> From: "Zabel, Ian" <[EMAIL PROTECTED]> > Sent: Tuesday, February 04, 2003 2:35 PM > Subject: RE: Sessions across browser restarts
> I believe that just controls the timeout of the session on the server, and > maybe the timeout of the cookies. To be more specific, I am asking about the > timeout of the jsessionid cookie on the client. Is it possible to control > these separately, i.e., set session-timeout to 30 minutes, but make the > jsessionid cookie expire when the browser is closed, or alternatively, make > the cookie expire in 30 minutes, so the user could close his browser, and > come back to the app later and still maintain his session. Yeah, you'll need to go into the core Session processing code I think to alter the attributes of the session tracking cookie, being as it's essentially opaque to the application (i.e. you know sessions exist, but you should not rely on the actual mechanism of how they are implemented). What this also means is that if you tweak the actual Session code within Tomcat, then your application will lose portability across containers. To pull it off, you might want to look at subclassing the stock Tomcat SessionManager (I think) class and using your version in the server.xml file. However, if you want this kind of functionality, and you want it portable, you'll need to write your own session management code for the attributes that you wish to persists past a browser closing. Of course, depending on the state your managing, this doesn't have to be an onnerous task. But it is a bit of a pain in the neck in a "reinventing the wheel" kind of way. Regards, Will Hartung ([EMAIL PROTECTED]) --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
