permaculture playing cards
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes HttpSession. setMaxInactiveInterval versus session-timeout in DD Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "HttpSession. setMaxInactiveInterval versus session-timeout in DD" Watch "HttpSession. setMaxInactiveInterval versus session-timeout in DD" New topic

HttpSession. setMaxInactiveInterval versus session-timeout in DD

Doyle Matt
Ranch Hand

Joined: Jul 05, 2004
Posts: 76
I'm wondering if who has the higher priority?
For example if a webapp has a DD declared
, 15 being 15 mins and then a servlet sets the
, 5 being 5 seconds; which does the servlet container favors? the DD declaration or the method call?

SCJP 1.4
Doyle Matt
Ranch Hand

Joined: Jul 05, 2004
Posts: 76
well i'm answering my question. apparently the <session-timeout> is a "global" setting. but the session.setMaxInactiveInterval(int) are for specifics or "local" settings.

global meaning those sessions that didn't have their setMaxInactiveInterval set will use the one from the dd. but for those you went thru to the setMaxInactiveInterval will use the one that was set for that specific session object.
Saurabh Kumar
Ranch Hand

Joined: Aug 21, 2006
Posts: 56
You are correct,

DD declaration is global and applies to all sessions if not over written by using session.setMaxInactiveInterval(seconds) method.

setMaxInactiveInterval(seconds) method of HttpSession interface sets timeout for a particular session.

There is another difference between the two:
setMaxInactiveInterval() method:- -ve time(as parameter) indicates the session should never timeout
<session-timeout> 0 or -ve </session-timeout>:- 0 or -ve indicates the session should never timeout
vineet kaushik

Joined: Aug 05, 2009
Posts: 13
Hi Guys,

Here I am trying to understand the real purpose of session configuration in Web.xml for session timeout.

<!-- Session Configuration -->

Now let me tell about my question..

my application is importing/uploading a .txt file and which is bound to take more than 1 hour Since there are millions of records to be imported.
But session gets timed out after 1 hour though my application is still importing that .txt file which is in progress.
As such application should not timeout as application is doing some task in background.


Frits Walraven
Creator of Enthuware JWS+ V6
Saloon Keeper

Joined: Apr 07, 2010
Posts: 2015


I am not sure what you are asking because the answer in my opinion is given in this thread, but here the paragraph about the element of the Servlet 3.0 spec:

The session-config defines the session parameters for this Web application. The sub-element session-timeout defines the default session time out interval for all sessions created in this Web application. The specified time out must be expressed in a whole number of minutes. If the time out is 0 or less, the container ensures the default behavior of sessions is never to time out. If this element is not specified, the container must set its default time out period.

jalil idrissi

Joined: Feb 05, 2013
Posts: 6
vineet I think I see your confusion: session-timeout is meant to describe the maximum period of inactivity after which the session is invalidated, AND NOT the whole duration allowed for a session.

for example sission-timeout could be 10 minutes, but if you keep sending requests you can stay there the day long.

I agree. Here's the link:
subject: HttpSession. setMaxInactiveInterval versus session-timeout in DD
jQuery in Action, 3rd edition