| Author |
session timeout
|
Manjesh Patil
Ranch Hand
Joined: Sep 24, 2010
Posts: 38
|
|
Can anyone clarify this concept....?
I am implementing a session timeout and re-login use case
HttpSession session=null
if(req.getRequestedSessionId()!=null && !req.isRequestedSessionIdValid()){
//in validate the session session.invalidate();
//redirect to login page.
}
session=req.getSession( true );
s.setMaxInactiveInterval(60);
1. after 1 minutes, will this code cause session object to become null eventually?
2. s.setMaxInactiveInterval(60); does this code invalidates only the session token ordering between client and server and still keeps the server side session alive?
thanks in advance.
|
 |
William Brogden
Author and all-around good cowpoke
Rancher
Joined: Mar 22, 2000
Posts: 12321
|
|
1. The servlet container is allowed to invalidate the session after the timeout - happens when the container gets around to it.
2. Invalidation is on the server side of course. The client browser will still submit the same cookie ID value but there will be no corresponding session.
Bill
|
Java Resources at www.wbrogden.com
|
|
 |
|
|
subject: session timeout
|
|
|
0
