Limit Concurrent Logins

Minimum version required

The options described in this document require EZproxy 2.0a GA (2002-08-26) or later, with the exception of EZproxy 3.4a GA (2005-08-02) and EZproxy 3.4b GA (2005-08-03) which contain a bug that prevents this option from working correctly.

Overview

EZproxy can limit the number of times that a single username can be used to log in. When a user logs in more than the specified number of times, the new user session is allowed access, but the oldest user session is locked out from further access. By locking out the oldest session instead of the newest session, EZproxy avoids locking out a user who logs in, closes all browser windows, relaunches, and logs in again.

To impose a concurrent user limit, add a line like this to user.txt/ezproxy.usr:

::Limit=1

It is typical to place such a line at the very top of user.txt/ezproxy.usr, since this line modifies those entries in user.txt/ezproxy.usr that follow.

If a user tries to access EZproxy from a session that has been disabled due to excessive logins, EZproxy sends the file limit.htm from the docs directory to the user. There is no template for this file. See Error Pages for information on special variables that can appear in this file to customize the error sent to the user.

CGI authentication

If you use CGI authentication, your script must provide EZproxy with usernames either through the loguser mechanism or in the user mechanism of a ticket. If your script does not provide a username, EZproxy will see all users as accessing from the same username and will impose the limit across all users.

Example

The following example restricts all users to only a single login:

::Limit=1
::FTP=ftpserv.yourlib.org

If you have a special guest account that you use to provide access to other users, you might include its entry prior to Limit, such as:

guest:secret
::Limit=1
::FTP=ftpserv.yourlib.org

This allows the guest account to be used by any number of users.

You can use 0 to remove the restriction, such as:

guest:secret
::Limit=1
::FTP=ftpserv.yourlib.org
::Limit=5
::IMAP=imapserv.yourlib.org
::Limit=0
::File=extra.usr

In this example, guest and those users that appear in the extra.usr file have unrestricted logins, FTP users of ftpserv.yourlib.org have only a single login, and IMAP users of imapserv.yourlib.org have five logins.