I need to validate the number of sessions that may exist, so that the user can not log in to two places at the same time with the same credentials. Reading the Spring Security documentation and posts, I got the implementation below, but it does not work.
Has anyone ever had a similar problem, or is there any other kind of validation I could do?
http.sessionManagement()
.maximumSessions(1)
.maxSessionsPreventsLogin(true)
.expiredUrl("/entrar")
.sessionRegistry(sessionRegistry());
There is a project that you have done to test the functionality and the entire class can be seen in the link below as all other project settings that were made just for testing.