hello everyone! i have a problem with session timeouts. i'm using jboss 4.0.4GA, seam 1.0.0GA and myfaces libs 1.1.3 and JAAS for URL based security. i have some SFSBs which have an idle timeout that is longer than the http session. i used the @CacheConfig annotation because there were problems when the SFSBs timed out before the session timed out. now when the session is over and the user clicks on a link or button on a page the jaas login screen appears. but when he logs in again he is not directed to the main menu but to the page he requested before. all the data of the expired session is still present and even when another login is used the data is still there. this happens only if there's a logout because of idle time, when the logout link is used (which triggers the seam.invalidateSession() method) everything's fine. it seems that the session scoped components don't die with the session, don't they depend directly on the http session? how could i manage that? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3962181#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...