I have a federated spring authorisation server which uses social login. To restrict the number user login sessions, enabled the spring security session management but it didn’t worked out for me. I would like to implement following:
When user logout, terminate the user session and ask him to login through social login again.
If user already logged in, trying to login from another device or browser, we should terminate the old session (spring security session management had this)
Issue is even though I’m enabled the session management, it is still allowing multiple login sessions across devices/browsers.
ref:- https://stackoverflow.com/questions/76470726/how-to-implement-session-management-in-spring-authorization-server/77956976#77956976
Comment From: sjohnr
@maradanasai, thanks for reaching out!
It appears that this is a copy of a question from Stack Overflow. We prefer to use GitHub issues only for bugs and enhancements. It is not necessary to cross-post questions from stack overflow, and additionally I have already answered your question.
Having said that, I notice that the title of the issue indicates you may be intending to report the issue discussed in my answer. If so, would you please update this issue to contain relevant details about the problem and not simply a copy of the stack overflow question? If you aren't able to, let me know and I can open a new issue with those details.
Comment From: spring-projects-issues
If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed.
Comment From: spring-projects-issues
Closing due to lack of requested feedback. If you would like us to look at this issue, please provide the requested information and we will re-open the issue.