"2) If the user goes through a different filter, that filter needs to be modified as well." Instead of modifying each filter you could just put your own small isUserAccountLocked filter before all the other filters in shiro.ini: /** = ssl[8181], accountLocked, authc That way a locked account would be automatically logged out before authc checks access. But the polling would still be needed which I agree is ugly.
-- View this message in context: http://shiro-user.582556.n2.nabble.com/Forced-Logout-on-User-ID-Locked-tp7579189p7579219.html Sent from the Shiro User mailing list archive at Nabble.com.
