Proceed as follows:
1. Obtain the session information of all online users.
2. Obtain the sessionId of the current login person.
3. The settings are the same as the current login account, but the session information with different sessionId times out.
code show as below:
if (!Global.TRUE.equals(Global.getConfig("user.multiAccountLogin"))){ Collection<Session> sessions = getSystemService().getSessionDao().getActiveSessions(); if (sessions.size() > 0){ // If logged in, kick out the online user if (UserUtils.getSubject().isAuthenticated()){ for (Session session : sessions){ String loginName = String.valueOf(session.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY)); String sessionId = principal.getSessionid(); //The same account is not allowed to log in twice if(principal.id.equals(loginName) && !sessionId.equals(session.getId())){ session.setTimeout(0); } } } // Remember that I came in, and the current user is logged in, then exit the current user prompt. else{ UserUtils.getSubject().logout(); throw new AuthenticationException("msg: The account has been logged in elsewhere, please log in again."); } } }