Problema com Login

Tudo bom pessoal.

Estou com um problema muito extranho.
Desenvolvemos um sistema WEB (JSF, Hibernate, Spring e Primefaces + Tomcat 6), funciona tudo perfeitamente exeto um pequeno detalhe.
O servidor onde ele esta instalado, precisa ser reiniciado varias vezes, pois ele simplismente pra de funcionar.
A principio achei que fosse o Tomcat, mas mudei para o Jetty e o problema continua.
Fiz o Tunning no banco(PostgreSQL), mas persistiu o problema.

Até que num certo dia notei que o problema poderia ser no login.
Quando faço repetidas vezes login e logout ( +/- 10 vezes), uma rotina comun no sistema, ele simplismente para…fica carregando a pagina web eternamente!
Verifiquei o tomcat e o banco e não derruba nenhum deles!
Uso o spring security 3.0.2.RELEASE, assim ele faz todo o controle, a encriptação da senha e etc.

applicationContext-security.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:security="http://www.springframework.org/schema/security"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:context="http://www.springframework.org/schema/context"
	xsi:schemaLocation="http://www.springframework.org/schema/beans
          	http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
          	http://www.springframework.org/schema/security
          	http://www.springframework.org/schema/security/spring-security-3.0.xsd
          	http://www.springframework.org/schema/context
			http://www.springframework.org/schema/context/spring-context-3.0.xsd">
	
	<context:component-scan base-package="br.com.athus.servicos" />
	
	<security:global-method-security secured-annotations="enabled" />
	
	<security:http>
		<security:intercept-url pattern="/primefaces_resource/**"
			access="IS_AUTHENTICATED_ANONYMOUSLY" filters="none" />
			
		<security:intercept-url pattern="/javax.faces.resource/**"
			access="IS_AUTHENTICATED_ANONYMOUSLY" filters="none" />

		<security:intercept-url pattern="/css/**"
			access="IS_AUTHENTICATED_ANONYMOUSLY" filters="none" />
			
		<security:intercept-url pattern="/skins/**"
			access="IS_AUTHENTICATED_ANONYMOUSLY" filters="none" />

		<security:intercept-url pattern="/imagens/**"
			access="IS_AUTHENTICATED_ANONYMOUSLY" filters="none" />
			
		<security:intercept-url pattern="/fonts/**"
			access="IS_AUTHENTICATED_ANONYMOUSLY" filters="none" />

		<security:intercept-url pattern="/login.jsf"
			access="IS_AUTHENTICATED_ANONYMOUSLY" filters="none" />

		<security:intercept-url pattern="/erros/**"
			access="IS_AUTHENTICATED_ANONYMOUSLY" filters="none" />
		
		<security:intercept-url pattern="/cadastros/cadastroEmpresa.jsf"
			access="ROLE_ADMINISTRADOR" />
		
		<security:intercept-url pattern="/movimentacao/conferenciaCaixa.jsf"
			access="ROLE_ADMINISTRADOR" />
		
		<security:intercept-url pattern="/movimentacao/conferenciaEntradaMateriais.jsf"
			access="ROLE_ADMINISTRADOR" />
			
		<security:intercept-url pattern="/movimentacao/conferenciaSaidasBrindes.jsf"
			access="ROLE_ADMINISTRADOR" />
			
		<security:intercept-url pattern="/movimentacao/conferenciaParcelasGeradasPeriodo.jsf"
			access="ROLE_ADMINISTRADOR" />
		
		<security:intercept-url pattern="/movimentacao/movimentacao.jsf"
			access="ROLE_ADMINISTRADOR, ROLE_ASSESSOR" />
		
		<security:intercept-url pattern="/movimentacao/emprestimo.jsf"
			access="ROLE_ADMINISTRADOR, ROLE_ASSESSOR" />	
			
		<security:intercept-url pattern="/movimentacao/consultaMovimentos.jsf"
			access="ROLE_ADMINISTRADOR, ROLE_ASSESSOR" />
			
		<security:intercept-url pattern="/cadastros/alterarStatusMatricula.jsf"
			access="ROLE_ADMINISTRADOR" />
					
		<security:intercept-url pattern="/cadastros/desistenciaAluno.jsf"
			access="ROLE_ADMINISTRADOR" />
		
		<security:intercept-url pattern="/cadastros/**"
			access="ROLE_ADMINISTRADOR, ROLE_ASSESSOR" />
		
		<security:intercept-url pattern="/marketing/**"
			access="ROLE_ADMINISTRADOR, ROLE_ASSESSOR" />
		
		<security:intercept-url pattern="/emprestimo/**"
			access="ROLE_ADMINISTRADOR, ROLE_ASSESSOR" />
		
		<security:intercept-url pattern="/pedagogico/cadastroNivelamento.jsf"
			access="ROLE_ADMINISTRADOR, ROLE_ASSESSOR" />	
			
			
		<security:intercept-url pattern="/**" access="ROLE_ASSESSOR, ROLE_PROFESSOR, ROLE_ADMINISTRADOR" />
		
		<security:form-login login-page="/login"
			login-processing-url="/checkdata" default-target-url="/index"
			always-use-default-target="true" authentication-failure-url="/login/error"/>

		<security:access-denied-handler error-page="/permissao/negada" />
			
		<security:session-management>
			<security:concurrency-control max-sessions="1" expired-url="/login/kicked"/>
		</security:session-management>
		
		<security:logout logout-url="/quit"	logout-success-url="/" />
	</security:http>
		
	<security:authentication-manager alias="authManager">
		<security:authentication-provider user-service-ref="userServiceImpl">
			<security:password-encoder hash="sha-256" />
		</security:authentication-provider>
	</security:authentication-manager>
</beans>

Desde já agradeço a todos!