Is it possible to invalidate a spring security session?

Question

I\'m using Tomcat 6.0.32, Spring Security 3.0.5

In my web app some users have the ability to change other users privileges. When this happens I would like to invali

Answer 1

I believe this is what you need - get a list of logged in users and invalidate the sessions of those you don't need.

http://static.springsource.org/spring-security/site/docs/3.1.x/reference/session-mgmt.html#list-authenticated-principals