Comment from our engineer below.  This is resin 3.0 if it makes a difference.

> For the persistent session, the timeout is based on access time. So each new 
> request resets the timer for the default 30min.

Is he referring to the actual session object on the server or the session 
cookie in the browser?  Yes, each new request does reset the timer on the 
session object on the server, but we are not seeing the expiry date on the 
cookie being updated. I have tested this on a server using IE8, Firefox 3.6, 
and the latest Chrome build with Resin running solo and with Apache running as 
the front end, and the results are the same in all browsers.

When setting cookie-max-age in the session-config for the web app, the expiry 
date/time for the session's persistent cookie does not change on subsequent 
requests. I also verified that this behavior is exhibited.

resin-interest mailing list

Reply via email to