• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

clarification : HFS page 266

 
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all,

I need some clarification in HFS mock exam in page 266,Question 3, Option A

The option says "A session whose timeout period has been set to -1 will never expire"

Does it mean that even if the user closes the browser, session does'nt expire??

Pls clarify

Thanks in advance
harsha
 
Ranch Hand
Posts: 951
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
As per the servlet specs., if the time-out period for a session is set to -1, the session will never expire. In the HTTP protocol (Stateless) , there is no explicit termination signal when a client (browser) is no longer active. The session can be terminated by setting timeout period or explicitly invalidating the session. Even in some browser, you can use same session in two different windows. When one window is closed, the session remain active in another window.

Thanks.
 
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi
If the session timeout is set to -1, the server will not end the session. Meaning that even if the user closes the browser and comes back and goes to the same page. If the timeout period of the session on that server has not elapsed, the user will be able to log into the site automatically, without any login parameters.
Unless ofcourse, ur page is intelligent enuff to trap a browser close event and send signal to the server to flush session and so, ask user to relogin at the time of coming back to the site.
In case of sites like yahoo if u accidentally close your browser and come back to the site, it takes you to the email access page. this is assuming that the session timeout hasnt happened yet.
BreakThru NOT BreakDown!
 
reply
    Bookmark Topic Watch Topic
  • New Topic