Most of what you implemented sounds much more advanced than anything I can produce right now, I've only been working with JSF & J2EE for a few months and haven't had time to look into design principles or whatever. Everything here is very rushed. I wanted a week to do memory profiling and to fix some things up before I expanded on the application, but I was told there was no time
The flaw you fnd with the basic idea is something I specifically want. This is a business setting dealing with important data and I don't want people to use eachother's accounts - yes, I am talking about a second person logging in from another terminal at the same time. They are not supposed to be shared, our clients should ask us for another account if they want someone else to be able to use the system at the same time. It might sound like an odd way of dealing with the issue, but it also solves the problem of getting rid of sessions for the same account where people have just closed their browser without logging out, then open another browser 5 mins later and try to log in again.
So... I 'm pretty much set on this idea but I need to know, will I really run into problems with storing the HttpSessions, considering that I won't be clustering?