"bstansberry(a)jboss.com" wrote : | Can you perhaps add a valve or something to trap and record the session id associated with any request that throws an exception? And then correlate that to your sessions that aren't expiring. If they match, the above may be the culprit. I did write a web filter: | public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { | HttpServletRequest request = (HttpServletRequest) servletRequest; | HttpServletResponse response = (HttpServletResponse) servletResponse; | try { | filterChain.doFilter(request, response); | } catch (IOException e) { | logThrowable(request, response, e); | throw e; | } catch (ServletException e) { | logThrowable(request, response, e); | throw e; | } catch (RuntimeException e) { | logThrowable(request, response, e); | throw e; | } catch (Error e) { | logThrowable(request, response, e); | throw e; | } | } | Some of the non-expired sessions stem from 'caught' exception, but not all of them. ;-( View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3970695#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...