Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

session keeps timing out

 
david allen
Ranch Hand
Posts: 185
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
I am using sessions on my site to store a few objects. When the user logs on I create a session ie.
session.setAttribute("user", sessionUser);
session.setMaxInterval(3600);
In my web.xml file I have written the following
<session-config>
<session-timeout>60</session-timeout>
</session-config>
So as far as I can tell I have set the session to expire in one hour.
Could someone offer and advice as to why it keeps timing out
thank you very much
david
 
Andres Gonzalez
Ranch Hand
Posts: 1561
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
david -
you need to provide us with more information:
- this might sound dumb, but are you actually creating the session? how are you doing it?
- Are you using setMaxInactiveInterval in your code?
 
david allen
Ranch Hand
Posts: 185
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Here is my code for creating the session. This will be called when the user logs in.
HttpSession session = request.getSession(true);
User user = new User();
String error = "Invalid login or password";

if(user.dbInitialise((String)request.getParameter("login"))) {

String password = (String)request.getParameter("password");

if(password.equals(user.getPassword())) {


User sessionUser = (User)session.getAttribute("user");
if(sessionUser == null) {
sessionUser = new User(user);
session.setAttribute("user",sessionUser);
session.setMaxInactiveInterval(3600);
}
}
else{
session.setAttribute("error",error);
}
}
else {
session.setAttribute("error",error);
}
This code works fine. After the user logs in it will redirect them to the login page and display their name but when I move around the site and leave it idle for 5 min the site will time out. I then have to go back to the login page and login again.
So the session is created but from some reason it does not last one hour. I hope I have provided enough information.
Thank you very much
david
 
Andres Gonzalez
Ranch Hand
Posts: 1561
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hmm.. the code looks ok by me..
I was just wondering, why do you use setMaxInactiveInterval? if you're already declaring in your web.xml that the session timeout is 60 minutes, why are you putting it again...
I'd also look at my others servlets/jsp pages, to see if I'm using this method with a different value.
I wouldn't use it at all, unless I want to specify a different value..
let me know ...
 
david allen
Ranch Hand
Posts: 185
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So if I set it in web.xml then that should do the trick is that right?
I will try it and let you know.
Thanks for your help.
david
 
Scott Duncan
Ranch Hand
Posts: 365
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
just out of curiosity, what app server are you using?
 
Andres Gonzalez
Ranch Hand
Posts: 1561
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by david allen:
So if I set it in web.xml then that should do the trick is that right?

yep, that's why the web.xml is used for. You have a single place to modify your settings and all servlets will behave based on this.
But, if you want a particular session to behave differently, you use setMaxInactiveInterval(). this method affects *only* the session on which it is called. other sessions will still be mandated by the value you specify in web.xml.
 
david allen
Ranch Hand
Posts: 185
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I think I may have found the probem but please let me know.
I am working on a test machine.
When I compile a servlet I have it set up so that I dont have to turn tomcat off for the changes to be registered.
While testing my site I have been making changes and then recompiling the servelts. When a servlet is recompiled and then registered by tomcat I think that the sessions are deleted (without stopping tomcat).
I think this is the problem that I have been having.
What do you think?
Regards David
David
 
Andres Gonzalez
Ranch Hand
Posts: 1561
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That could be the problem, but not sure about it. What the container does once it starts, is read the configuration files (including web.xml) and loading the servlets to memory (creating an instance). This is one of the steps in the life cycle of the servlet.
I don't know if tomcat allows hot deployment,but this could be a solution. What you're basically doing now is modifying the code while running the same web application. this might result in unexpected behaviour.
 
Mark Spritzler
ranger
Sheriff
Posts: 17278
6
IntelliJ IDE Mac Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes, tomcat has Hot deployment.
And it probably does invalidate current sessions that would use that Servlet.
Mark
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic