concurrent session with websphere problem
i have a problem using spring security 3.0.5 with websphere 220.127.116.11 specifically about concurrent session.
in my application i need to restrict a second user to login into our application using an already logged in username.
this is my session management security configuration
<sec:concurrency-control max-sessions="1" expired-url="/loginWindow.zul" error-if-maximum-exceeded="true"/>
as you can see i'm using the default classes for session management.
and i have HttpSessionEventPublisher in my web.xml.
the problem is, when a user logs in using a username, then session timeout occur, sometimes that user cannot log back in.
it seems the session id is still registered in the SessionRegistry.
i've tried this configuration using tomcat and it works just fine.
any idea why is this happening?
any help would be very appreciated.
thank you in advance.