Set the maximum concurrent sessions policy

We can control the number of sessions each user can have at one time in a distributed session environment managed by the distributed session cache. The pdadmin policy set max-concurrent-web-sessions command specifies this maximum number of concurrent sessions.

As the administrator, we can apply this policy to a specific user or apply the policy globally to all users registered in this secure domain. See Per user and global settings.

Use the enforce-max-sessions-policy stanza entry in the [session] stanza of the WebSEAL configuration file to control whether or not a specific WebSEAL instance enforces the max-concurrent-web-sessions policy. See Enforcing the maximum concurrent sessions policy.

Command syntax for pdadmin policy:

Argument descriptions for pdadmin policy set:

For example (global setting):

A error response page (38b9a41f.html "Additional Login Denied") is returned to the user when a login attempt is made that exceeds this value.

  • unlimited

    Allows an unlimited number of concurrent sessions per user.

    For example (global setting):

      pdadmin> policy set max-concurrent-web-sessions unlimited

  • displace

    Limits users to one active session at one time by forcing a value of 1 session for max-concurrent-web-sessions policy.

    For example (global setting):

      pdadmin> policy set max-concurrent-web-sessions displace

    The response to additional login attempts is governed by the prompt-for-displacement in the [session] stanza of the WebSEAL configuration file.

    See Interactive displacement and Non-interactive displacement.

    Parent topic: Maximum concurrent sessions policy