As per the
servlet specs., if the time-out period for a session is set to -1, the session will never expire. In the HTTP protocol (Stateless) , there is no explicit termination signal when a client (browser) is no longer active. The session can be terminated by setting timeout period or explicitly invalidating the session. Even in some browser, you can use same session in two different windows. When one window is closed, the session remain active in another window.
Thanks.
Narendra Dhande
SCJP 1.4,SCWCD 1.4, SCBCD 5.0, SCDJWS 5.0, SCEA 5.0