I'm wondering if who has the higher priority? For example if a webapp has a DD declared , 15 being 15 mins and then a servlet sets the , 5 being 5 seconds; which does the servlet container favors? the DD declaration or the method call?
well i'm answering my question. apparently the <session-timeout> is a "global" setting. but the session.setMaxInactiveInterval(int) are for specifics or "local" settings.
global meaning those sessions that didn't have their setMaxInactiveInterval set will use the one from the dd. but for those you went thru to the setMaxInactiveInterval will use the one that was set for that specific session object.
DD declaration is global and applies to all sessions if not over written by using session.setMaxInactiveInterval(seconds) method.
setMaxInactiveInterval(seconds) method of HttpSession interface sets timeout for a particular session.
There is another difference between the two: setMaxInactiveInterval() method:- -ve time(as parameter) indicates the session should never timeout <session-timeout> 0 or -ve </session-timeout>:- 0 or -ve indicates the session should never timeout
my application is importing/uploading a .txt file and which is bound to take more than 1 hour Since there are millions of records to be imported.
But session gets timed out after 1 hour though my application is still importing that .txt file which is in progress.
As such application should not timeout as application is doing some task in background.
I am not sure what you are asking because the answer in my opinion is given in this thread, but here the paragraph about the element of the Servlet 3.0 spec:
<session-config> The session-config defines the session parameters for this Web application. The sub-element session-timeout defines the default session time out interval for all sessions created in this Web application. The specified time out must be expressed in a whole number of minutes. If the time out is 0 or less, the container ensures the default behavior of sessions is never to time out. If this element is not specified, the container must set its default time out period.
vineet I think I see your confusion: session-timeout is meant to describe the maximum period of inactivity after which the session is invalidated, AND NOT the whole duration allowed for a session.
for example sission-timeout could be 10 minutes, but if you keep sending requests you can stay there the day long.
OCEJWCD 6
OCPJP 7
The fastest and most reliable components of any system are those that are not there. Tiny ad: