Hi, Doesn't that only remove the remember-me cookie for a user if they're making a request. I want to be able to administratively revoke all outstanding remember me cookies for a given user, so that they are forced to re-authenticate again.
Thanks, Chris On Wed, Aug 28, 2013 at 4:57 PM, [email protected] <[email protected]>wrote: > Hi, Christopher. > > I believe you can just call forgetIdentity(SubjectContext subjectContext), > defined in the org.apache.shiro.web.mgt.CookieRememberMeManager class. You > can get the rememberMe manager class from the securityManager. Something > like this: > > > Hope that helps. > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/How-to-force-a-remembered-user-to-be-forgotten-tp7579089p7579091.html > Sent from the Shiro User mailing list archive at Nabble.com. >
