Limit Concurrent Logins


EZproxy can limit the number of times that a single username can be used to log in. When a user logs in more than the specified number of times, the new user session is allowed access, but the oldest user session is locked out from further access. By locking out the oldest session instead of the newest session, EZproxy avoids locking out a user who logs in, closes all browser windows, relaunches, and logs in again.

To impose a concurrent user limit, add a line like this to user.txt:


It is typical to place such a line at the very top of user.txt, since this line modifies those entries in user.txt that follow.

If a user tries to access EZproxy from a session that has been disabled due to excessive logins, EZproxy sends the file limit.htm from the docs directory to the user. There is no template for this file. See Error Pages for information on special variables that can appear in this file to customize the error sent to the user.

CGI authentication

If you use CGI authentication, your script must provide EZproxy with usernames either through the loguser mechanism or in the user mechanism of a ticket. If your script does not provide a username, EZproxy will see all users as accessing from the same username and will impose the limit across all users.


The following example restricts all users to only a single login:


If you have a special guest account that you use to provide access to other users, you might include its entry prior to Limit, such as:


This allows the guest account to be used by any number of users.

You can use 0 to remove the restriction, such as:


In this example, guest and those users that appear in the extra.usr file have unrestricted logins, FTP users of have only a single login, and IMAP users of have five logins.