I am a new user to Spring Security.
Problem : I have a user being created in a company(Company A), and there can be several users in a company(Company A) (Let us assume).
And all the users of the company(Company A) log in to the application with "ROLE_USER" privilege with spring security 3.0 (Database authorization).
When a user(Mr.X) is logged in and accessing a page and at the same time i remove the company (Company A) (from admin login) to which the user(Mr.x) had logged in . At this moment i delete all the users in Company A and there authorities from the DB.
Now i wonder how spring still allows the person who has already logged in to access the other pages.
can any one explain this ? and is there any solution to get out to login page for Mr.x ?