Hi, We are experiencing a strange problem with session timeout.
We run a servlet based web application where the main window refreshes itself after 25 minutes (1500 secs) if unchanged. The session timeout in web.xml is set to 30 minutes (1800 secs). The refresh is to keep the session tracking alive, so the user is not logged out as long as the main window is open. In the session we have a single object (params) that implements HttpSessionBindingListener in order to initialize and cleanup the params. Problem: Run locally (JBuilder6, Tomcat 3.2.3, winXP, java1.4.0, servletAPI 2.2) and on internal test server (Tomcat 3.2.3 standalone, win2K, java1.4.0, servletAPI 2.2) sessions are kept alive fine. But when deployed on our production server (Tomcat 3.2.3 standalone, win2K, java1.4.0, servletAPI 2.2) the session is unbound after approx. 3300 seconds and following sessions after 1800 seconds..?? (same window refreshing itself). I have made a simple test Servlet (see below), which behaves the same way. Any input will be much appreciated. Best regards HC Hammerstoft package net.defgo.test; import javax.servlet.http.*; import java.io.PrintWriter; import java.util.Date; import java.text.SimpleDateFormat; public class TestServlet extends HttpServlet { private static final SimpleDateFormat timeFormatter = new SimpleDateFormat("HH:mm:ss"); //Service the request public void doGet(HttpServletRequest request, HttpServletResponse response) { try { response.setContentType("text/html"); PrintWriter out = response.getWriter(); HttpSession session = request.getSession(); BoundObjectSerializable boSession = (BoundObjectSerializable) session.getAttribute("boSessionDef"); if (boSession == null) { boSession = new BoundObjectSerializable("js version"); session.setAttribute("boSessionDef", boSession); System.out.println(timeFormatter.format(new Date()) + ", boSession = " + boSession + " created"); } System.out.println(timeFormatter.format(new Date()) + ", id=" + session.getId()); response.setDateHeader("Expires", 0); response.setHeader("Pragma", "no-cache"); if (request.getProtocol().equals("HTTP/1.1")) { response.setHeader("Cache-Control", "no-cache"); } out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\" \"http://www.w3.org/TR/REC-html40/loose.dtd\">"); out.println("<html>"); out.println("<head>"); out.println("<meta name=\"Language\" content=\"da,en-us\">"); out.println("<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">"); out.println("<script language=\"JavaScript\"><!--"); out.println("var tID = '';\n"); out.println("function executeTimer() {"); out.println(" location.href = '" + response.encodeURL(request.getRequestURI()) + "';"); out.println("}"); out.println("//--></script>\n"); out.println("</head>"); out.println("<body onLoad=\"tID = setTimeout('executeTimer()',1500000)>"); // 1500 secs = 25 min out.println("<p>msg = " + boSession.getSomething() + "</p>"); out.println("</body>"); out.println("</html>"); out.close(); } catch (Exception e) { e.printStackTrace(System.out); } // catch } } package net.defgo.test; import javax.servlet.http.HttpSessionBindingListener; import javax.servlet.http.HttpSessionBindingEvent; import java.text.SimpleDateFormat; import java.util.Date; import java.io.Serializable; public class BoundObjectSerializable implements HttpSessionBindingListener, Serializable { private static final SimpleDateFormat timeFormatter = new SimpleDateFormat("HH:mm:ss"); private String something = null; private int counter; private long started; public BoundObjectSerializable(String something) { this.something = something; started = System.currentTimeMillis(); } public String getSomething() { return something + " counter=" + counter++ + " session duration = " + (System.currentTimeMillis() - started)/1000 + " secs"; } public void valueBound (HttpSessionBindingEvent event) { System.out.println (timeFormatter.format(new Date()) + ", valueBound: I've been bound to \"" + event.getName () + "\" for session id: " + (event.getSession()).getId ()); } public void valueUnbound (HttpSessionBindingEvent event) { System.out.println (timeFormatter.format(new Date()) + ", valueUnbound: I've been unbound from \"" + event.getName () + "\" for session id: " + (event.getSession ()).getId () + " session duration = " + (System.currentTimeMillis() - started)/1000 + " secs" ); } } which outputs something like this: 13:43:05, valueBound: I've been bound to "boSessionDef" for session id: g5atkj09w1 13:43:05, boSession = net.defgo.test.BoundObjectSerializable@d7bd04 created 13:43:05, id=g5atkj09w1 14:08:06, id=g5atkj09w1 14:33:06, id=g5atkj09w1 14:39:00, valueUnbound: I've been unbound from "boSessionDef" for session id: g5atkj09w1 session duration = 3354 secs 14:58:06, valueBound: I've been bound to "boSessionDef" for session id: n0qfzs20f1 14:58:06, boSession = net.defgo.test.BoundObjectSerializable@18a0a8 created 14:58:06, id=n0qfzs20f1 15:23:06, id=n0qfzs20f1 15:29:02, valueUnbound: I've been unbound from "boSessionDef" for session id: n0qfzs20f1 session duration = 1855 secs 15:48:06, valueBound: I've been bound to "boSessionDef" for session id: zycloj3631 15:48:06, boSession = net.defgo.test.BoundObjectSerializable@afccbe created 15:48:06, id=zycloj3631 16:13:07, id=zycloj3631 16:19:03, valueUnbound: I've been unbound from "boSessionDef" for session id: zycloj3631 session duration = 1856 secs etc. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>