I can remember that I used this method for setting the time out through the code; however not quite sure why that method is not working for you.
--------------------------------------- Kamal Mettananda http://lkamal.blogspot.com On Wed, Jun 3, 2009 at 10:44 PM, hezjing <[email protected]> wrote: > Hi Kamal > I removed the cookies too. > > BTW, I saw some example that set the timeout like the following: > > HttpSession session = getThreadLocalRequest().getSession(); > session.setMaxInactiveInterval(1000 * 60); > > > I tried the above code before adding session-timeout in web.xml. > That doesn't work in my case, do you have any idea when to > use HttpSession.setMaxInactiveInterval()? > > > On Thu, Jun 4, 2009 at 12:59 AM, Kamal Chandana Mettananda < > [email protected]> wrote: > >> Seems you have set the session time out in server side. So what is the use >> of Cookies here? >> >> --------------------------------------- >> Kamal Mettananda >> http://lkamal.blogspot.com >> >> >> On Wed, Jun 3, 2009 at 10:00 PM, hezjing <[email protected]> wrote: >> >>> Hi >>> >>> Yes, it is working by setting the timeout in the server. >>> >>> To summarize, the following are what I did: >>> >>> 1) Configured the session timeout in web.xml (say for 1 minute): >>> >>> <session-config> >>> <session-timeout>1</session-timeout> >>> </session-config> >>> >>> >>> 2) Then create a session in the login RemoteServiceServlet: >>> >>> /* user is authenticated */ >>> HttpSession session = getThreadLocalRequest().getSession(); >>> >>> >>> 3) And check if a session has expired at the beginning of every RPC >>> method: >>> >>> HttpSession session = getThreadLocalRequest().getSession(false); >>> if (session == null) { >>> /* means the session has expired */ >>> } >>> >>> >>> >>> >>> On Wed, Jun 3, 2009 at 11:12 PM, Kamal Chandana Mettananda < >>> [email protected]> wrote: >>> >>>> Hi Hez, >>>> >>>> As Tony said, setting the session time out in the server would be the >>>> better way. >>>> >>>> I guess that you are trying to set this timeout in client side because >>>> you let individual users configure their session time out period. If that >>>> is >>>> the case, then you will have to follow the way that have mentioned. >>>> >>>> HTH, >>>> Kamal >>>> --------------------------------------- >>>> Kamal Mettananda >>>> http://lkamal.blogspot.com >>>> >>>> >>>> >>>> >>>> On Wed, Jun 3, 2009 at 1:32 AM, Tony Strauss < >>>> [email protected]> wrote: >>>> >>>>> >>>>> What about timing out the session on the server? >>>>> >>>>> Assuming that you're using a Java application container on the server, >>>>> you can add the following to web.xml: >>>>> <session-config> >>>>> <session-timeout>5</session-timeout> >>>>> </session-config> >>>>> >>>>> This will cause the server to time out connections after five minutes >>>>> of inactivity. With this technique, it's actually possible to >>>>> intercept requests made after a time out in the onFailure() handler >>>>> and to take some kind of action (i.e., redirect to a login screen). >>>>> >>>>> Tony >>>>> -- >>>>> Tony Strauss >>>>> Designing Patterns, LLC >>>>> http://www.designingpatterns.com >>>>> http://blogs.designingpatterns.com >>>>> >>>>> On Jun 2, 11:05 am, hezjing <[email protected]> wrote: >>>>> > Hi >>>>> > >>>>> > I want the session to be expired if the it is idle for 5 minutes. >>>>> > >>>>> > I have the following client code after a successful login: >>>>> > >>>>> > String sessionID = /* (Get sessionID from server's response to login >>>>> > request.) */ ; >>>>> > long DURATION = 1000 * 60 * 5; >>>>> > Date expires = new Date(System.currentTimeMillis() + DURATION); >>>>> > // the sid cookie will be expired after 5 min >>>>> > Cookies.setCookie("sid", sessionID, expires, null, "/", false); >>>>> > >>>>> > The problem with the above code is that the session cookie will be >>>>> expired 5 >>>>> > minutes from the time the session is created and not from the time >>>>> the last >>>>> > request to the server. >>>>> > For example, if a session is created at 00:00, followed by a request >>>>> at >>>>> > 00:04, the cookie will still expire at 00:05 instead of 00:09. >>>>> > >>>>> > To do this, I have to reset the expiry time of the cookie in every >>>>> RPC call >>>>> > like the following: >>>>> > >>>>> > public void onFailure(Throwable caught) { >>>>> > ... >>>>> > // re-calculate the expiry time >>>>> > Date expires = new Date(System.currentTimeMillis() + DURATION) >>>>> > Cookies.setCookie("sid", sessionID, expires, null, "/", false); >>>>> > >>>>> > } >>>>> > >>>>> > public void onSuccess(...) { >>>>> > ... >>>>> > // re-calculate the expiry time >>>>> > Date expires = new Date(System.currentTimeMillis() + DURATION) >>>>> > Cookies.setCookie("sid", sessionID, expires, null, "/", false); >>>>> > >>>>> > } >>>>> > >>>>> > May I know if there a more elegant way of doing this? >>>>> > >>>>> > -- >>>>> > >>>>> > Hez >>>>> >>>>> >>>> >>>> >>>> >>> >>> >>> -- >>> >>> Hez >>> >>> >>> >> >> >> > > > -- > > Hez > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
