Hi, we had intermittent problem with acegi that logout doesnt seem to work and the session timeout doesnt kick in to expire/invalidate the session.
We use acegi 1.0.7 with spring 2.5.5 and we hosted the application on weblogic. We have set the application to not allowing concurrent logins with the follow setting


Code:
  	<bean id="singleSession" class="org.acegisecurity.concurrent.ConcurrentSessionControllerImpl">
    	<property name="maximumSessions" value="1"/>
    	<property name="exceptionIfMaximumExceeded" value="true"/>
    	<property name="sessionRegistry" ref="sessionRegistry"/>
  	</bean>

    <bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter">
        <!-- URL redirected to after logout -->
        <constructor-arg value="/" />
        <constructor-arg>
            <list>
                <bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler" />
            </list>
        </constructor-arg>
        <property name="filterProcessesUrl" value="/logout.htm" />
    </bean>
and a timeout of 30 mins

Code:
<session-config>
<session-timeout>30</session-timeout>
</session-config>
Has anyone experience this before? Thanks