That's actually why I was floored when my applet was kicked back to the login form after half an hours of continuous activity.
Mike Curwen wrote: > > anything you set in WEB-INF/web.xml can be set in > CATALINA_HOME/conf/web.xml and these setting will be used on a global > basis, unless overriden at a lower level. > > FWIW, I've always understood session-timeout to mean "after a period of > inactivity". I mean really... how useful would sessions be if they > logged you out after n minutes, no matter your activity level? Talk > about frustrating! "It doesn't matter that you've been using my site > continuosly for the past 30 minutes, I'm still kicking you off". That > sounds like 'session-duration' to me. > > > > -----Original Message----- > > From: G. Wade Johnson [mailto:[EMAIL PROTECTED] > > Sent: Friday, September 05, 2003 8:45 AM > > To: Tomcat Users List > > Subject: Re: Session Timeout > > > > > > I'm using Tomcat 4.1.18 & 4.1.24 (two different machines). > > The behavior is the same on both. As I said in my other > > message, I was basing my questions on the documentation I had > > read. Your response made me do a little testing. Now, I'm > > even more confused. > > > > My assumption was based on information in "Professional Java > > Servlets 2.3" by Wrox. In chapter 5, they explicitly state > > that the <session-timeout/> value applies to lifetime, not > > inactivity, (p. 240). > > > > I also checked with > > http://developer.java.sun.com/developer/Books/javaserverpages/ > > servlets_javaserver/servlets_javaserver05.pdf > > > > Section 5.10 describes that parameter as well. It does seem > > to imply that we are talking about inactivity timeouts, but > > the text is not actually explicit. It could be read either way. > > > > For my test, I set the <session-timeout/> to 5 minutes. If > > this was a lifetime thing, my session should expire pretty > > quickly. If not, it would last forever. (My servlet is being > > queried by an applet on a regular basis.) > > > > The session did not expire after 5 minutes. It expired after > > 30 minutes, just like it did before I added the <session-timeout/>. > > > > Any help would be appreciated. > > G. Wade > > > > PS. Since the <session-timeout/> is located in web.xml, I > > assume it is webapp-specific. Is there any way to set up a > > timeout on multiple webapps? (Short of making a change for > > each webapp.) I'm currently using single-sign-on to bring a > > couple of webapps together into one app from the user's point of view. > > > > > > > > Filip Hanik wrote: > > > > > > >I just found out that sessions on my webapp are > > automatically being > > > >logged out after some period of time. Even when they are > > being used. > > > > > > this should not be the case <session-timeout> should be the > > inactivity > > > timeout what version of tomcat? > > > Filip > > > > > > ----- Original Message ----- > > > From: "G. Wade Johnson" <[EMAIL PROTECTED]> > > > To: "Tomcat Users List" <[EMAIL PROTECTED]> > > > Sent: Thursday, September 04, 2003 2:36 PM > > > Subject: Session Timeout > > > > > > I've just been surprised by something that I thought I understood. > > > > > > I just found out that sessions on my webapp are automatically being > > > logged out after some period of time. Even when they are being used. > > > > > > >From reading the docs, it appears that the normal timeout > > behavior is > > > to terminate any session that has lived longer than n > > minutes. Is this > > > correct? > > > > > > Also there appears to be a <session-timeout/> element that > > allows you > > > to set the length of this timeout. > > > > > > However, if I am reading the documentation correctly, the > > only way to > > > set an "inactivity timeout" is programmatically? (I > > actually thought > > > the "session-timeout" was an "inactivity timeout".<shrug/>) > > > > > > How is the best way to go about adding this feature? Is the > > > HttpSessionListener interface the best way to go? > > > > > > Thanks, > > > G. Wade > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]