We have achieved "Single Sign On" in our application with help of JASIG CAS as a authentication server.
Now we need to have a setup in which only one session/ticket per user can be created in CAS.
If the user tries to log in from other system/browser, CAS shall invalidate the current ticket for the user and logout him/her from previous session/browser.
Finally I found a Solution to the problem my self. Hope it will help others.
Jasig Cas itself uses a in memory map to keep a track of the ticket allotted for the users. I am using a similar approach to achieve the requirement :-
In Order to achieve the functionality, some additional functionalities were added to project. The changes are listed below:-
Implementation of "SingleSesionTicketRegistry" class which maintains the session tickets in a map as a default behavior, but if there is already a ticket for a user in the map, then the registry will invalidate the previous session.
Modification of Cas configuration to use a Mysql Database for authentication where password is MD5 Hashed.
Below are configuration changes which has to be done in project :- 1. src/main/resources/application.properties
#Toggle the feature if Single Session.
#MySQL query to check the authentication.
user.authentication.sql=select password from user where email=? and is_active=1
<!--Comment the default ticket regitry. -->
<!-- <bean id="ticketRegistry" class="org.jasig.cas.ticket.registry.DefaultTicketRegistry" /> -->
<!--Add the custom ticket regitry. -->
<bean id="ticketRegistry" class="com.naval.cas.SingleSesionTicketRegistry"
<!--Add the Following code block -->
<bean id="passwordEncoder"
p:characterEncoding="UTF-8" />
<bean id="primaryAuthenticationHandler"
p:sql="${user.authentication.sql}" />
The Single Session Ticket Registry Class can be found at the github repo below.