I have a web application that monitors all incoming and outgoing call contacts of an office . I used comet technology to send messages from server to the client.
Sometimes the process of sending response to the client , takes more time than session timeout that it causes the session to be expired.
My question is that how can i refresh lastAccessedTime of httpSession at the server side to prevent session timeout ?
posted 5 years ago
thanks for your answer,
I think that if i use your soloution the session will never expire and I don't want this to happen.
Just I want to prevent the session to be expired when the server is sending response to the client.
posted 5 years ago
The session will expire after the page is closed (because then the heartbeat is no longer sent). It's rather unlikely that a web page would stay open indefinitely, no?
If you know when the server sends the last piece of data, then it can send something that would cause the timer to be stopped in the web page.
I'm a bit confused on what you mean by "session expiring while sending response".
What are the symptoms when this happens? Does the client have to log in again, or does the client get a 500 error?
In our setup we use Apache for authentication and Tomcat as our container both of which have built in time outs.
If the user doesn't request a new page in 30 min (tomcat setting) then their session times out and they re-authenticate on the next request (although they probably won't have to type in anything to do so). We don't keep anything critical in our session object so this is mostly invisible to the user. Ulf's suggestion for a heart beat in the client will solve this one, although the session will only end when the user closes the browser window.
There is another timeout in Apache currently set to 5 minutes that is the time the servlet has to send the response. Maybe Ulf or Bear knows if it the time to send anything or the time to send the whole thing, I don't. This happens to us occasionally when the user requests something too big to handle. What happens is that the user sees an error page that says Error 500 the server isn't responding (or something like that). This one is harder to deal with in the general case. If the maximum response time is reasonable (in the user's mind) you can just change the Apache time out value with the Timeout directive. I think the factory default on Scientific Linux was 60 seconds.
I'm sure most web developers choked when they read 5 minutes was a reasonable response time for a web page. It depends on user expectations. This application does analysis and plotting of scientific data. In our case we're being pushed in the other direction by users asking for more data to be plotted in more complicated ways. The time is similar to other tools they use, since most of it is related to accessing the data. If this is your problem we can discuss ways to deal with it. We have 2 proposed solutions but I haven't implemented either yet.
It's not what your program can do, it's what your users do with the program.