i currently facing a problem. I want to kick out a user A when they are on their session. I tried by cleared user A's session, but this didnt work because my application runs in multiple nodes. My solution now is creating a filter ( which i put position = "LAST") to catch all the requests from user A, and then i can log this user out. But the problem is all invalid requests are going to this filter, this is not good for my service. So i want to find a way to do the same filter after spring check all the valid request. Thank you very much for your help.
Asked
Active
Viewed 73 times
0
-
I tried by cleared user A's session, but this didnt work because my application runs in multiple nodes. Can you elaborate this a little more? How you cleared and how you are managing tokens? – Mohamed Anees A Oct 31 '19 at 08:46
-
If I understand your problem correctly, following question may have solution to your problem. https://stackoverflow.com/questions/11337997/how-to-add-custom-filter-after-user-authorize-in-spring-application – Channa Oct 31 '19 at 09:26
-
@MohamedAneesA i used sessionRegistryImpl to destroy session of a user. See more in here: [link](https://stackoverflow.com/questions/17107703/destroy-a-session-of-another-user-in-spring) – Cuong Le Oct 31 '19 at 10:30
-
@Channa Thank you for your answer. But my filter is already behind authorized filter. The invalid request that i mentioned is 404 request. – Cuong Le Oct 31 '19 at 10:32