Invalidate another user's session just after admin locks a user

**smolnij** · Dec 10th, 2011, 07:20 AM

Hello,

Could you please help me with my problem?

We are using spring 3 and spring security.
Our problem is that we need invalidate another user's session immediately (or almost immediately) after admin locks a user in admin panel.
User could be logged in at that moment. Then the admin locks the user, and after the user tries to make any activity on server side by clicking some buttons, it will be redirected to login page and have to login again.

Is there something embedded in spring security to do so?
Maybe get somehow a logged users list, then mark particular session as invalid?

**rohan123** · Dec 12th, 2011, 10:31 AM

Spring does not provide it as a out of box but ya it allows you to do same using SessionRegistry.

to get user session you can use SessionRegistry. You may need to write the code to do next invalidation for particular user, may be like remove session stored at server side, so whenever user try to click he/she will redirect to login page/lock msg.

**smolnij** · Dec 13th, 2011, 01:18 PM

Thanks for the answer!
Will dig in that direction.

Thread: Invalidate another user's session just after admin locks a user

Thread Tools

Display

Invalidate another user's session just after admin locks a user

Posting Permissions