Session management in URL reporting

Hi,

I have problems with the session management while calling reports from our own web-app.

We host our reports (.rpt) on a CrystalReportsServer 2008 running on a Tomcat. This CRS is configured with 20 CAL (ConcurrentAccess Licences).

On the other side, our Intranet, running on another Tomcat.

Our Intranet provides UI allowing users to determine the parameters that will be passed to reports. For some reasons we do not want to use InfoView now but keep using our own UI to call reports. The idea was then to call them through OpenDocument (or viewrpt.cwr) passing parameters in the URL.

In our Web-app, I authenticate the user to the CRS, retrieving an IEnterpriseSession. I then get a token for my calls to OpenDoc. But then, each time I call OpenDoc, a new CAL is picked out. Even if I logoff, only one CAL (the one belonging to my IEnterpriseSession) is given back.

As our users often open and close lots of reports, we run very quickly out of CAL, although the reports are now closed and the user gone.

I thought using a token would have allowed us to consume only 1 CAL per user, using the same CAL for the different calls.

Is my reasoning wrong or is it my code..?