This question has been answered.
This question has not been answered yet.
I noticed that when running scans on a web application deployed on WebSphere Application Server v188.8.131.52 that there are a lot of session expirations. Is this normal during a scan?
This appears to happen whether I use Recorded Login method with in-session detection or Automatic Login without in-session detection.
Using Rational AppScan Standard V184.108.40.206
Here is an example extract from the log file.
2/21/12 18:33:51:728 UTC 0000001f SessionListen I IYB02105I: Session listener detected session destruction. 2/21/12 18:33:51:731 UTC 0000001f SessionListen I IYB01020I: The session timed out for userid xxxxxxxx due to inactivity 2/21/12 18:33:52:532 UTC 0000001f SessionListen I sessionDestroyed() Freeing locks held by userid xxxxxxxx due to session expiration. 2/21/12 18:33:52:541 UTC 0000001f SessionListen I IZQ03000I: Finalizing pending items for userid xxxxxxxx due to session expiration. 2/21/12 18:33:52:565 UTC 0000001f SessionListen I IZQ03001I: Freeing locks held by userid xxxxxxxx due to session expiration.