Take a look at this thread: http://shiro-user.582556.n2.nabble.com/log-out-all-subjects-td7001172.html
On Sun, Jul 10, 2016 at 10:35 AM, Maarten Abbink <[email protected]> wrote: > Hi everyone, > > I was reading the source code of the DefaultWebSecurityManager, > ServletContainerSessionManager and CookieRememberMeManager looking for a > way to expire all existing Sessions and RememberMe cookies for a given > user. The use case would be for a feature like Gmail's "log me out > everywhere" option. > > Does Shiro have such a feature already, or would I have to write my own > SessionManager and RememberMeManager that compare the SessionID/RememberMe > cookie to a revocation list upon every request? > > Thanks in advance for your help >
