Seems you have set the session time out in server side. So what is the use of Cookies here?
--------------------------------------- Kamal Mettananda http://lkamal.blogspot.com On Wed, Jun 3, 2009 at 10:00 PM, hezjing <[email protected]> wrote: > Hi > > Yes, it is working by setting the timeout in the server. > > To summarize, the following are what I did: > > 1) Configured the session timeout in web.xml (say for 1 minute): > > <session-config> > <session-timeout>1</session-timeout> > </session-config> > > > 2) Then create a session in the login RemoteServiceServlet: > > /* user is authenticated */ > HttpSession session = getThreadLocalRequest().getSession(); > > > 3) And check if a session has expired at the beginning of every RPC method: > > HttpSession session = getThreadLocalRequest().getSession(false); > if (session == null) { > /* means the session has expired */ > } > > > > > On Wed, Jun 3, 2009 at 11:12 PM, Kamal Chandana Mettananda < > [email protected]> wrote: > >> Hi Hez, >> >> As Tony said, setting the session time out in the server would be the >> better way. >> >> I guess that you are trying to set this timeout in client side because you >> let individual users configure their session time out period. If that is the >> case, then you will have to follow the way that have mentioned. >> >> HTH, >> Kamal >> --------------------------------------- >> Kamal Mettananda >> http://lkamal.blogspot.com >> >> >> >> >> On Wed, Jun 3, 2009 at 1:32 AM, Tony Strauss < >> [email protected]> wrote: >> >>> >>> What about timing out the session on the server? >>> >>> Assuming that you're using a Java application container on the server, >>> you can add the following to web.xml: >>> <session-config> >>> <session-timeout>5</session-timeout> >>> </session-config> >>> >>> This will cause the server to time out connections after five minutes >>> of inactivity. With this technique, it's actually possible to >>> intercept requests made after a time out in the onFailure() handler >>> and to take some kind of action (i.e., redirect to a login screen). >>> >>> Tony >>> -- >>> Tony Strauss >>> Designing Patterns, LLC >>> http://www.designingpatterns.com >>> http://blogs.designingpatterns.com >>> >>> On Jun 2, 11:05 am, hezjing <[email protected]> wrote: >>> > Hi >>> > >>> > I want the session to be expired if the it is idle for 5 minutes. >>> > >>> > I have the following client code after a successful login: >>> > >>> > String sessionID = /* (Get sessionID from server's response to login >>> > request.) */ ; >>> > long DURATION = 1000 * 60 * 5; >>> > Date expires = new Date(System.currentTimeMillis() + DURATION); >>> > // the sid cookie will be expired after 5 min >>> > Cookies.setCookie("sid", sessionID, expires, null, "/", false); >>> > >>> > The problem with the above code is that the session cookie will be >>> expired 5 >>> > minutes from the time the session is created and not from the time the >>> last >>> > request to the server. >>> > For example, if a session is created at 00:00, followed by a request at >>> > 00:04, the cookie will still expire at 00:05 instead of 00:09. >>> > >>> > To do this, I have to reset the expiry time of the cookie in every RPC >>> call >>> > like the following: >>> > >>> > public void onFailure(Throwable caught) { >>> > ... >>> > // re-calculate the expiry time >>> > Date expires = new Date(System.currentTimeMillis() + DURATION) >>> > Cookies.setCookie("sid", sessionID, expires, null, "/", false); >>> > >>> > } >>> > >>> > public void onSuccess(...) { >>> > ... >>> > // re-calculate the expiry time >>> > Date expires = new Date(System.currentTimeMillis() + DURATION) >>> > Cookies.setCookie("sid", sessionID, expires, null, "/", false); >>> > >>> > } >>> > >>> > May I know if there a more elegant way of doing this? >>> > >>> > -- >>> > >>> > Hez >>> >>> >> >> >> > > > -- > > Hez > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
