Thanks, Jacques. Apart from the hardcoded thing, I am not able to override the session timeout value using <session-timeout> tag in web.xml.
On Tue, Jan 8, 2019 at 1:55 PM Jacques Le Roux <jacques.le.r...@les7arts.com> wrote: > Hi Deepak, > > You are right, it's hardcoded and should not. I have no time to go further > at the moment, but I'll ASAP > > Thanks > > Jacques > > Le 08/01/2019 à 06:10, Deepak Nigam a écrit : > > Hello all, > > > > I tried to set the session timeout for the 'ecommerce' and the > > 'webtools' components using <session-config> of web.xml, but unable to do > > so. Session for the logged-in user remains active even after the set > time. > > > > On further research, I found that we did some changes in this area in the > > ticket OFBIZ-6655 <https://issues.apache.org/jira/browse/OFBIZ-6655>. We > > have hard coded the session timeout (1 hr) in the sessionCreated() method > > of ControlEventListner class. As per the comments in the Jira ticket, > > session timeout declarations in web.xml have been removed by the use > > of @WebListner annotation. This is to avoid duplicates things everywhere > in > > web.xml files. Since the web.xml files have precedence on annotations, > the > > setting can be easily overridden when necessary. > > > > But the @WebListner is missing in the ControlEventListner class. Also, I > am > > unable to override the session timeout in web.xml even after putting the > > @WebListner annotation in ControlEventListner class. > > > > Please let me know if this is a real issue or I am doing something wrong? > > > > Thanks & Regards > > -- > > Deepak Nigam > > HotWax Systems Pvt. Ltd. > > >