nor, still now I don't use an "offical" authentication-method which is protected by a login-config-tag. my login-method just loads a usergroup out of the database which has specific access-rights and associates it with the current user-objects which belongs to one session-object. but this runs without tomcat or the web.xml-file or any offical auth-method.
I'm quite sure that the timeout-problems are independent from my login-method. I have a personal testing-server which has just been used by myself in the last 8 hours and till now the tomcat-manager tells me, that there are 35 sessions running (because the sessions are not killed)... P.S: I'm using a hibernate-connection-pool, could this cause the trouble? --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
