hello seam users

i have some strange problems with my user authentication in my seam app.
the authentication is done with the jpa permissionstore, which works like a charme.

because i need a user object of the current logged-in user (to store it on some user interactions) i have my own authentication method which makes the authentication against the permissionstore and outjects a user.

now the big problem is that sometimes if i have to add the user object to another object the wrong user object is sumbitted to the database!

example.
John Doe logs-in: user object equals Johne Doe
Meryl Street logs-in: user object equals Meryl Street

John Doe saves a object (which includes the user object) to the database.
the persisted user is not John Doe as expected but it is Meryl Street.

i tried to reproduce this error, but with no gain!
but If the users work on it in production, it happens all the time...

please, can anybody help me?
thanks daniel

my authenticator:

@Out(required = false, scope=ScopeType.SESSION)
private SystemUser c_systemUser = null;

public boolean authenticate() 
{
    // Make authentication, returning true or false
    String username = credentials.getUsername();
    String password = credentials.getPassword();
    ...    

    authenticated = identityManager.authenticate(username, password);

    voidPassword = identityManager.authenticate(username, "");     
    ...
}

@Observer(Identity.EVENT_LOGIN_SUCCESSFUL)
public void loginSuccessful() 
{     
    // Outjects the user
    c_systemUser = (SystemUser) c_em.createQuery("SELECT u FROM SystemUser u WHERE u.email = :username").setParameter("username", identity.getCredentials().getUsername()).getSingleResult();
    ...
}

my persist method:

@In(create=false, required = true)
private SystemUser c_systemUser;

public void saveLogEntry() 
{
    ...

    c_LogEntry.setCreateSystemUser(c_systemUser);
    c_LogEntry.setCreateDateTime(new Date());               
    ...

    // Save the LogEntry to the database
    c_EM.persist(c_LogEntry);
}