Menu
My application currently use Spring Session together with Redis as the backend.
I searched into the official documentation for Spring Session but was not able to find what the default session timeout is when using that module.
Also I am not sure how to change that default timeout if necessary.
Can someone please advise?
908
The default is 20 minutes. Session Timeout property cannot be set to a value greater than 525,600 minutes (1 year). The default value is 20 minutes. default session time for asp.net is 20 minutes.
The Default Expiration Period for Session is 20 Minutes. The Default Expiration Period for Cookie is 30 Minutes.
Session timeout determines how long the server maintains a session if a user does not explicitly invalidate the session. The default value is 30 minutes.
Spring Security Session Timeout In the case of Tomcat we can set the session timeout by configuring the maxInactiveInterval attribute on the manager element in server. xml or using the session-timeout element in web. xml.
The easiest way to configure session timeout when using redis repository is
@EnableRedisHttpSession(maxInactiveIntervalInSeconds = 60)
OR @EnableRedissonHttpSession(maxInactiveIntervalInSeconds = 1200) if redisson dependency is there.
The session expires when it is no longer available in the repository.
Timeout can be configured with setDefaultMaxInactiveInterval(int) on both RedisOperationsSessionRepository and MapSessionRepository. Default value is 30 minutes.
If you are using spring boot, then as of version 1.3 it will automatically sync the value with the server.session.timeout property from the application configuration.
Note that one of the shortcomings when using spring session is that javax.servlet.http.HttpSessionListeners are not invoked.
If you need to react on session expiration events you can subscribe to SessionDestroyedEvent application event of your spring application.
87
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
