How to remove a "unknown user"-session
If I logout a user from it's session (session.logoutUser()), (session.logoutSessionUser()), the session is still existing with an "unknown user".
ISecurityManager secMgr = SecurityManager.getSecurityManager();
for (ISession ssn : secMgr.getSessions()) {
if (ssn.getSessionUserName().equalsIgnoreCase("xyz")) {
ssn.logoutSessionUser();
}
}
The session disappears only after a timeout (that might be the timeout defined in the tomcat configuration)
However: Is there a way to close/kill a session immediately after logging out a user?