| Author |
Session timeout
|
Jayashree Mohan
Ranch Hand
Joined: Nov 23, 2005
Posts: 37
|
|
Is this rite?
<session-config>
<session-timeout>0</session-timeout>
</session-config>
- The session will never expire
but when session.setMaxInactiveInterval(0) is called the session is deleted immediately like session.invalidate().
Am I correct on this?
|
 |
singh santosh
Ranch Hand
Joined: Jan 13, 2006
Posts: 136
|
|
yeh ,u r very right.... 
regards
-santosh
|
|
Anant Rao
Ranch Hand
Joined: Nov 12, 2004
Posts: 126
|
|
I am little confused...what happens if its set to -1 in both cases.
Regards
Infyniti
|
|
Akshay Kiran
Ranch Hand
Joined: Aug 18, 2005
Posts: 220
|
|
SRV.7.5 Session Timeouts In the HTTP protocol, there is no explicit termination signal when a client is no longer active. This means that the only mechanism that can be used to indicate when a client is no longer active is a timeout period. The default timeout period for sessions is defined by the servlet container and can be obtained via the getMaxInactiveInterval method of the HttpSession interface. This timeout can be changed by the Developer using the setMaxInactiveInterval method of the HttpSession interface. The timeout periods used by these methods are defined in seconds. By definition, if the timeout
period for a session is set to -1, the session will never expire.
and from the DTD,
<!--
The session-timeout element defines the default session timeout
interval for all sessions created in this web application. The
specified timeout must be expressed in a whole number of minutes.
If the timeout is 0 or less, the container ensures the default
behaviour of sessions is never to time out.
Used in: session-config
-->
<!ELEMENT session-timeout (#PCDATA)>
|
|
 |
|
|
subject: Session timeout
|
|
|
0
