ConnectionTimeOut Vs sessionTimeout problem

I am working on a J2EE application which is running in a Tomcat 5.5.23. In Tomcat's conf/server.xml I set the ConnectionTimeout value to 20000 ms. And I have removed the <session-config> ..<session-timeout> entry from the Tomcat's conf/web.xml. Also I dont have a session-timeout entry in my own application's web.xml. But still when I try to print the session timeout value in a JSP by using <c:out value="${pageContext.session.maxInactiveInterval}"/> it displays the value 1800. That means somewhere this session timeout value is getting set as default 30 minutes. Can anyone help me try to understand where and how this 30 minutes is getting defaulted? And also please help me on this...I dont want to set the session-timeout anywhere other than the server.xml's connectionTimeout entry and i want that value set for the same to be retrieved in my JSP.

Connection timeout and session timeout are two totally different things.

Connection timeouts have to do with how long the server will leave a connection between the browser and server open after a response is complete.

Session-timeout is what controls the length of time that an idle session will last.


As to the session-timeout setting in conf/web.xml; I can't say for sure, but I'm guessing that 30 minutes is the default whether that entry is there or not and that the entry is there to make it easier for folks who want to change it to find it.

Out of curiosity, why do you care if there is a default value?

Thanks for the quick reply. I understood the difference between Connection timeout and session timeout. And for your question, in my application I had to do the session expiration check for 20 min and there should be a 5 min warning before the session expires. I took care of all these things. But without providing the session-timeout entry in my application's web.xml, when i tried to print the HttpSession's getMaxInactiveInterval() it printed the 1800 value because of the tomcat's conf/web.xml session-timeout entry (30 min). So, according to your reply, if we have to have the session expiry handling for any application,
1. either we have to provide that in that application's web.xml or set it in the tomcat's conf/web.xml
2. and we have to set the conf/server.xml's ConnectionTimeout to be the same (or more) in milliseconds. (because when i try to set this to less than the above one, say 10000 ms, and when i do not do anything in an opened session of my application for 10 minutes and then I make a request, it logs me out...)

Originally posted by Vidhya Mohandas:

2. and we have to set the conf/server.xml's ConnectionTimeout to be the same (or more) in milliseconds. (because when i try to set this to less than the above one, say 10000 ms, and when i do not do anything in an opened session of my application for 10 minutes and then I make a request, it logs me out...)

I still don't see why you're messing with the connection timeout settings.
These are not related to sessions and are, for the most part, something that an application developer need not concern him/herself with.

So, I think I did not understand the connection timeout setting. Eventhough as a developer, i do not want to know about the same, out of curiosity am asking, could you explain me if we set the value of the same to be 20000 in the server.xml file ?