And here comes my first techie post...
We've been having issues at work for the past 2 days trying to figure out why an https URL request works when our app is deployed in was6.0 and not in was6.1. The piece of code that we're debugging gets the session out of the request, gets an attribute from the session and then casts that object to, say, Blog. We got a null pointer exception on the line below:
Blog blog = (Blog) request.getSession().getAttribute("BLOG");
Since the logs were not really helpful, and the request object was not null, my first thought was that the session was null but that wasn't the case. When you try to retrieve objects from the session attribute map it turns out that was6.1 barfs if objects in the map are not serialized. Was6.0 handles this serialization internally without any issues. So the fix was to serialize the Blog object (and all the objects it holds references to).
Not really sure if was6.1 is more or less restrictive than was6.0..?