1

I want to prevent the user from logging into different accounts from the same browser

Example, if the user is logged into account A then opens a new tab and logs into account B, then I want to log account A out

Is this possible using spring 2?

EDIT: correction: "then I want to log account A out"

124697
  • 22,097
  • 68
  • 188
  • 315
  • 1
    Usually session management is done using cookies. Cookies are managed browser-wide (unless you're using private tabs), so you're automatically logged in when going to the same website in Tab B. The server usually cannot tell tabs apart, which means: to your application, both tabs are the same user and session. – f1sh Aug 09 '17 at 13:29
  • From experience, i find that when limiting users based on browser/IP, if there is a benefit to dual logging, people will find a way to do so. I have found it is better to explicitly warn against it, and when they do it on the same browser it is easy to identify those that broke the rule. Just an off-topic opinion.. – Jason V Aug 09 '17 at 13:30
  • @f1sh What if I pass something from the browser like a browser session ID or browser ID? – 124697 Aug 09 '17 at 14:11
  • @code511788465541441 how are these IDs different when you use different tabs in the same browser? – f1sh Aug 09 '17 at 14:20

0 Answers0