It seems that Tomcat 5.5.17 (and earlier) has had some sort of problem
in timing out sessions. I'm not sure if it would clean itself up if the
person really came back and did another HTTP transaction or not, but
I've noted that Tomcat Manager will show sessions that are have been
idle much longer than the session timeout value (based on the "last
access timestamp" in the session).
Our application also has a registered listener HttpSessionListener and
we've seen that these old sessions do not trigger that callback either
as we also list the session as active.
As for suggestion (1), this won't matter and 30 minutes is the default.
As for suggestion (4), this could clearly create extra sessions for
those few who don't allow session cookies, but even those sessions
should time out.
David
Pid wrote:
1) Lower your session timeout.
2) How are you measuring/calculating statistics?
3) Which version of Tomcat?
4) Are you url encoding all of your links?
Christer Nordvik wrote:
Hi!
I've got a website with pretty low traffic (200 visitors a day).
Lately it's
been very slow and when I look in Tomcat's manager it says that it
has a lot
of sessions.
Once I had 13000(!) active sessions. The session timeout is set to 30
minutes.
How can this happen? Isn't this something that Tomcat should handle
itself?
Can it be related to my code somehow? I have only basic JSP/Servlet
stuff so
nothing fancy going on.
Any help would be very appreciated!
-Christer
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
