If all u want to do is to give a "can log out anyone" permission to administrator, then here is what u can do ...
1. create a temp table with userId, jsessionid,usertype(admin or normal)
2. whenever anyone logs in then populate temp table with above info.
3. allow the admin to view whoever is logged on, by showing a list of users in the temp table.
4. allow him to delete any record from this temp table
5. for every agent user, before entering any page, check if the session is available in the temp table. If jsessionid is not available, then log him out.