aspose file tools*
The moose likes Servlets and the fly likes session timeout Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "session timeout" Watch "session timeout" New topic
Author

session timeout

Manjesh Patil
Ranch Hand

Joined: Sep 24, 2010
Posts: 41

Can anyone clarify this concept....?

I am implementing a session timeout and re-login use case

HttpSession session=null

if(req.getRequestedSessionId()!=null && !req.isRequestedSessionIdValid()){
//in validate the session session.invalidate();
//redirect to login page.
}
session=req.getSession( true );
s.setMaxInactiveInterval(60);

1. after 1 minutes, will this code cause session object to become null eventually?
2. s.setMaxInactiveInterval(60); does this code invalidates only the session token ordering between client and server and still keeps the server side session alive?

thanks in advance.

William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12823
    
    5
1. The servlet container is allowed to invalidate the session after the timeout - happens when the container gets around to it.
2. Invalidation is on the server side of course. The client browser will still submit the same cookie ID value but there will be no corresponding session.

Bill
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
 
subject: session timeout