Re: Keeping a session active with ajax
I was able to warm-up HttpSession by adding `fetch('...', {cache: "no-store"})` to JS code So there should be no problems with AJAX :) On Tue, 16 Mar 2021 at 01:45, Martin Grigorov wrote: > > Chris, > > On Mon, Mar 15, 2021, 18:28 Christopher Schultz < > ch...@christopherschultz.net> wrote: > > > Martin, > > > > On 3/15/21 04:08, Martin Grigorov wrote: > > > Hi Maxim, > > > > > > On Mon, Mar 15, 2021 at 9:46 AM Maxim Solodovnik > > > wrote: > > > > > >> Maybe offtopic > > >> but websocket requests seems to not warming up the HttpSession > > >> > > > > > > The websocket messages do not bring the JSESSIONID cookie/request > > parameter > > > and there is no way to lookup the http session from the web container > > > (Tomcat). > > > Wicket creates a copy of the HttpSession at WebSocket connection creation > > > time and uses it until the closing of the connection. > > > So, yes, the real http session may expire if you use only websocket based > > > communication. > > > > Yes, but that's not AJAX, as the OP mentioned. Perhaps "AJAX" just means > > "communication using javascript without 'traditional' navigation". > > > > Did you read my first answer and Maxim's email? > > > > Thanks, > > -chris > > >> Tomcat 9.0.44 > > >> Wicket 9.2.0 :) > > >> > > >> On Mon, 15 Mar 2021 at 14:43, Martin Grigorov > > >> wrote: > > >>> > > >>> Hi, > > >>> > > >>> Which version of Tomcat ? > > >>> > > >>> On Mon, Mar 15, 2021 at 8:25 AM Jerry Malcolm > > >>> wrote: > > >>> > > In my app a logged in user will access a page. But then all of the > > interaction on the page is done back and forth with ajax calls to the > > server. The ajax activities within the page could last well over the > > >> 30 > > minute session timeout. Even though the user has been actively working > > for 30-45 minutes with lots of server calls, all of a sudden they > > >> aren't > > logged in any more. The ajax calls are definitely successfully > > accessing the session since the ajax APIs utilize the logged on user, > > roles, etc. They just aren't pinging the keep-alive bit in the > > session > > for some reason. I'm not really sure what would be different in the > > calls from a regular page call from the browser vs an ajax call. They > > both make a request that goes to a servlet or jsp and they both get > > response data back from tomcat. But the session times out if I don't > > >> do > > a real page call. What am I missing? > > > > >>> > > >>> Nothing! > > >>> Any request that uses the HttpSession > > >>> (HttpServletRequest.getHttpSession(true)) will "touch" the session and > > >>> update its "lastUsed" time, so it should not time out during active > > usage > > >>> of the application. > > >>> There must be something else that invalidates the http session. > > >>> > > >>> > > > > I really don't want to change the 'inactivity' timeout. I just need > > to > > figure out how to tell tomcat with all of the ajax calls that the > > session is still very active. Is there an easy solution? > > > > Thx > > > > Jerry > > > > BTW... TC 8.5 > > > > > > - > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > >> > > >> > > >> > > >> -- > > >> Best regards, > > >> Maxim > > >> > > >> - > > >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > >> For additional commands, e-mail: users-h...@tomcat.apache.org > > >> > > >> > > > > > > > - > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > -- Best regards, Maxim - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Keeping a session active with ajax
Chris, On Mon, Mar 15, 2021, 18:28 Christopher Schultz < ch...@christopherschultz.net> wrote: > Martin, > > On 3/15/21 04:08, Martin Grigorov wrote: > > Hi Maxim, > > > > On Mon, Mar 15, 2021 at 9:46 AM Maxim Solodovnik > > wrote: > > > >> Maybe offtopic > >> but websocket requests seems to not warming up the HttpSession > >> > > > > The websocket messages do not bring the JSESSIONID cookie/request > parameter > > and there is no way to lookup the http session from the web container > > (Tomcat). > > Wicket creates a copy of the HttpSession at WebSocket connection creation > > time and uses it until the closing of the connection. > > So, yes, the real http session may expire if you use only websocket based > > communication. > > Yes, but that's not AJAX, as the OP mentioned. Perhaps "AJAX" just means > "communication using javascript without 'traditional' navigation". > Did you read my first answer and Maxim's email? > Thanks, > -chris > >> Tomcat 9.0.44 > >> Wicket 9.2.0 :) > >> > >> On Mon, 15 Mar 2021 at 14:43, Martin Grigorov > >> wrote: > >>> > >>> Hi, > >>> > >>> Which version of Tomcat ? > >>> > >>> On Mon, Mar 15, 2021 at 8:25 AM Jerry Malcolm > >>> wrote: > >>> > In my app a logged in user will access a page. But then all of the > interaction on the page is done back and forth with ajax calls to the > server. The ajax activities within the page could last well over the > >> 30 > minute session timeout. Even though the user has been actively working > for 30-45 minutes with lots of server calls, all of a sudden they > >> aren't > logged in any more. The ajax calls are definitely successfully > accessing the session since the ajax APIs utilize the logged on user, > roles, etc. They just aren't pinging the keep-alive bit in the > session > for some reason. I'm not really sure what would be different in the > calls from a regular page call from the browser vs an ajax call. They > both make a request that goes to a servlet or jsp and they both get > response data back from tomcat. But the session times out if I don't > >> do > a real page call. What am I missing? > > >>> > >>> Nothing! > >>> Any request that uses the HttpSession > >>> (HttpServletRequest.getHttpSession(true)) will "touch" the session and > >>> update its "lastUsed" time, so it should not time out during active > usage > >>> of the application. > >>> There must be something else that invalidates the http session. > >>> > >>> > > I really don't want to change the 'inactivity' timeout. I just need > to > figure out how to tell tomcat with all of the ajax calls that the > session is still very active. Is there an easy solution? > > Thx > > Jerry > > BTW... TC 8.5 > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > >> > >> > >> > >> -- > >> Best regards, > >> Maxim > >> > >> - > >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > >> For additional commands, e-mail: users-h...@tomcat.apache.org > >> > >> > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Keeping a session active with ajax
On 3/15/2021 2:42 AM, Martin Grigorov wrote: Hi, Which version of Tomcat ? I'm running Tomcat 8.5.30 on AWS Linux 2. On Mon, Mar 15, 2021 at 8:25 AM Jerry Malcolm wrote: In my app a logged in user will access a page. But then all of the interaction on the page is done back and forth with ajax calls to the server. The ajax activities within the page could last well over the 30 minute session timeout. Even though the user has been actively working for 30-45 minutes with lots of server calls, all of a sudden they aren't logged in any more. The ajax calls are definitely successfully accessing the session since the ajax APIs utilize the logged on user, roles, etc. They just aren't pinging the keep-alive bit in the session for some reason. I'm not really sure what would be different in the calls from a regular page call from the browser vs an ajax call. They both make a request that goes to a servlet or jsp and they both get response data back from tomcat. But the session times out if I don't do a real page call. What am I missing? Nothing! Any request that uses the HttpSession (HttpServletRequest.getHttpSession(true)) will "touch" the session and update its "lastUsed" time, so it should not time out during active usage of the application. There must be something else that invalidates the http session. I really don't want to change the 'inactivity' timeout. I just need to figure out how to tell tomcat with all of the ajax calls that the session is still very active. Is there an easy solution? Thx Jerry BTW... TC 8.5 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Keeping a session active with ajax
Martin, On 3/15/21 04:08, Martin Grigorov wrote: Hi Maxim, On Mon, Mar 15, 2021 at 9:46 AM Maxim Solodovnik wrote: Maybe offtopic but websocket requests seems to not warming up the HttpSession The websocket messages do not bring the JSESSIONID cookie/request parameter and there is no way to lookup the http session from the web container (Tomcat). Wicket creates a copy of the HttpSession at WebSocket connection creation time and uses it until the closing of the connection. So, yes, the real http session may expire if you use only websocket based communication. Yes, but that's not AJAX, as the OP mentioned. Perhaps "AJAX" just means "communication using javascript without 'traditional' navigation". Thanks, -chris Tomcat 9.0.44 Wicket 9.2.0 :) On Mon, 15 Mar 2021 at 14:43, Martin Grigorov wrote: Hi, Which version of Tomcat ? On Mon, Mar 15, 2021 at 8:25 AM Jerry Malcolm wrote: In my app a logged in user will access a page. But then all of the interaction on the page is done back and forth with ajax calls to the server. The ajax activities within the page could last well over the 30 minute session timeout. Even though the user has been actively working for 30-45 minutes with lots of server calls, all of a sudden they aren't logged in any more. The ajax calls are definitely successfully accessing the session since the ajax APIs utilize the logged on user, roles, etc. They just aren't pinging the keep-alive bit in the session for some reason. I'm not really sure what would be different in the calls from a regular page call from the browser vs an ajax call. They both make a request that goes to a servlet or jsp and they both get response data back from tomcat. But the session times out if I don't do a real page call. What am I missing? Nothing! Any request that uses the HttpSession (HttpServletRequest.getHttpSession(true)) will "touch" the session and update its "lastUsed" time, so it should not time out during active usage of the application. There must be something else that invalidates the http session. I really don't want to change the 'inactivity' timeout. I just need to figure out how to tell tomcat with all of the ajax calls that the session is still very active. Is there an easy solution? Thx Jerry BTW... TC 8.5 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- Best regards, Maxim - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Keeping a session active with ajax
Hi Maxim, On Mon, Mar 15, 2021 at 9:46 AM Maxim Solodovnik wrote: > Maybe offtopic > but websocket requests seems to not warming up the HttpSession > The websocket messages do not bring the JSESSIONID cookie/request parameter and there is no way to lookup the http session from the web container (Tomcat). Wicket creates a copy of the HttpSession at WebSocket connection creation time and uses it until the closing of the connection. So, yes, the real http session may expire if you use only websocket based communication. Martin P.S. Congrats for Apache OpenMeetings 6.0! > > Tomcat 9.0.44 > Wicket 9.2.0 :) > > On Mon, 15 Mar 2021 at 14:43, Martin Grigorov > wrote: > > > > Hi, > > > > Which version of Tomcat ? > > > > On Mon, Mar 15, 2021 at 8:25 AM Jerry Malcolm > > wrote: > > > > > In my app a logged in user will access a page. But then all of the > > > interaction on the page is done back and forth with ajax calls to the > > > server. The ajax activities within the page could last well over the > 30 > > > minute session timeout. Even though the user has been actively working > > > for 30-45 minutes with lots of server calls, all of a sudden they > aren't > > > logged in any more. The ajax calls are definitely successfully > > > accessing the session since the ajax APIs utilize the logged on user, > > > roles, etc. They just aren't pinging the keep-alive bit in the session > > > for some reason. I'm not really sure what would be different in the > > > calls from a regular page call from the browser vs an ajax call. They > > > both make a request that goes to a servlet or jsp and they both get > > > response data back from tomcat. But the session times out if I don't > do > > > a real page call. What am I missing? > > > > > > > Nothing! > > Any request that uses the HttpSession > > (HttpServletRequest.getHttpSession(true)) will "touch" the session and > > update its "lastUsed" time, so it should not time out during active usage > > of the application. > > There must be something else that invalidates the http session. > > > > > > > > > > I really don't want to change the 'inactivity' timeout. I just need to > > > figure out how to tell tomcat with all of the ajax calls that the > > > session is still very active. Is there an easy solution? > > > > > > Thx > > > > > > Jerry > > > > > > BTW... TC 8.5 > > > > > > > > > - > > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > > > > > -- > Best regards, > Maxim > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Keeping a session active with ajax
Maybe offtopic but websocket requests seems to not warming up the HttpSession Tomcat 9.0.44 Wicket 9.2.0 :) On Mon, 15 Mar 2021 at 14:43, Martin Grigorov wrote: > > Hi, > > Which version of Tomcat ? > > On Mon, Mar 15, 2021 at 8:25 AM Jerry Malcolm > wrote: > > > In my app a logged in user will access a page. But then all of the > > interaction on the page is done back and forth with ajax calls to the > > server. The ajax activities within the page could last well over the 30 > > minute session timeout. Even though the user has been actively working > > for 30-45 minutes with lots of server calls, all of a sudden they aren't > > logged in any more. The ajax calls are definitely successfully > > accessing the session since the ajax APIs utilize the logged on user, > > roles, etc. They just aren't pinging the keep-alive bit in the session > > for some reason. I'm not really sure what would be different in the > > calls from a regular page call from the browser vs an ajax call. They > > both make a request that goes to a servlet or jsp and they both get > > response data back from tomcat. But the session times out if I don't do > > a real page call. What am I missing? > > > > Nothing! > Any request that uses the HttpSession > (HttpServletRequest.getHttpSession(true)) will "touch" the session and > update its "lastUsed" time, so it should not time out during active usage > of the application. > There must be something else that invalidates the http session. > > > > > > I really don't want to change the 'inactivity' timeout. I just need to > > figure out how to tell tomcat with all of the ajax calls that the > > session is still very active. Is there an easy solution? > > > > Thx > > > > Jerry > > > > BTW... TC 8.5 > > > > > > - > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > -- Best regards, Maxim - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Keeping a session active with ajax
Hi, Which version of Tomcat ? On Mon, Mar 15, 2021 at 8:25 AM Jerry Malcolm wrote: > In my app a logged in user will access a page. But then all of the > interaction on the page is done back and forth with ajax calls to the > server. The ajax activities within the page could last well over the 30 > minute session timeout. Even though the user has been actively working > for 30-45 minutes with lots of server calls, all of a sudden they aren't > logged in any more. The ajax calls are definitely successfully > accessing the session since the ajax APIs utilize the logged on user, > roles, etc. They just aren't pinging the keep-alive bit in the session > for some reason. I'm not really sure what would be different in the > calls from a regular page call from the browser vs an ajax call. They > both make a request that goes to a servlet or jsp and they both get > response data back from tomcat. But the session times out if I don't do > a real page call. What am I missing? > Nothing! Any request that uses the HttpSession (HttpServletRequest.getHttpSession(true)) will "touch" the session and update its "lastUsed" time, so it should not time out during active usage of the application. There must be something else that invalidates the http session. > > I really don't want to change the 'inactivity' timeout. I just need to > figure out how to tell tomcat with all of the ajax calls that the > session is still very active. Is there an easy solution? > > Thx > > Jerry > > BTW... TC 8.5 > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Keeping a session active with ajax
In my app a logged in user will access a page. But then all of the interaction on the page is done back and forth with ajax calls to the server. The ajax activities within the page could last well over the 30 minute session timeout. Even though the user has been actively working for 30-45 minutes with lots of server calls, all of a sudden they aren't logged in any more. The ajax calls are definitely successfully accessing the session since the ajax APIs utilize the logged on user, roles, etc. They just aren't pinging the keep-alive bit in the session for some reason. I'm not really sure what would be different in the calls from a regular page call from the browser vs an ajax call. They both make a request that goes to a servlet or jsp and they both get response data back from tomcat. But the session times out if I don't do a real page call. What am I missing? I really don't want to change the 'inactivity' timeout. I just need to figure out how to tell tomcat with all of the ajax calls that the session is still very active. Is there an easy solution? Thx Jerry BTW... TC 8.5 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org