How to configure the session timeout in servlet

How to configure the session timeout in servlet

1) Timeout in the deployment descriptor (web.xml)

Using the deployment descriptor, you can only set the timeout in minutes:

<session-config>

    <session-timeout>1</session-timeout>

</session-config>

2) Timeout with setMaxInactiveInterval()

but using the HttpSession api you can set the session timeout in seconds for a servlet:

HttpSession session = request.getSession();

session.setMaxInactiveInterval(40*60);

if you dont want to kill session in java then write it in web.xml

  <session-config>

    <session-timeout>-1</session-timeout>

  </session-config>

           or

 <session-config>

    <session-timeout>0</session-timeout>

</session-config>

             or

<session-config>

    <session-timeout>1000</session-timeout>

</session-config>

if it is like

  <session-config>

    <session-timeout>30</session-timeout>

  </session-config>

here 30 is in minutes

So when the client doesn't visit the webapp anymore for over 30 minutes, then the servletcontainer will trash the session. Every subsequent request, even though with the cookie specified, will not have access to the same session anymore. The servletcontainer will create a new one.

Note 1:-The session-timeout element defines the default session timeout interval for all sessions created in this web application.

Note 1:- Default value is  30 minutes if you don’t configure session timeout.

 The specified timeout must be expressed in a whole number of minutes. If the timeout is 0 or less,

The container ensures the default behaviour of sessions is never to time out. If this element is not specified, the container must set its default timeout period.

You can use "-1" where the session never expires. Since you do not know how much time it will take for the thread to complete.

Keep Happy Learning

Thanks

Neeraj Srivastava