Reputation: 1
How to delete a user session by admin forcely
I have a problem where I have to delete the user session forcefully if the admin has changed user's role.
For example: There are two users (A & B) They have logged in two different browsers. (IE & Chrome) Users A is a normal user and user B is a admin user.
User A has logged in to a application and mid of the operation, by the time admin has logged in to the application and have changed the role of the user A
Here I need to be log off user's A session.
I need some ideas on this problem.
Thanks in Advance. Udhayakumar
Upvotes: 0
Views: 68
Answers (1)
Reputation: 573
I think what you need is a HttpSessionListener which stores all the sessions when they are created, you can possibly map them with the userid. When a admin (assuming you can differentiate admin and normal user here) user logs in, he takes the session from the map and call the invalidate() method on that session.
Upvotes: 1
Related Questions
- How to destroy a specific user's session data from an admin panel
- Can I expire all sessions of a user?
- JavaEE - Cannot get rid of session
- Destroy user session stored in database on window close
- How to remove sessions in tomcat jsp?
- How to close a specific session in Java EE
- Destroy a session
- How to destroy the admin session and the user session separately in PHP?
- Destroying specific user session in JSF
- Kill user session