Explicitly stops (invalidates) this session and releases all associated resources.
If this session has already been authenticated (i.e. the {@code Subject} thatowns this session has logged-in), calling this method explicitly might have undesired side effects:
It is common for a {@code Subject} implementation to retain authentication state in the{@code Session}. If the session is explicitly stopped by application code by calling this method directly, it could clear out any authentication state that might exist, thereby effectively "unauthenticating" the {@code Subject}.
As such, you might consider {@link org.apache.shiro.subject.Subject#logout logging-out} the 'owning'{@code Subject} instead of manually calling this method, as a log out is expected to stop thecorresponding session automatically, and also allows framework code to execute additional cleanup logic.
@throws InvalidSessionException if this session has stopped or expired prior to calling this method.