You have to create one and only one instance of EAMAccessManager per request in your custom servlet. Store it in an instance variable in your servlet and always check it first. Problems will occur if you make the core HxGN EAM code read cached session objects more than once per request. Assuming 'request' is defined as a message from the browser to the server.
EAMAccessManager.endRequest() must be called at the end of every request in a finally block in your custom application. If you do not do this any state you stored in the EAMAccessSession object will get blown away. At this point you also need to reset your EAMAccessManager instance variable to null.
You cannot use the HttpSession object to store any type of state about your application. HxGN EAM supports both stateful and stateless sessions with a custom object / mechanism that acts a proxy to the real HttpSession object, therefore you cannot use it directly.
EAMAccessSession.setAttribute('key', 'value') and EAMAccessSession.getAttribute('key') must be used to store and fetch your applications state.
When setting and retrieving these EAMAccessSession attributes, all objects written to the map MUST be serializable.