I have people testing at different location by doing the same thing: 1. login to the same application; 2. without explicitly logout, close the browser window.
The results are different - in one case, the session is destroyed after 30 minutes; but in another case, the session stay active. Could this be related to browser setting? if so, what we can start to look into? thanks ________________________________ From: Rainer Jung <rainer.j...@kippdata.de> To: Tomcat Users List <users@tomcat.apache.org> Sent: Mon, September 27, 2010 11:42:56 AM Subject: Re: session won't timeout On 27.09.2010 20:16, Jing Chen wrote: > Hi, I have a web app running on JBoss. I have made sure the following: > > 1. /jbossweb-tomcat55.sar/conf/web.xml to set the session timeout as 30 >minutes: > <session-config> > <session-timeout>30</session-timeout> > </session-config> > > 2. I am using sessionCreated/sessionDestroyed and valueBound/valueUnbound to > monitor the active sessions in the system > > 3. there is no session-time setting in web.xml for the application since it has > been configured in the tomcat. > > For some reason, some user's session just won't timeout and showing active in > the system for days. The user has already closed the browser. > > What could be possible reasons for sessions being active for so long? Exceptions in your session listener, preventing the cleanup? Add logging to your listener and activate an access log in Tomcat, adding "%S" to the log format, so that for each request the session id gets logged. Then try to find out, which sessions (IDs) do not get invalidated and check the log whether you can find something special about them. Regards, Rainer --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
