In your HttpSessionListener, you have a sessionDestroyed() which in turn calls
cleanUp(int id). In the cleaUp() call is made to ejb with an expired Principal . What
happens is that when HttpSession times out, the Principal is cleared from Http session
cache by jboss. So at that moment any calls to ejb's is made with an empty Principal
resulting in the exception.
Can you use the Principal from the request instead ? request.getPrincipal() should geive
you the Principal from HttpRequest. Check if it null & then do what you want instead.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4121832#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...