Craig R. McClanahan typed the following on 12:52 PM 2/10/2001 -0800
>This was discussed by the expert group for servlet 2.3, and Kief's
>understanding is what we came up with. In addition, that is what Section 7.6
>says in 2.3 PFD (emphasis is added):
>
> The getLastAccessedTime method of the HttpSession interface
> allows a servlet to determine the last time the session was
> accessed BEFORE the current request.
>
>Other subtleties:
>
>* The access time should be updated at the beginning of the request,
> rather than the end.
>
>* The session is considered "accessed" when the container recognizes
> that the request is part of a valid session, even if the application never
> calls request.getSession() on that particular request.
It doesn't look like we're doing this in Catalina 4.0, or am I missing something?
Session.access() only seems to be called when request.getSession() is called.
Also, if the access time is updated at the beginning of the request, what should
getLastAccessedTime() return? Let's say at the beginning of the request, the
access() method is called, and does:
this.lastAccessedTime = this.thisAccessedTime;
this.thisAccessedTime = System.currentTimeMillis();
Fine. But what happens after the request is complete, and the session expiration
thread calls getLastAccessedTime() to compare it against maxInactiveInterval, it
will be using the time of the request before the most recent request. So if request B
comes in 20 minutes after request A, the container will expire the session 10
minutes after the most recent request (assuming default values), since
getLastAccessedTime() will return the time that request A happened. What am I
missing?
Kief
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
