[keycloak-user] Is there any way to allow only session per account?

Marek Posolda mposolda at redhat.com
Thu Feb 25 02:16:42 EST 2016


On 25/02/16 02:54, Mai Zi wrote:
> Suppose we have an angular-js  client which is controlled by keycloak server.
> Is there any way to kick the first user off  if the second user logins in with the same  account ?
For the usecase "kick the first user off" you can create either 
EventListener (will listen for login events and once user logins, it 
will destroy the first userSession) or custom Authenticator (which will 
be last authenticator in the executions chain and will again destroy the 
first userSession once the second authenticates)
> or if the first has login-ed  then the second can not be allowed in again?
This usecase is possible also with the Authenticator (authenticator 
won't allow login of user "john" if there is existing userSession for 
this user).

In shortcut both usecases are possible. See documentation and see 
examples in "provider" folder for how to create custom Authenticator or 
EventListener - we have examples for both.

Marek
>
> In short, is it possible to only allow one session per account ?
>
>
> Thanks
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user



More information about the keycloak-user mailing list