How to implement concurrent session filter in grails to handle multiple login session?

Question

For example: Suppose user "[email protected]" is login from one browser and performing some works. at the same time someone else login with same user "[email protected]" from another browser/machine in that scenario, i want to implement following ways

1. if the first logged-in user is not performing any action(inactive condition) from last 3-4 mins then first user will logged-out and second user will logged-in successfully.

2. If the first logged-in user is performing some task (active condition) then first user should get notification that, someone trying to logged-in from another browser/machine are you agree to allow ? if first user will allow then only second user will able to login(and first user should logout) otherwise not.

Any help is much appreciated.

Answer 1

This is not exact solution to your problem, but definitely it will give you the clue. In your /grails-app/conf/spring/resources.groovy

//To enforce/restrict one session per user Starts
sessionRegistry(SessionRegistryImpl)
concurrentSessionFilter(ConcurrentSessionFilter, sessionRegistry)
registerSessionAuthenticationStrategy(RegisterSessionAuthenticationStrategy, ref('sessionRegistry')) {}
concurrentSessionControlAuthenticationStrategy(ConcurrentSessionControlAuthenticationStrategy, ref('sessionRegistry')) {
    exceptionIfMaximumExceeded = true //False
    maximumSessions = 1
}
sessionFixationProtectionStrategy(SessionFixationProtectionStrategy) {
    migrateSessionAttributes = false//true
    alwaysCreateSession = true//false
}
sessionAuthenticationStrategy(CompositeSessionAuthenticationStrategy, [concurrentSessionControlAuthenticationStrategy, sessionFixationProtectionStrategy, registerSessionAuthenticationStrategy])
//To enforce/restrict one session per user Ends

Source : searchcode.com