This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Servlets and the fly likes session timeout Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "session timeout" Watch "session timeout" New topic

session timeout

Manjesh Patil
Ranch Hand

Joined: Sep 24, 2010
Posts: 41

Can anyone clarify this concept....?

I am implementing a session timeout and re-login use case

HttpSession session=null

if(req.getRequestedSessionId()!=null && !req.isRequestedSessionIdValid()){
//in validate the session session.invalidate();
//redirect to login page.
session=req.getSession( true );

1. after 1 minutes, will this code cause session object to become null eventually?
2. s.setMaxInactiveInterval(60); does this code invalidates only the session token ordering between client and server and still keeps the server side session alive?

thanks in advance.

William Brogden
Author and all-around good cowpoke

Joined: Mar 22, 2000
Posts: 12760
1. The servlet container is allowed to invalidate the session after the timeout - happens when the container gets around to it.
2. Invalidation is on the server side of course. The client browser will still submit the same cookie ID value but there will be no corresponding session.

I agree. Here's the link:
subject: session timeout
Similar Threads
Session timeout in struts
Correct way to use getSession() in actions?
How Do I Use Servlet Filter To Check Session Time-out?
bookmark not redirecting to login page
MVC-model 2(Session Management)