posted 7 years ago
Our application currently uses a "Change User" button that invalidates the current session and redirects the user to the login.jsp page. A monitoring tool checks the availability of the application every few minutes by signing in and finally clicking Change User. We have been facing 'out of swap space' issue recently with the JVM footprint overflowing into swap. We are still researching that issue. But, in order to avoid any unwanted memory usage, we think we should avoid the implicit sessions possibly being created when Change User is clicked. Obviously the new idle session created when login.jsp is rendered would stay in memory for the 1 hr default period before being invalidated. So, I'm thinking of sending just static html in the response instead of redirecting to login.jsp . With this I believe that no implicit sessions would be created just by clicking 'Change User'. I searched google to see if there is a best practice for this , but didn't find any. Any advise please?
author and iconoclast