aspose file tools*
The moose likes Struts and the fly likes session timeout Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "session timeout" Watch "session timeout" New topic
Author

session timeout

peter leigh
Greenhorn

Joined: Jun 01, 2008
Posts: 5
Hi, I'm trying to get my application to timeout after a specific time period of no activity from the user: I added:

<session-config>
<session-timeout>1</session-timeout>
</session-config>

to my web.xml file which I think should timeout the session after 1 minute, but nothing is happening i.e. I load a page and wait a minute and it does not get redirected after 1 minute. Could anybody please tell me what I'm missing.
Thanks.
peter leigh
Greenhorn

Joined: Jun 01, 2008
Posts: 5
Sorry, I guessed I forgot to add that I want the user to get redirected to my welcome page when the session is timed out.
Thanks
Marco Ehrentreich
best scout
Bartender

Joined: Mar 07, 2007
Posts: 1278

Hi Peter,

the session timeout you set with web.xml just means that all data in session scope get invalidated after this timeout - nothing more.

Why do you think it should do a redirect or something like this? Perhaps it would be a good idea to do this on the client side with JavaScript (although I don't know if it's possible and how).

Marco
peter leigh
Greenhorn

Joined: Jun 01, 2008
Posts: 5
From what I read about the timeout I was under the impression that it did more then just clear all the session data.
Marco Ehrentreich
best scout
Bartender

Joined: Mar 07, 2007
Posts: 1278

Unfortunately it doesn't... Perhaps you was confused from API documentation saying
The server can maintain a session in many ways such as using cookies or rewriting URLs.
But this only means the servlet container is able to maintain a session via cookies or by encoding the session ID into the URL if the client/browser doesn't allow cookies.

You can use the HttpSessionListener interface to get notified when any session is created or destroyed but this won't help you in this case. You can only send a redirect in response to a direct client request so the client side have to take action in order to do a redirect. This is the reason why I said it's probably the easiest way if you use JavaScript on the client side. Another more modern alternative could be "Direct Web Remoting" (DWR) which is like AJAX but works in the opposite direction. Perhaps somebody here has more experience with this...

Marco
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: session timeout
 
Similar Threads
session timeout not working
Correct way to use getSession() in actions?
Logout user upon browser close
HttpSessionListener: What were they thinking?
Not able to get this !