Hi everyone, I was reading the source code of the DefaultWebSecurityManager, ServletContainerSessionManager and CookieRememberMeManager looking for a way to expire all existing Sessions and RememberMe cookies for a given user. The use case would be for a feature like Gmail's "log me out everywhere" option.
Does Shiro have such a feature already, or would I have to write my own SessionManager and RememberMeManager that compare the SessionID/RememberMe cookie to a revocation list upon every request? Thanks in advance for your help
