My query is that if a user is login in pc and without logout he/shee will login in another system or another state/country that time. Then how it is possible to session invalidate from first system for the same user id. (Means I am login in a software then at that exact time I want to login in the different system but also want that my first user session should be logout automatically, how it will possible)
How it is possible Please make me right in this concept.
I cant provide you the exact code but you can keep the username,IP in the map which will be available in application and will be common for whole application .Once user logged in you need to add values in to the map and remove the entry from the map once the user is logged out.
As far as multiple login is concern if the user try to login from different system at the same time you can check the value into the map and based on that you can invalidate the session by calling the session listener.