Hi I need to do is to be able to clean up sessions users have left logged on or (when they don't explicitly log off and close their browser etc.) Our session timeout is 30 minutes so they can take a while. I also need this for security reasons when a user has been removed from the system. I want to provide a list of open sessions and have the capability to grab a user, find his (or her) HttpSession and invalidate it on demand. If I can create an identity object for a given user on the fly and force logout on it that would work as well but the only way I am aware of is when seam injects an identity object for the current logged on user. I could probably keep my own map of sessions on login but was hoping their might be some functionality within seam.