Pieter Jelle wrote:
André van Toly wrote:
Prolonging session-timeout can be done for the complete webapp in its
web.xml:
<!-- Define the default session timeout for your application,
in minutes. From a servlet or JSP page, you can modify
the timeout for a particular session dynamically by using
HttpSession.getMaxInactiveInterval(). -->
<session-config>
<session-timeout>30</session-timeout> <!-- 30 minutes -->
</session-config>
You're looking for a more permanent sollution, but i thought i should
mention it, just in case.
André, this solution looks ok for what I need (it doesn't really have to
be eternally, it's ok to lose the sessions when the server reboots), but
it doesn't seem to have any impact.
I suppose it basically does the same as calling
getMaxInactiveInterval(), which I already tried without any luck.
So I guess I'll have to use one of the workarounds by setting my own
cookie with a hashed password.
Thanks for all the replies, they have been of great help.
I haven't seen the MaxInactiveInterval not working. It might be that you
lost the sessionid somewhere? This could happen when you switch domains
or https or confusing the servlet container by sending a ;jsessionid on
the url.
You could also write some javascript code which touches a resource on
the server to reset the session counter.
<script type="text/javascript">
function showSessionTimeOutWarning( timeout, warning ) {
var warningTime = timeout - warning;
if( warningTime > 0 && warning > 0) {
setTimeout("sessionTimeOutWarning()", warningTime * 1000);
}
if( timeout > 0 ) {
setTimeout( "sessionTimedOut()", timeout * 1000 );
}
}
function sessionTimedOut() {
alert("Waarschuwing! Uw sessie is verlopen.");
}
function sessionTimeOutWarning() {
alert("Attentie! Uw sessie verloopt binnen enkele minuten.");
// or a nice xmlhttp request back to the server
}
</script>
Nico
_______________________________________________
Developers mailing list
[email protected]
http://lists.mmbase.org/mailman/listinfo/developers
