aspose file tools*
The moose likes JSP and the fly likes How to reduce authenticated sessions timeout? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "How to reduce authenticated sessions timeout?" Watch "How to reduce authenticated sessions timeout?" New topic
Author

How to reduce authenticated sessions timeout?

Chinmaya Chowdary
Ranch Hand

Joined: Apr 21, 2008
Posts: 432
Hi, I am using Tomcat5.5. The default maximum session(authenticated session) inactive interval is 30 minutes. Can you please tell, how to reduce inactive interval time for authenticated sessions? Thankyou.
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12825
    
    5
Consult the JavaDocs for HttpSession in the javax.servlet.http package to find the methods for changing the timeout.

Bill

(I am not just giving you a line of code because you need to get familiar with the documentation.)
Chinmaya Chowdary
Ranch Hand

Joined: Apr 21, 2008
Posts: 432
Thankyou Sir.
Max Rahder
Ranch Hand

Joined: Nov 06, 2000
Posts: 177
There's also a way of setting the default in Tomcat -- it's a property setting somewhere. I suggest you Google "tomcat default session timeout", or something similar.
Chinmaya Chowdary
Ranch Hand

Joined: Apr 21, 2008
Posts: 432
Hi, I requested a constrained resource, and I used BASIC authentication method. The browser asked username and password. I provided valid ones. The authentication passed, and I got the constrained resource using browser(firefox).

I set setMaxInactiveInterval(100) to my session in jsp(constrained resource), and after 100 seconds the session will be invalidated. Later, I send a request to the constrained resource. At this time the container is not doing authentication, it simply returns the constrained resource(the previous one). Why the container is not doing authentication?

Later I deleted authenticated session's in my firefox. After that, I made a request to constrained resource, at this time the container asks for authentication. Why the container is asking for authentication, after deleting authenticated sessions in firefox? It seems that session object in my jsp and authentication sessions in firefox are different. What are they actually? Is there any method to invalidate authenticated sessions in my jsp? I search through google, search through java documentation not find suitable answer. I noticed that the HttpSession object is different from authentication session. Please explain me or provide any link for this topic. Thankyou.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: How to reduce authenticated sessions timeout?