By default, an Identity Manager user can have concurrent login sessions. You can limit concurrent sessions, however, to one per login application by opening the system configuration object for modification (Editing Identity Manager Configuration Objects) and editing the value of the security.authn.singleLoginSessionPerApp configuration attribute. This attribute is an object that contains one attribute for each login application name (for example, the Administrator Interface, User Interface, or Identity Manager IDE). Changing the value of this attribute to true enforces a single login session for each user.
If enforced, then a user can log in to more than one session; however, only the last logged-in session remains active and valid. If the user performs an action on an invalid session, then he is automatically forced off the session and the session terminates.