For example, see this thread. Searching the web for something like "java +configure session timeout" or similar will return a lot of hits.
Joined: Jun 08, 2009
i want to prevent the cookie to be invalidated when user closes the browser. i want to set the JSESSIONID cookie to stay alive for say, 20 minutes, whether browser is running or closed. so when user closes the browser and reopen the browser and access the same site he can still use the same JSESSIONID to access the site.