Preventing concurrent access to content studio

Enonic version: 7.3.2
OS: Linux

In general, failure to prevent concurrent logins may permit a potentially compromised account to go unnoticed, as legitimate, and illegitimate usage could occur at the same time.
Remediation would be user accounts within the application should only be permitted to use one session at a time. If the user authenticates again, then any previously valid sessions should be immediately terminated.

Is it possible to configure similar behavior with the Enonic?


The correct way of doing this - and this is something we have discussed and are going to implement in the nearest future - is to notify a user that there has been a login into his/her account from an unknown device/location. But terminating or blocking sessions - no, currently not supported and not planned.

Thanks for the reply