This week's book giveaway is in the OCMJEA forum. We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line! See this thread for details.
Do you use any kind of Security framework? I know you can set Spring Security to do this in its configuration.
If not then as Chinna said, create a map of users to session IDs. If a user logs in and is already in the map, then invalidate the previous session and add their new one, otherwise add them to the map.