This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
Dear Friends, we are developing a web site using jsp,servlets.i would like to set the session life time as long as the clients accessing the site. now if the client doesnt do anything onb page the session life time comes to end after 3 seconds.i want to disable the session after the client made the sign out. how to do that? or how can i set session valid for atleast one day. thanks regards saran
Hi saravana, Take a look at javax.servlet.http.HttpSession.setMaxInactiveInterval(int interval), but be careful to gaurantee that eventually every session expires.
<a href="http://www.tangosol.com" target="_blank" rel="nofollow">www.tangosol.com</a><br /><a href="http://www.tangosol.com/coherence.jsp" target="_blank" rel="nofollow">Coherence:</a> Easily share live data across a cluster!
Saravana, Check out what Rob Misek has given - but be warned that you need resources to maintain session and they don't come cheap. 3 seconds seems really tight but on the other hand, one day seems way too long. What would the users do? You will have to arrive at a value that is acceptable so that the session can be invalidated. For ex: Set the Maximum inactive interval to 30 minutes - so you application server itself will take care of session invalidation after this time. Also, The sign-out logic itself should have session invalidation (say 25 minutes) to free up the resources. if( last access time > max inactive time ) session.invalidate(); This way if users click on logout button, then you invalidate the sessions. BUT, if the users close their browser windows using the X button (which most of them do), then the app server invalidates the session.