I've got a problem logging out the currently logged on user. I have a javax.servlet.http.HttpSessionListener in my web application, declared as


<listener-class>my.SessionCounter</listener-class>


in web.xml

Inside the sessionDestroyed event handler I call this code:
public void sessionDestroyed(HttpSessionEvent se) {
if (activeSessions > 0)
activeSessions--;

try {
MyServiceLocal iface = BeanLocator.getInstance().getMyService();

if (iface!=null)
iface.logoutCurrentUser( (String)se.getSession().getAttribute("my.current.user") );

} catch (Exception ex) {
System.out.println("XTYPHSE PALI TO MPOYRDELO! " + ex.getClass().getName());

}

}


I have an error "javax.ejb.AccessLocalException" in the line:
MyServiceLocal iface = BeanLocator.getInstance().getMyService();

The error fires when home.create() is called:
public MyServiceLocal getMyService() {
try {
home = (MyServiceLocalHome) ctx.lookup("my.jndiName");

//home is ok here, but calling create() will throw an AccessLocalException
return home.create();
} catch (...) {...}
}

The interface for the bean "MyService" is generated with option @ejb.permission view-type="all" unchecked="true"

The security domain is defined ("myApp" in jboss-web.xml and in jboss.xml)

My login-config.xml contains the following:
<application-policy name = "myApp">

<login-module code = "my.login.MyLoginModule" flag = "required">
<module-option name="unauthenticatedIdentity">nobody</module-option>
</login-module>

<!-- Add this line to your login-config.xml to include the ClientLoginModule propogation -->
<login-module code="org.jboss.security.ClientLoginModule" flag="required">
<module-option name="unauthenticatedIdentity">nobody</module-option>
</login-module>

</application-policy>


What is the problem? How can I logout the user (ie mark the user "clean" in the database), ON session destroy?

Any help will be much appreciated