• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Session timeout default

 
Ranch Hand
Posts: 48
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
what's the default of http session timeout? Is it container dependent?
 
Ranch Hand
Posts: 560
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
As per the spec,

In the HTTP protocol, there is no explicit termination signal when a client is no
longer active. This means that the only mechanism that can be used to indicate when
a client is no longer active is a timeout period.
The default timeout period for sessions is defined by the servlet container and
can be obtained via the getMaxInactiveInterval method of the HttpSession
interface. This timeout can be changed by the Developer using the
setMaxInactiveInterval method of the HttpSession interface. The timeout
periods used by these methods are defined in seconds. By definition, if the timeout
period for a session is set to -1, the session will never expire.


You can set the timeout period in web.xml:

<!ELEMENT session-config (session-timeout?)>

 
Renata fonseca
Ranch Hand
Posts: 48
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks!
 
Ranch Hand
Posts: 285
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Remember, the setMaxInactiveInterval() method of HttpSession set an interval in seconds, whereas the deployment descriptor <session-config> element is specified in minutes.
Add to this the other discrepency that the setMaxInactiveInterval() method requires a negative-value argument to ensure that the session never expires, whereas the <session-timeout> value in the DD can be 0 or less to achieve the same.
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic