Some code is calling HttpSession.setAttribute and passing a non-serializable attribute as the attribute value. In this case it looks to be a reference to the session itself. Suggest you write an javax.servlet.http.HttpSessionAttributeListener implementation and have it analyze (i.e. try to serialize) values as they are passed into the session. This will help you identify what code is passing in the offending value. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4035730#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...