Hi All,

I have encountered a problem with concurrent session and remember me.

I limit the maximumSessions to be 1. And it works WELL as follows:
1. Login from one browser (A) with remember-me enabled
2. Login from another browser (B) using the same account, with remember-me enabled
3. Make some secure request from browser A and I will get the session expired message and get logged out.

But it doesn't work when:
1. Login from one browser (A) with remember-me enabled
2. Login from another browser (B) using the same account, with remember-me enabled
3. Close/reopen browser A (or manually remove JSESSIONID), load the login page from browser A, and get automatically log in because remember-me cookie
4. Make some secure request from browser B and it STILL WORKS!
5. Make some secure request from browser A and it STILL WORKS! Now I can access the two browsers simultaneously without any problem. Concurrent session control seems not working any more!!

Does anyone know why concurrent session control doesn't work when remember-me is used to login?

Thanks,
q09876