my dog learned polymorphism
The moose likes JSP and the fly likes Regarding Session life time Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "Regarding Session life time" Watch "Regarding Session life time" New topic

Regarding Session life time

saravana kumar
Ranch Hand

Joined: Jun 25, 2002
Posts: 72
Dear Friends,
we are developing a web site using jsp,servlets.i would like to set the session life time as long as the clients accessing the site.
now if the client doesnt do anything onb page the session life time comes to end after 3 seconds.i want to disable the session after the client made the sign out. how to do that?
or how can i set session valid for atleast one day.
Rob Misek
Ranch Hand

Joined: Sep 24, 2002
Posts: 41
Hi saravana,
Take a look at javax.servlet.http.HttpSession.setMaxInactiveInterval(int interval), but be careful to gaurantee that eventually every session expires.

<a href="" target="_blank" rel="nofollow"></a><br /><a href="" target="_blank" rel="nofollow">Coherence:</a> Easily share live data across a cluster!
Vin Kris
Ranch Hand

Joined: Jun 17, 2002
Posts: 154
Saravana, Check out what Rob Misek has given - but be warned that you need resources to maintain session and they don't come cheap. 3 seconds seems really tight but on the other hand, one day seems way too long. What would the users do?
You will have to arrive at a value that is acceptable so that the session can be invalidated.
For ex: Set the Maximum inactive interval to 30 minutes - so you application server itself will take care of session invalidation after this time.
Also, The sign-out logic itself should have session invalidation (say 25 minutes) to free up the resources.
if( last access time > max inactive time ) session.invalidate();
This way if users click on logout button, then you invalidate the sessions. BUT, if the users close their browser windows using the X button (which most of them do), then the app server invalidates the session.
I agree. Here's the link:
subject: Regarding Session life time
jQuery in Action, 3rd edition