anonymous wrote : | Controls HttpSession invalidation in any servlet or JSF environment. Since Seam keeps internal state in the HttpSession, is is illegal to call HttpSession.invalidate() while Seam contexts are active. Applications using Seam security should call Identity.logout() instead of calling this component directly. | Seems like you should try Identity.logout(). best, Dustin View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4091611#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...