This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes session timeout Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "session timeout" Watch "session timeout" New topic
Author

session timeout

vijaya saradhi
Ranch Hand

Joined: Dec 31, 2007
Posts: 32

Hi ,

can any one please clear my doubt about session timeout.In HFSJ it was mentioned like this, if we give -1 as session timeout value the session will never expire.Is it true.
I am doubtful about it.If any one knows please share your knowledge.


adv thanks, vijayasaradhi duggirala
Zaheer A Baloch
Greenhorn

Joined: Jan 24, 2008
Posts: 18
Yes! It is true. Please do not doubt what the HFSJ book has to say. Its a religous book for SCWCD and it contains words of truth. Just kidding, its always good to get doubts cleared.

There are two ways we can make sure the session never expires.
Through web.xml:



Through HttpSession interface method in a servlet:


Any negative value means that this session shall never expire, unless you forcefully invalidate it using HttpSession.invalidate() method.

Hope this helps.

Zaheer Baloch
SCJP 5.0 (84%), SCWCD 5.0 (95%)
Nishan Patel
Ranch Hand

Joined: Sep 07, 2008
Posts: 684


Hi,

May be this will help you

http://nishanpatel.wordpress.com/2009/04/30/deploymentdescriptor/


Thanks, Nishan Patel
SCJP 1.5, SCWCD 1.5, OCPJWSD Java Developer,My Blog
Chamara Jayaweera
Ranch Hand

Joined: May 27, 2008
Posts: 66
Hi,

No doubts, HFSJ is correct and It happeans as it is.If you still have doubts then develop a small app and test it practically.Then you will never forget


Chamara D. Jayaweera
Bachelor of Computer Science
SCJP,SCMAD,SCWCD,SCBCD
Cristian Daniel Ortiz Cuellar
Ranch Hand

Joined: Feb 02, 2011
Posts: 81
Chamara Jayaweera wrote:Hi,

No doubts, HFSJ is correct and It happeans as it is.If you still have doubts then develop a small app and test it practically.Then you will never forget


hey guys if i make make either in DD or in code -1 Or any negative number the session will never expire??

if i put on the DD a value of 0. what would happen? the session is invalidate inmediataly???

sorry by my poor english.

thanks..
mohana krishna
Greenhorn

Joined: Apr 12, 2005
Posts: 8
If Session-timeout in DD is 0 then session will never expire
Ankit Garg
Sheriff

Joined: Aug 03, 2008
Posts: 9291
    
  17

mohana krishna wrote:If Session-timeout in DD is 0 then session will never expire

Hmm interesting, the 0 value's behavior is not specified in JavaEE 5 documentation but it is in JavaEE 6 documentation. I'll have to check the servlet specification 2.4 if 0 timeout is specified in it but if its not then it will not be asked in SCWCD 5 exam...


SCJP 6 | SCWCD 5 | Javaranch SCJP FAQ | SCWCD Links
mohana krishna
Greenhorn

Joined: Apr 12, 2005
Posts: 8

As per servlet-2_4-fr-spec.pdf file. PATH : http://download.oracle.com/otndocs/jcp/servlet-2.4-fr-spec-oth-JSpec/

"The session-timeout element defines the default
session timeout interval for all sessions created
in this web application. The specified timeout
must be expressed in a whole number of minutes.
If the timeout is 0 or less, the container ensures
the default behaviour of sessions is never to time
out. If this element is not specified, the container
must set its default timeout period."

So If Session-timeout in DD is 0 then session will never expire.
Jelo Nehuptra
Ranch Hand

Joined: Oct 08, 2011
Posts: 36

it was already answered here:

http://www.coderanch.com/t/170789/java-Web-Component-SCWCD/certification/setMaxInactiveInterval
Jelo Nehuptra
Ranch Hand

Joined: Oct 08, 2011
Posts: 36

if you insist:

EE5
"Specifies the time, in seconds, between client requests before the servlet container will invalidate this session.
A negative time indicates the session should never timeout. "


EE6
"Specifies the time, in seconds, between client requests before the servlet container will invalidate this session.
An interval value of zero or less indicates that the session should never timeout."
Sharad Kharya
Ranch Hand

Joined: Oct 15, 2008
Posts: 68
It can be set-up in the deployment descriptor:
--- minutes (<= 0, session should never expire)
- Individual session, setMaxInactiveInterval(int seconds) --- seconds (<0 never expire, 0 expire immediately).

If you define values in DD and in code then the value specified in code will override the session timeout for that session.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: session timeout
 
Similar Threads
Killing cookies when session is invalidated
setmaxInactiveInterval
Timeout mechanism in EJB
Session Expire due to time out: Please Help
changing the session timeout value