I am using spring-security 3.1.0, and after turning on concurrent-control, I try to log in with a good user and get

Code:
[5/29/12 16:19:56:880 PDT] 00000265 webapp        E com.ibm.ws.webcontainer.webapp.WebApp logError SRVE0293E: [Servlet Error]-[null]: java.lang.NullPointerException
	at org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.hashCode(LdapUserDetailsImpl.java:122)
	at java.util.concurrent.ConcurrentHashMap.get(ConcurrentHashMap.java:779)
	at org.springframework.security.core.session.SessionRegistryImpl.getAllSessions(SessionRegistryImpl.java:58)
	at org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy.checkAuthenticationAllowed(ConcurrentSessionControlStrategy.java:70)
	at org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy.onAuthentication(ConcurrentSessionControlStrategy.java:60)
	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:125)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
	at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:188)
	at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:116)
	at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:77)
	at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:908)
	at com.ibm.ws.webcontainer.filter.WebAppFilterManager.invokeFilters(WebAppFilterManager.java:997)
	at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.invokeFilters(DefaultExtensionProcessor.java:1043)
	at com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.handleRequest(DefaultExtensionProcessor.java:963)
	at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3933)
	at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:276)
	at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:931)
	at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1583)
	at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:186)
	at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:452)
	at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:511)
	at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:305)
	at com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:83)
	at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
	at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
	at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
	at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138)
	at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204)
	at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:816)
	at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905)
	at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1604)
This is my spring-security.xml file:

Code:
    <http auto-config="true">
        <intercept-url pattern="/html/user/*" access="ROLE_QUICKOhio-IVDUser"/>
		<form-login login-page="/html/login.jsp" 
					authentication-failure-url="/html/login.jsp"
		            authentication-success-handler-ref="myAuthenticationSuccessHandler"
		            />
		<access-denied-handler ref="myAccessDeniedHandler"/>
		<logout logout-success-url="/html/login.jsp?LogOff=true" invalidate-session="true" delete-cookies="JSESSIONID"/>
		<session-management>
        	<concurrency-control max-sessions="1" error-if-maximum-exceeded="true" />
    	</session-management>
    </http>
I'm using LDAP for authentication and again if I remove the session-management section then the error goes away. I also get a nullpointerexception if I try to use a custom authentication-failure-handler-ref

Here is my resource XML file in case you need it:

Code:
	<bean id="myAuthenticationSuccessHandler" class="com.jfs.handlers.AuthenticationSuccessHandler"/>		
	<bean id="myAccessDeniedHandler" class="com.jfs.handlers.MyAccessDeniedHandler"/>
I'm hoping someone knows what I'm doing wrong. Incidentally, I'm using WAS 7 and for some reason I can't get it to log any of the spring security messages. If someone know how to activate that as well I would be appreciative (I tried adding the logger listener to web.xml and the spring-security.xml)