This week's book giveaways are in the Scala and Android forums.
We're giving away four copies each of Machine Learning Systems: Designs that scale and Xamarin in Action: Creating native cross-platform mobile apps and have the authors on-line!
See this thread and this one for details.
Win a copy of Machine Learning Systems: Designs that scale this week in the Scala forum
or Xamarin in Action: Creating native cross-platform mobile apps in the Android forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

session timeout  RSS feed

 
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, I'm trying to get my application to timeout after a specific time period of no activity from the user: I added:

<session-config>
<session-timeout>1</session-timeout>
</session-config>

to my web.xml file which I think should timeout the session after 1 minute, but nothing is happening i.e. I load a page and wait a minute and it does not get redirected after 1 minute. Could anybody please tell me what I'm missing.
Thanks.
 
peter leigh
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sorry, I guessed I forgot to add that I want the user to get redirected to my welcome page when the session is timed out.
Thanks
 
best scout
Bartender
Posts: 1294
IntelliJ IDE Java Scala
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Peter,

the session timeout you set with web.xml just means that all data in session scope get invalidated after this timeout - nothing more.

Why do you think it should do a redirect or something like this? Perhaps it would be a good idea to do this on the client side with JavaScript (although I don't know if it's possible and how).

Marco
 
peter leigh
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
From what I read about the timeout I was under the impression that it did more then just clear all the session data.
 
Marco Ehrentreich
best scout
Bartender
Posts: 1294
IntelliJ IDE Java Scala
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Unfortunately it doesn't... Perhaps you was confused from API documentation saying

The server can maintain a session in many ways such as using cookies or rewriting URLs.

But this only means the servlet container is able to maintain a session via cookies or by encoding the session ID into the URL if the client/browser doesn't allow cookies.

You can use the HttpSessionListener interface to get notified when any session is created or destroyed but this won't help you in this case. You can only send a redirect in response to a direct client request so the client side have to take action in order to do a redirect. This is the reason why I said it's probably the easiest way if you use JavaScript on the client side. Another more modern alternative could be "Direct Web Remoting" (DWR) which is like AJAX but works in the opposite direction. Perhaps somebody here has more experience with this...

Marco
 
Amateurs built google. Professionals built the titanic. We can't find the guy that built this tiny ad:
Rocket Oven Kickstarter - from the trailboss
https://coderanch.com/t/695773/Rocket-Oven-Kickstarter-trailboss
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!