I have a tomcat server which allows to upload rather big files in the secured area. I am using apache commons fileupload, so the upload is performing in background on server.
Now, when I login, press "upload" for big file, go away for some time, then return and see the login request page instead of upload success page (I have a script which forwards to another page of the site when upload is finished, but it seems that upload itself fails too) - the session timed out while the file had been uploading. If I make some activity on the site during upload (navigate among pages), the upload would finish fine.
So, what I want to do is to try to keep HttpSession alive programmatically on server side while the file is being uploaded - I have upload progress listener, so it could call something like session.resetTimer() - same thing which is called when the user request some page. But I can't see anything looking like this method in HttpSession class - only session.invalidate() method which is opposite to what I want.
Is there a way to simulate user activity on server side to prolongate the session?
Joined: Dec 12, 2010
ok, it seems that I have found something, but still can't use it. The method I was thinking of is org.apache.catalina.Session.access();
My server allows to upload rather big files - it may take up to several hours for upload to finish depending on the connection speed, I can't predict how long it will take. So for sure, I can try to set infinite (ok, 24 hours is enough) session life - seems that I will finally come to this solution, but actually I need such long sessions only for file upload process, so this seems to be rough solution and ineffective in long term.
For the setMaxInactiveInterval - I have checked its source code - it would set only inactive interval value, but will not reset the timer. Still, this might be better, than setting value in servlet context and probably would work as workaround - make the session 24 hours when upload is started and return default value when it is finished, I will try how this would go, thank's.
So it seems that the call I need is hidden rather well.
I stumbled upon this thread looking for the same thing. The reason I want to simulate activity is to compensate for activity on another linked system that is using the tomcat session ID as an authorization key without pounding the primary system with 'ping' requests.
I was able to accomplish this by first using reflection to extract the StandardSession from the facade and then calling the access() method via the reflection you described. I tested with Tomcat 5.5.33, browsing the source it appears it should work well with Tomcat 6 and 7 also. Here is the code