Good morning subscribers! We've deployed CAS successfully to authenticate in multiple services and it really performs really well. We have a new requirement to limit the user sessions to only one, this means, a user can only log once and multiple sessions are not allowed. This requirement is to prevent account sharing......
This works partially using this property: cas.authn.policy.unique-principal.enabled=true It prevents multiple sessions when login to CAS directly, https://mydomain.cas.server/cas/login, however, does not work when login into a service https://mydomain.cas.server/cas/login?service=https%3A%2F%2Fmydomain.service, when users login into any service allows multiple sessions. I suspect that the service definition should also contain the authentication policy, am I right? Can I have an example of the JSON snippet? According to the documentation, I should assign a name: cas.authn.policy.unique-principal.name=PreventMultipleSessions And use the policy in the service definition, but does not work: "authenticationPolicy" : { "@class" : "org.apereo.cas.services.DefaultRegisteredServiceAuthenticationPolicy", "requiredAuthenticationHandlers" : ["java.util.TreeSet", [ "PreventMultipleSessions" ]], "excludedAuthenticationHandlers" : ["java.util.TreeSet", [ ]] } Thank you so much for any help! -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/25adba6f-b851-441b-9ef3-6132ee1526can%40apereo.org.
