When running a Policy Server, how to limit sessions amount per user at
time ?
At first glance, the following KD reflects similar needs, but for a
day period (1).
The Global Delievery Modules list proposes 2 possible solutions for
this sake. The first is to limit the amount of time a user can be
logged in at a given time as per the KD above (2). The second one allows
you to manage on the fly the several Sessions a given user might have
at a given time (3).
You'll find those modules for download here (4). Documentation is
included in the packages.
(1)
Policy Server : how to limit user authorized sessions amount by day
[...] Policy Server doesn't provide that feature. There's a
Global Delievery module available, which get a little closer to
that needs, but there's no mention in it to restrict the amount
of login by day (1)(2).
https://knowledge.broadcom.com/external/article?articleId=207857
(2)
Limit Concurrent Login for CA Single Sign-On
The original (a/k/a LCL) allowed only one active session per
account. The most recent account to have logged-in
(authenticated) was allowed to continue to access the site and
all older sessions were barred from accessing the site.
[...]
Many (f/k/a SiteMinder) customers have requested the ability to
limit the number of times that a single user can be "logged
into" the system. This is a nebulous concept, given the
definitions of "logged in" and "logged out", when you consider
the nature of Web sessions.
(3)
User Session Monitor for CA Single Sign-On
For administrators, it gives the capability to view users'
current active sessions from different Internet IPs and also
gives the capability of remotely terminating the session if
administrator wants to do so for a selected IP address or for a
selected user DN.
(4)
CA Single Sign-On
Limit Concurrent Login for CA Single Sign-On
User Session Monitor for CA Single Sign-On
https://support.broadcom.com/external/content/release-announcements/CA-Global-Delivery-Packaged-Work-Product-Download-Index/4800#SSO