I am using Tomcat 7.0.11 and use Form Authentication (via j_security_check) to authenticate through the Tomcat server. Currently, two users with the same username can log into my application from two different computers and concurrently access the app. Is there a way to prohibit a user from authenticating if a user with the same username has previously authenticated and still has an active session?
Thanks Beau