaultLandingPageAction,yourclass

So after login, portal will execute your code.

Hi Maulin,

I had this same problem and came upon this thread. This was a feature i was using in previous versions until i migrated my portal site. Unfortunately i just realised this after a few months and i can not go back to the old version of liferay.

Can you please explain better, possibly with code snippets on how to implement your suggestion i.e custom logic to disable multiple user login? Any tips, or code sample would be most appreciated.

I wonder why this was made obsolete. This is a security feature that i think would be most welcome in any organisational setup, for which i assume liferay is targeted. Does anyone know if this feature will be re-enabled in 5.2?

Thanks.

Hii friends am also fasing same problem ... plz help me with some sample code

Just for the records, this problem has now been resolved by LPS-21168

Following the LPS-21168 I understand that this is solved for Liferay 6.1 CE (I assume GA) and not for 6.0.6, is this correct?

Hi,

I am working on liferay 6.1.1.
Task: I need to restrict simultaneous login for sibgle user in different terminal

Solution suggested:
portal-ext.properties
auth.simultaneous.logins=false
live.users.enabled=true

Still it is not working. Can anyone please help

Hello,

I had to implement this myself in 6.0.6 . I suppose the same could be achieved in 6.1, though I haven't tried it yet.

I created a hook to provide this functionality.

The hook targeted the login.events.post property in portal.properties

I created an implementation of com.liferay.portal.kernel.events.Action (i.e. I extended it). I assigned this new class to the aforementioned property. The idea is that I have a post login event that will do the job after a user logins. If the user that has just logged in is found to be already logged in, then I should implement the desired behavior.

Now assuming that the desired behavior is to log out the user that is already logged in, or in more precise words, invalidate the session with which the same user has already been logged in, I must find a way to fetch its session.

Since I didn't know of anything already implemented (like a Liferay util that might provided that), and for a good reason if u ask me, I had to do all this session management myself. i.e, be responsible to 'store' the session when a user logs in. Then I could do whatever I wanted with it if it was needed, and in this case (simultaneous logins) it is.

In order to manage the sessions I made use of the HttpSessionBindingListener interface. It provides methods for manipulating the session at creation and destruction. I used mappings to keep such info as servlet context attributes.

The only pitfall here is that this implementation is based on Servlet Context storage thus it is effective as long as sessions are not persisted between server restarts. This is something you can control though. Depending on your app server, you can define whether you want sessions to be persisted between server restarts. For example in tomcat, at tomcat-xxx/conf/context.xml there's a configuration in comments which saysI hope I helped

i don't know why above properties are not working on liferay 6.1.1

Neither do I.
Did you try what I suggested?

I haven
t tried hook functionality.. suggested by you. [will try soon]
But was dependent on following property file change. as they are provided in liferay 6.1.1

portal-ext.properties
auth.simultaneous.logins=false
live.users.enabled=true