Setting the maximum concurrent sessions policy

As the administrator, you can apply this policy to a specific user or apply the policy globally to all users registered in this secure domain. See Per user and global settings.

Use the enforce-max-sessions-policy stanza entry in the [session] stanza of the WebSEAL configuration file to control whether or not a specific WebSEAL instance enforces the max-concurrent-web-sessions policy. See Enforcing the maximum concurrent sessions policy.

Command syntax for pdadmin policy (each entered as one line):

policy set max-concurrent-web-sessions {unset|number|displace|unlimited} 
[-user username]

policy get max-concurrent-web-sessions [-user username]

Argument descriptions for pdadmin policy set:

• unset

  Disables the max-concurrent-web-sessions policy. With this setting, the policy contains no value. The effective policy for the user is the same as the unlimited setting.

  The unset setting is the default policy.

  For example (global setting):

  pdadmin> policy set max-concurrent-web-sessions unset

• number

  Specifies the number of concurrent sessions allowed per user. The user is prevented from establishing more sessions beyond this number.

  For example (global setting):

  pdadmin> policy set max-concurrent-web-sessions 2

  A error response page (38b9a41f.html "Additional Login Denied") is returned to the user when a login attempt is made that exceeds this value.

• unlimited

  Allows an unlimited number of concurrent sessions per user.

  For example (global setting):

  pdadmin> policy set max-concurrent-web-sessions unlimited

• displace

  Limits users to one active session at one time by forcing a value of 1 session for max-concurrent-web-sessions policy.

  For example (global setting):

  pdadmin> policy set max-concurrent-web-sessions displace

  The response to additional login attempts is governed by the prompt-for-displacement in the [session] stanza of the WebSEAL configuration file.

  See Interactive displacement and Non-interactive displacement.