Hi Kamal I removed the cookies too. BTW, I saw some example that set the timeout like the following:
HttpSession session = getThreadLocalRequest().getSession(); session.setMaxInactiveInterval(1000 * 60); I tried the above code before adding session-timeout in web.xml. That doesn't work in my case, do you have any idea when to use HttpSession.setMaxInactiveInterval()? On Thu, Jun 4, 2009 at 12:59 AM, Kamal Chandana Mettananda <lka...@gmail.com > wrote: > Seems you have set the session time out in server side. So what is the use > of Cookies here? > > --------------------------------------- > Kamal Mettananda > http://lkamal.blogspot.com > > > On Wed, Jun 3, 2009 at 10:00 PM, hezjing <hezj...@gmail.com> wrote: > >> Hi >> >> Yes, it is working by setting the timeout in the server. >> >> To summarize, the following are what I did: >> >> 1) Configured the session timeout in web.xml (say for 1 minute): >> >> <session-config> >> <session-timeout>1</session-timeout> >> </session-config> >> >> >> 2) Then create a session in the login RemoteServiceServlet: >> >> /* user is authenticated */ >> HttpSession session = getThreadLocalRequest().getSession(); >> >> >> 3) And check if a session has expired at the beginning of every RPC >> method: >> >> HttpSession session = getThreadLocalRequest().getSession(false); >> if (session == null) { >> /* means the session has expired */ >> } >> >> >> >> >> On Wed, Jun 3, 2009 at 11:12 PM, Kamal Chandana Mettananda < >> lka...@gmail.com> wrote: >> >>> Hi Hez, >>> >>> As Tony said, setting the session time out in the server would be the >>> better way. >>> >>> I guess that you are trying to set this timeout in client side because >>> you let individual users configure their session time out period. If that is >>> the case, then you will have to follow the way that have mentioned. >>> >>> HTH, >>> Kamal >>> --------------------------------------- >>> Kamal Mettananda >>> http://lkamal.blogspot.com >>> >>> >>> >>> >>> On Wed, Jun 3, 2009 at 1:32 AM, Tony Strauss < >>> tony.stra...@designingpatterns.com> wrote: >>> >>>> >>>> What about timing out the session on the server? >>>> >>>> Assuming that you're using a Java application container on the server, >>>> you can add the following to web.xml: >>>> <session-config> >>>> <session-timeout>5</session-timeout> >>>> </session-config> >>>> >>>> This will cause the server to time out connections after five minutes >>>> of inactivity. With this technique, it's actually possible to >>>> intercept requests made after a time out in the onFailure() handler >>>> and to take some kind of action (i.e., redirect to a login screen). >>>> >>>> Tony >>>> -- >>>> Tony Strauss >>>> Designing Patterns, LLC >>>> http://www.designingpatterns.com >>>> http://blogs.designingpatterns.com >>>> >>>> On Jun 2, 11:05 am, hezjing <hezj...@gmail.com> wrote: >>>> > Hi >>>> > >>>> > I want the session to be expired if the it is idle for 5 minutes. >>>> > >>>> > I have the following client code after a successful login: >>>> > >>>> > String sessionID = /* (Get sessionID from server's response to login >>>> > request.) */ ; >>>> > long DURATION = 1000 * 60 * 5; >>>> > Date expires = new Date(System.currentTimeMillis() + DURATION); >>>> > // the sid cookie will be expired after 5 min >>>> > Cookies.setCookie("sid", sessionID, expires, null, "/", false); >>>> > >>>> > The problem with the above code is that the session cookie will be >>>> expired 5 >>>> > minutes from the time the session is created and not from the time the >>>> last >>>> > request to the server. >>>> > For example, if a session is created at 00:00, followed by a request >>>> at >>>> > 00:04, the cookie will still expire at 00:05 instead of 00:09. >>>> > >>>> > To do this, I have to reset the expiry time of the cookie in every RPC >>>> call >>>> > like the following: >>>> > >>>> > public void onFailure(Throwable caught) { >>>> > ... >>>> > // re-calculate the expiry time >>>> > Date expires = new Date(System.currentTimeMillis() + DURATION) >>>> > Cookies.setCookie("sid", sessionID, expires, null, "/", false); >>>> > >>>> > } >>>> > >>>> > public void onSuccess(...) { >>>> > ... >>>> > // re-calculate the expiry time >>>> > Date expires = new Date(System.currentTimeMillis() + DURATION) >>>> > Cookies.setCookie("sid", sessionID, expires, null, "/", false); >>>> > >>>> > } >>>> > >>>> > May I know if there a more elegant way of doing this? >>>> > >>>> > -- >>>> > >>>> > Hez >>>> >>>> >>> >>> >>> >> >> >> -- >> >> Hez >> >> >> > > > > -- Hez --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to Google-Web-Toolkit@googlegroups.com To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---