Win a copy of Microservices in Action this week in the Web Services forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Devaka Cooray
  • Liutauras Vilda
  • Jeanne Boyarsky
Sheriffs:
  • Knute Snortum
  • Junilu Lacar
  • paul wheaton
Saloon Keepers:
  • Ganesh Patekar
  • Frits Walraven
  • Tim Moores
  • Ron McLeod
  • Carey Brown
Bartenders:
  • Stephan van Hulst
  • salvin francis
  • Tim Holloway

session timeout  RSS feed

 
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, I'm trying to get my application to timeout after a specific time period of no activity from the user: I added:

<session-config>
<session-timeout>1</session-timeout>
</session-config>

to my web.xml file which I think should timeout the session after 1 minute, but nothing is happening i.e. I load a page and wait a minute and it does not get redirected after 1 minute. Could anybody please tell me what I'm missing.
Thanks.
 
peter leigh
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sorry, I guessed I forgot to add that I want the user to get redirected to my welcome page when the session is timed out.
Thanks
 
best scout
Posts: 1294
IntelliJ IDE Java Scala
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Peter,

the session timeout you set with web.xml just means that all data in session scope get invalidated after this timeout - nothing more.

Why do you think it should do a redirect or something like this? Perhaps it would be a good idea to do this on the client side with JavaScript (although I don't know if it's possible and how).

Marco
 
peter leigh
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
From what I read about the timeout I was under the impression that it did more then just clear all the session data.
 
Marco Ehrentreich
best scout
Posts: 1294
IntelliJ IDE Java Scala
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Unfortunately it doesn't... Perhaps you was confused from API documentation saying

The server can maintain a session in many ways such as using cookies or rewriting URLs.

But this only means the servlet container is able to maintain a session via cookies or by encoding the session ID into the URL if the client/browser doesn't allow cookies.

You can use the HttpSessionListener interface to get notified when any session is created or destroyed but this won't help you in this case. You can only send a redirect in response to a direct client request so the client side have to take action in order to do a redirect. This is the reason why I said it's probably the easiest way if you use JavaScript on the client side. Another more modern alternative could be "Direct Web Remoting" (DWR) which is like AJAX but works in the opposite direction. Perhaps somebody here has more experience with this...

Marco
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!