Caching of managed beans in WebInjectionContainer can cause memory leaks in distributed JSF applications following session timeout

Distributed web session ownership changes as a consequence of scaling up (or down) can result in session timouts, and their correspond events being triggered on a different member than the once that last handled requests for that session.  Consequently, it is never safe for the server (nor application) to cache session scoped objects separately from references within the HttpSession itself.

org.jboss.as.web.common.WebInjectionContainer caches references to all created managed beans and their managed references in order to call ManagedReference.release().  This caching doesn't appear to be necessary - and causes a memory leak in the above scenario.