If you are using Captive Portal on the Aruba controller, you can use the "Single Session" option in the Captive Portal authentication profile to stop users with the same username from authenticating twice. If the user is using 802.1x, you can only prevent that with a Radius Server like Clear Pass Policy Manager.
Using Airwave you can track the location of a user/device for the last 24 hours on the map, but track what access point they were on for a year, depending on if you have enough disk space.