Re: Expire an idle session

Tue, 02 Jun 2009 13:02:49 -0700 

What about timing out the session on the server?

Assuming that you're using a Java application container on the server,
you can add the following to web.xml:
    <session-config>
      <session-timeout>5</session-timeout>
    </session-config>

This will cause the server to time out connections after five minutes
of inactivity.  With this technique, it's actually possible to
intercept requests made after a time out in the onFailure() handler
and to take some kind of action (i.e., redirect to a login screen).

Tony
--
Tony Strauss
Designing Patterns, LLC
http://www.designingpatterns.com
http://blogs.designingpatterns.com

On Jun 2, 11:05 am, hezjing <hezj...@gmail.com> wrote:
> Hi
>
> I want the session to be expired if the it is idle for 5 minutes.
>
> I have the following client code after a successful login:
>
> String sessionID = /* (Get sessionID from server's response to login
> request.) */ ;
> long DURATION = 1000 * 60 * 5;
> Date expires = new Date(System.currentTimeMillis() + DURATION);
> // the sid cookie will be expired after 5 min
> Cookies.setCookie("sid", sessionID, expires, null, "/", false);
>
> The problem with the above code is that the session cookie will be expired 5
> minutes from the time the session is created and not from the time the last
> request to the server.
> For example, if a session is created at 00:00, followed by a request at
> 00:04, the cookie will still expire at 00:05 instead of 00:09.
>
> To do this, I have to reset the expiry time of the cookie in every RPC call
> like the following:
>
> public void onFailure(Throwable caught) {
>     ...
>     // re-calculate the expiry time
>     Date expires = new Date(System.currentTimeMillis() + DURATION)
>     Cookies.setCookie("sid", sessionID, expires, null, "/", false);
>
> }
>
> public void onSuccess(...) {
>     ...
>     // re-calculate the expiry time
>     Date expires = new Date(System.currentTimeMillis() + DURATION)
>     Cookies.setCookie("sid", sessionID, expires, null, "/", false);
>
> }
>
> May I know if there a more elegant way of doing this?
>
> --
>
> Hez
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Google Web Toolkit" group.
To post to this group, send email to Google-Web-Toolkit@googlegroups.com
To unsubscribe from this group, send email to 
google-web-toolkit+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/Google-Web-Toolkit?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to