Menu
If I do not specify the following in my web.xml file:
<session-config> <session-timeout>10</session-timeout> </session-config> What will be my default session timeout? (I am running Tomcat 6.0)
555
Session timeout determines how long the server maintains a session if a user does not explicitly invalidate the session. The default value is 30 minutes.
Specifies the number of minutes that a session can remain idle before the server terminates it automatically. The default is 10 minutes.
In simpler terms, a session is a state consisting of several requests and response between the client and the server. It is a known fact that HTTP and Web Servers are both stateless. Hence, the only way to maintain the state of the user is by making use of technologies that implement session tracking.
After deploying the war file manually to tomcat, I realized that default session timeout value (30 min) was being used still.
If you're using Tomcat, it's 30 minutes. You can read more about it here.
135
You can also set this in code, for a specific session using the HttpSession setMaxInactiveInterval API:
Specifies the time, in seconds, between client requests before the servlet container will invalidate this session. A negative time indicates the session should never timeout.
I mention this in case you see timeouts that are not 30 minutes, but you didn't specify another value (e.g. another developer on the project used this API).
Another item to note is this timeout may not trigger on the exact second the session is eligible to expire. The Java EE server may have a polling thread that checks for expired sessions every minute. I don't have a reference for this, but have seen this behavior in the WebSphere 5.1 era.
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
