I'm having a bit of trouble with Session timeouts in my Tomcat served web application. From reading over Tomcat's documentation, sessions expire after a time which can be configured in the web.xml file.
Question) Does this mean 30 minutes from when the session was created for the user? Or 30 minutes from when the session was last accessed?
If it is, as I originally thought, 30 minutes from when the session was last accessed, I don't seem to be seeing this behavior. My sessions seem to be lost as I'm using the site. Are there any other ways to configure session behavior besides this one setting? Is there something I'm missing?
Author and all-around good cowpoke
posted 5 years ago
1. the timeout is reset every time there is a request, there are also methods for changing the timeout for an individual session.
2. note that a session is tied to a given web application - it will not be kept alive if you move to another application in the same server.