[keycloak-user] Is there any way to allow only session per account?
Marek Posolda
mposolda at redhat.com
Thu Feb 25 02:16:42 EST 2016
On 25/02/16 02:54, Mai Zi wrote:
> Suppose we have an angular-js client which is controlled by keycloak server.
> Is there any way to kick the first user off if the second user logins in with the same account ?
For the usecase "kick the first user off" you can create either
EventListener (will listen for login events and once user logins, it
will destroy the first userSession) or custom Authenticator (which will
be last authenticator in the executions chain and will again destroy the
first userSession once the second authenticates)
> or if the first has login-ed then the second can not be allowed in again?
This usecase is possible also with the Authenticator (authenticator
won't allow login of user "john" if there is existing userSession for
this user).
In shortcut both usecases are possible. See documentation and see
examples in "provider" folder for how to create custom Authenticator or
EventListener - we have examples for both.
Marek
>
> In short, is it possible to only allow one session per account ?
>
>
> Thanks
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list