This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
The session timeout we have set for our application in Tomcat is 90 minutes, however session times out very quickly. When I did dig deeper, I found that Apache's timeout is 300 sec (5 mins) and I think the session timeout I experienced was similar.
I use Tomcat as my standalone server on my local machine and 90 mins timeout works fine on it. However, the live server we have uses Tomcat as plug-in and Apache as web-server -- only Java code is served by Tomcat, static files are served by Apache. I thought (or I have read before?), the Tomcat session timeout (configured in context's web.xml) will override the Apache default session timeout, but it doesn't see so - what could be the reason? Do I need to change Apache's session timeout as well?