I am working on a site where the user reports that two users cannot concurrently login across sessions/browsers. A user logs in on one PC (original session), walks over to another and repeats login; original session is silently dropped and another click from it will throw Access Denied on a protected page.

Is there anything in PL that would either be intentionally enforcing or unintentionally causing this behavior?

Thanks
-Bronius

Comments

gapple’s picture

gapple
he/they
Primary language English
CreditAttribution: gapple as a volunteer commented
Issue summary: View changes
Status: Active » Closed (works as designed)

Persistent login has no such limitations.

Only the number of browsers that are able to use persistent tokens is limited, but this does not affect a user being able to login on multiple systems simultaneously, or affect already authenticated sessions.