I will give that a shot. I will report back as soon as I implement something. Thanks for the quick answer!
-----Original Message----- From: Jeremy Haile <[EMAIL PROTECTED]> Reply-To: [email protected] To: [email protected] Subject: Re: Invalidating All Active Sessions Date: Wed, 29 Oct 2008 11:07:50 -0400 Currently the SessionManager interface doesn't allow you to invalidate all sessions. One idea for how to handle your situation: 1) The AbstractSessionManager allows you to register a SessionListener. You could register one that monitors which session IDs are currently active. 2) When your nightly job runs, you can then iterate through each session ID and double-check that the session ID is valid by calling isValid(). 3) For valid sessions, you can then call SessionManager.stop() to stop/ invalidate that session. I haven't tried this myself, so let me know if this works or doesn't work for you! Jeremy On Oct 29, 2008, at 10:46 AM, Christopher Kwiatkowski wrote: > I am using the Jsecurity Plugin in a Grails application. > I have a job that runs in the early morning hours and the > requirement is > that no one can be logged into the web application while this job is > running. Otherwise, there could be ConcurrentModification exceptions. > Is there a method in the SessionManager that will timeout or > invalidate > all active Jsecurity sessions thereby logging out all active users in > the system? > I am under a time crunch to get this added to the system for tonight's > release. I apologize if this question has already been answered on > this > mailing list. > Cheers! > - Christopher > > >
