Hello list,
I have a problem with a tomcat 5.0.28 installation connected to IIS 6.0
(Windows 2003 server) with isapi_redirect.dll
Everything is working well, except for the session timeout.
The timeout is set to 60 minutes in the context's web.xml file
(60) which works great in many
On 15/09/05, Leon Rosenberg <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I don't know if this fits, but could it be, that your problem is
> related to the tomcat session synchronization bug?
>
> http://issues.apache.org/bugzilla/show_bug.cgi?id=36541
>
That does look like a potential issue. However, I
On 14/09/05, James Shaw <[EMAIL PROTECTED]> wrote:
> I have two issues relating to sessions:
>
> 1) Sessions seem to be expired too soon. This happens very
> infrequently for me (perhaps 1 in 1000 requests). I'm adding some
> HttpSessionListeners and HttpSessionAttributeListeners to attempt to
>
I have two issues relating to sessions:
1) Sessions seem to be expired too soon. This happens very
infrequently for me (perhaps 1 in 1000 requests). I'm adding some
HttpSessionListeners and HttpSessionAttributeListeners to attempt to
locate this problem, but have little to go on at the moment.
Hello,
within my web application i defined a session timeout of 30 minutes.
But some sessions strangly survive this timeout and keep being valid
until an explicit call to invalidate().
I already implemented a HttpSessionListener to keep track of session
creation, destruction, lastAccessedTime and
On 6/7/05, Harland, David <[EMAIL PROTECTED]> wrote:
> How do you set the session timeout in tomcat so that the session only
> timeouts when the browser is closed?
>
Possible solution may be to refresh the page frequently and set a
short interval for session time out. You might
> From: Harland, David [mailto:[EMAIL PROTECTED]
> How do you set the session timeout in tomcat so that the session only
> timeouts when the browser is closed?
You don't. There is no way in any Web architecture of reliably
detecting whether a browser has closed, or whether
How do you set the session timeout in tomcat so that the session only
timeouts when the browser is closed?
This e mail is from DLA Piper Rudnick Gray Cary UK LLP.
The contents of this email and any attachments are confidential to the intended
recipient. They may not be disclosed to or used by
Let's see...
(1) You are correct, it's nothing more than an entry in web.xml.
Remember, this isn't a Tomcat-specific thing, it's a J2EE thing (servlet
spec specifically I think), so it's YOUR APP'S web.xml. The entry is
simply:
com.company.app.MySessionListener
Assuming that class is availab
that sounds very useful, not something I've done before -- can I ask a
few questions -
1) how does one bind that into Tomcat -- declare a session listener in
(I presume) web.xml?
2) as I'm using Spring Framework, is this still relevant (or is there a
spring-specific way of binding in a session
Write a SessionListener... it has two methods, one that fires when a
session is created, one when it is destroyed. That should do the trick
for you. That's not a Tomcat-specific solution either, so it should be
rather portable should you ever need to move to another app server.
--
Frank W. Za
Hi,
I have an app that uploads user files in a temporary folder. I want to
delete them when the session ends. I know I could solve this with a
cron-job, but I'm looking for a way to solve it with Tomcat.
Does anyone have an idea how to solve it?
Thx for your help in advance,
cheers,
Robert
-
On 4/14/05, Jonathan Eric Miller <[EMAIL PROTECTED]> wrote:
> After looking at the code, it looks like the SSO session doesn't go away
> until all other sessions for the user have expired. So, as far as I can
> tell, the SSO session doesn't have it's own session
After looking at the code, it looks like the SSO session doesn't go away
until all other sessions for the user have expired. So, as far as I can
tell, the SSO session doesn't have it's own session timeout as far as I can
tell.
Jon
- Original Message -
From: "
After looking at the code, it looks like the SSO session doesn't go away
until all other sessions for the user have expired. So, as far as I can
tell, the SSO session doesn't have it's own session timeout as far as I can
tell.
Jon
- Original Message -
From: "
Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 14, 2005 10:13 AM
To: Tomcat Users List
Subject: Re: session-timeout
If more than idle for 30 minutes.
-Tim
Cédric Buschini wrote:
Hi every,
from web.xml:
30
Does the session-timeout refer to an idle
[mailto:[EMAIL PROTECTED]
Sent: Thursday, April 14, 2005 10:13 AM
To: Tomcat Users List
Subject: Re: session-timeout
If more than idle for 30 minutes.
-Tim
Cédric Buschini wrote:
> Hi every,
>
> from web.xml:
>
>30
>
>
> Does the session-timeout refer
If more than idle for 30 minutes.
-Tim
Cédric Buschini wrote:
Hi every,
from web.xml:
30
Does the session-timeout refer to an idle session or an "active" session ?
-
To unsubscribe, e-mail: [EMAIL PROT
Hi every,
from web.xml:
30
Does the session-timeout refer to an idle session or an "active" session ?
Thk in advance
Cedric
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-ma
Java Server Pages, 3rd Edition, O'Reilly - great book. I can send you an
example later tonight.
- Original Message -
From: Chris Bender <[EMAIL PROTECTED]>
Date: Wednesday, April 13, 2005 10:26 am
Subject: Running code on session timeout
> Hey,
>
> I have been lo
Hey,
I have been looking all over for a way to run code on a session time out.
Basically, before a session times out, I need to perform some functionality on
the data in that session. Ive read about Session Manager and Session
Listeners, but I have not been able to find any examples of how th
is is presumably for
the global session.
Jon
- Original Message -
From: "Peter Rossbach" <[EMAIL PROTECTED]>
To: "Tomcat Users List"
Sent: Tuesday, April 12, 2005 10:56 PM
Subject: Re: Way to specify SingleSignOn session timeout?
Look inside conf/web.xml
Look inside conf/web.xml
30
Peter
Jonathan Eric Miller schrieb:
I'm using the SingleSignOn valve with Tomcat 5.5.9. Does anyone know
what the default session timeout is set to? Is there a way to specify
this timeout?
I'm finding that sometimes my session will timeout
I'm using the SingleSignOn valve with Tomcat 5.5.9. Does anyone know what
the default session timeout is set to? Is there a way to specify this
timeout?
I'm finding that sometimes my session will timeout within an application,
but, it doesn't redisplay the login page. I want t
It is not my problem. I need to change it for only one servlet.
Thanks.
fed fin wrote:
you can set timeout from Tomcat Admin => Connections.
--- David Causse <[EMAIL PROTECTED]> wrote:
Hi,
I need in some exceptionnal condition to disable the
session timeout for
one request.
Is t
you can set timeout from Tomcat Admin => Connections.
--- David Causse <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I need in some exceptionnal condition to disable the
> session timeout for
> one request.
> Is there some convenient way to do so?
>
> My idea is to
Hi,
I need in some exceptionnal condition to disable the session timeout for
one request.
Is there some convenient way to do so?
My idea is to do this but I'm unsure :
In the exceptionnal servlet (at the beginning):
session.setAttribute("OLD_TIMEOUT"
Thanks Everybody!
=)
-Original Message-
From: Parsons Technical Services [mailto:[EMAIL PROTECTED]
Sent: Monday, January 31, 2005 12:56 PM
To: Tomcat Users List
Subject: Re: Edit session timeout
Yes.
Doug
- Original Message -
From: "Aris Javier" <[EMAIL P
Yes.
Doug
- Original Message -
From: "Aris Javier" <[EMAIL PROTECTED]>
To: "Tomcat Users List"
Sent: Sunday, January 30, 2005 11:53 PM
Subject: RE: Edit session timeout
Thanks Drew!
I found it.. =)
can I also use this setting per web app? by editing web.xml p
Thanks Drew!
I found it.. =)
can I also use this setting per web app? by editing web.xml per web app?
-Original Message-
From: Drew Jorgenson [mailto:[EMAIL PROTECTED]
Sent: Monday, January 31, 2005 12:41 PM
To: Tomcat Users List
Subject: RE: Edit session timeout
120
und there...
> can you give me an example on how to write it down in web.xml?
>
> thanks!
> aris
>
> -Original Message-
> From: Wendy Smoak [mailto:[EMAIL PROTECTED]
> Sent: Monday, January 31, 2005 12:25 PM
> To: Tomcat Users List
> Subject: Re: Edit sessio
> From: Aris Javier [mailto:[EMAIL PROTECTED]
> Subject: RE: Edit session timeout
>
> I looked at my web.xml, and no sessionTimeout found there...
> can you give me an example on how to write it down in web.xml?
Not sure what you meant by "my" web.xml, since, as Wendy
session timeout
From: "Aris Javier" <[EMAIL PROTECTED]>
> How to edit session timeout? Tomcat's default value is 30mins...
Look in web.xml instead of server.xml. You can change it for the entire
container, or on a per-webapp basis, depending on which web.xml you
edit.
(Works f
From: "Aris Javier" <[EMAIL PROTECTED]>
How to edit session timeout? Tomcat's default value is 30mins...
Look in web.xml instead of server.xml. You can change it for the entire
container, or on a per-webapp basis, depending on which web.xml you edit.
(Works for Tomcat 4.1,
Hello!
How to edit session timeout? Tomcat's default value is 30mins...
30 minutes of inactivity then a session will expire... In my apps,
i think 30minutes is too long.. i want 5 minutes of inactivity before
session expires...
is it in server.xml? i only see connectionTimeout which is
How about trying? Put this inside your in web.xml
10
The number within the session-timeout element must be expressed in minutes.
Works for me with the StandardManager, in tomcat 5
Trond
Freddy Villalba A. wrote:
Hi everybody,
Is it possible to configure the session timeout using the
Hi everybody,
Is it possible to configure the session timeout using the
org.apache.catalina.session.StandardManager Session Manager or am I forced
to use the Persistent Manager just for doing so?
(Tomcat v4.1)
Regards,
F
2004 22:37
> > To: Tomcat Users List
> > Subject: Re: RE: session-timeout means tomcat restart
> >
> >
> > We had a 'hung, and won't work without a reboot problem' and it
> > was two things - we had to update some driver for the intel
> >
sorry but no. what about the other points.
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Monday 08 November 2004 22:37
> To: Tomcat Users List
> Subject: Re: RE: session-timeout means tomcat restart
>
>
> We had a 'h
to them from the controller so that shouldn't be the
> > > problem... eh?
>
> You mention "controller". Are you using TC as-is, or are you using a
> framework such as struts or JSF by any chance?
>
> If you suspect that the problem is triggered by a closing
ve Kirk <[EMAIL PROTECTED]>
Date: Monday, November 8, 2004 4:19 pm
Subject: RE: session-timeout means tomcat restart
> Sorry for not replying sooner, I've been busy for a few days.
>
> Can you say more about the crashing? Any evidence from the logs?
> A bit
> difficult t
ouldn't be the
> > problem... eh?
You mention "controller". Are you using TC as-is, or are you using a
framework such as struts or JSF by any chance?
If you suspect that the problem is triggered by a closing session, why not
try shortening the session timeout to a shorter length and
>
>
> On Fri, 5 Nov 2004 13:03:27 -, Steve Kirk
> <[EMAIL PROTECTED]> wrote:
> >
> >
> >
> >
> > > -Original Message-
> > > From: Eric Wulff [mailto:[EMAIL PROTECTED]
> > > Sent: Friday 05 November 2004 07:01
> > &
gt; > From: Eric Wulff [mailto:[EMAIL PROTECTED]
> > Sent: Friday 05 November 2004 07:01
> > To: Tomcat Users List
> > Subject: session-timeout means tomcat restart
> >
> >
> > Hi, I'm experiencing 2 interesting problems that may be related to my
> > se
> -Original Message-
> From: Eric Wulff [mailto:[EMAIL PROTECTED]
> Sent: Friday 05 November 2004 07:01
> To: Tomcat Users List
> Subject: session-timeout means tomcat restart
>
>
> Hi, I'm experiencing 2 interesting problems that may be related to my
&
Hi, I'm experiencing 2 interesting problems that may be related to my
session timeout.
1. It seems that when my session times out I need to restart tomcat,
often just the application via reload in the manager, in order to gain
access to my db again. Could this be because I've been acc
Message-
From: Stephen Charles Huey [mailto:[EMAIL PROTECTED]
Sent: 15 July 2004 22:44
To: Tomcat User
Subject: session timeout: web.xml and setMaxInactiveInterval(int)
My web.xml has the following:
30
However, when a user logs in, the following code in our app gets
executed
My web.xml has the following:
30
However, when a user logs in, the following code in our app gets
executed:
HttpSession session = request.getSession(false);
session.setMaxInactiveInterval(7200);
I've been fiddling with the web.xml and didn't realize that other co
I do not remember where i can set session time our for a web-app? But i
think you must also set keepalive time, if i am not wrong :~))
-Original Message-
From: Matt Krone [mailto:[EMAIL PROTECTED]
Sent: Friday, June 18, 2004 5:49 PM
To: [EMAIL PROTECTED]
Subject: Session Timeout Error
The web application I developed has a session-timeout
setting of 10 minutes. When I authenticate with the
application using the web browser Mozila 1.6 the
session times out in 10 minutes. However, when I use
the web browser IE 6.0 the session does not time out
in 10 minutes. Any thoughts would
Jonathan Eric Miller wrote:
The strange thing is that this page seems to only intermittently be
displayed. i.e. it is catching the case where the session expires, but, in
some cases since I'm using container based security, it is going back to the
login page. Sometimes it goes to this page first, a
;[EMAIL PROTECTED]>
To: "Tomcat Users List" <[EMAIL PROTECTED]>
Sent: Friday, May 21, 2004 7:15 AM
Subject: Re: Session Timeout and "Direct Reference to login page"
> Jonathan Eric Miller wrote:
>
> > Yeah, that seems like it would work. I'm wondering if I
Jonathan Eric Miller wrote:
Yeah, that seems like it would work. I'm wondering if I could maybe use a
filter by itself though and not use the listener and do something like the
following.
1. Intercept all requests with a filter.
2. Get the HttpSession out of the request. Get the session ID by calli
I'm using "org.apache.catalina.authenticator.SingleSignOn" for single sign
on with container-based security.
I have a question about session time outs. When the session for a given
application times out, if a user attempts to access the application after
the session has timed out, the user should
described.
Jon
- Original Message -
From: "Ben Souther" <[EMAIL PROTECTED]>
To: "Tomcat Users List" <[EMAIL PROTECTED]>
Sent: Thursday, May 20, 2004 12:26 PM
Subject: Re: Session Timeout and "Direct Reference to login page"
> What was wrong with th
ote,
> the filter runs after the login page.
>
> It seems like there should be a generic way to handle this kind of thing
> that is well understood and known to work.
>
> Jon
>
> - Original Message -
> From: "Veniamin Fichin" <[EMAIL PROTECTED]>
>
Original Message -
From: "Veniamin Fichin" <[EMAIL PROTECTED]>
To: "Tomcat Users List" <[EMAIL PROTECTED]>
Sent: Thursday, May 20, 2004 2:59 AM
Subject: Re: Session Timeout and "Direct Reference to login page"
> Jonathan Eric Miller wrote:
>
>
expired session?
>
> Does anyone have example source code on how to do this?
>
> Jon
>
> - Original Message -
> From: "QM" <[EMAIL PROTECTED]>
> To: "Tomcat Users List" <[EMAIL PROTECTED]>
> Sent: Wednesday, May 19, 2004 3:16 PM
> Subje
Jonathan Eric Miller wrote:
Thanks. I think option #1 is what I'm looking for. What I don't understand
is what I need to do with the session listener though?
I don't understand how to determine whether the new session is truly new, or
if it's a new session because a previous session timed out. Coul
ession
has timed out. It seems like this should be a straight forward thing to do.
Am I missing something?
Jon
- Original Message -
From: "Renato Romano" <[EMAIL PROTECTED]>
To: "'Tomcat Users List'" <[EMAIL PROTECTED]>
Sent: Tuesday, March 02
}else{
// forward() to a "your session timed out" page
}
Is this what you're after?
Option #2: have each page meta-refresh to the "your session timed out"
page (set the refresh value 1 or 2 seconds beyond the session timeout).
This is more intrusive, though:
ent: Wednesday, May 19, 2004 2:58 PM
Subject: Re: Session Timeout and "Direct Reference to login page"
> Renato,
>
> Did you ever receive a response to this? I'm having the same problem.
>
> My current problem is slightly more complicated though. I have my
> applic
Tomcat behaves according to the Servlet/JSP specs.
It creates a new session if a request is made after the previous one expires.
It's not too difficult to write your own, I did.
-Write a session-timeout.jsp with a link to your login.
-Define a context-param in web.xml (session-timeout-pag
t;[EMAIL PROTECTED]>
To: "Tomcat Users List" <[EMAIL PROTECTED]>
Sent: Wednesday, May 19, 2004 3:16 PM
Subject: Re: Session Timeout and "Direct Reference to login page"
> On Wed, May 19, 2004 at 02:58:05PM -0500, Jonathan Eric Miller wrote:
> : All I want to do is dete
I have two problems i'm facing with every web application using
declarative security model, that is:
1) Detect that the user session has expired, and forward him to an
appropriate login page; Usually we build webapp in which the home page
shows a login form; to handle this, I use to make a "index.
I have two problems i'm facing with every web application using
declarative security model, that is:
1) Detect that the user session has expired, and forward him to an
appropriate login page;
Usually we build webapp in which the home page shows a login form; to
handle this, I use to make a "index.
Howdy,
You should read the specification for session timeout. You can't set it
for less than a minute using web.xml. The default is 30 minutes.
Yoav Shapira
Millennium ChemInformatics
>-Original Message-
>From: Mufaddal Khumri [mailto:[EMAIL PROTECTED]
>Sent: Tuesd
Whats the default value set for session timeout?? (tomcat 4.1.29)?
ie if I do not specify the session-timeout whats the default ?
Thanks
On Jan 20, 2004, at 3:30 PM, Filip Hanik wrote:
in web.xml in your web application (WEB-INF/web.xml)
Filip
- Original Message -
From: "Muf
1
Can we set the session-timeout less than a minute?
Thanks
On Jan 20, 2004, at 3:30 PM, Filip Hanik wrote:
in web.xml in your web application (WEB-INF/web.xml)
Filip
- Original Message -
From: "Mufaddal Khumri" <[EMAIL PROTECTED]>
To: &q
in web.xml in your web application (WEB-INF/web.xml)
Filip
- Original Message -
From: "Mufaddal Khumri" <[EMAIL PROTECTED]>
To: "Tomcat Users List" <[EMAIL PROTECTED]>
Sent: Tuesday, January 20, 2004 2:27 PM
Subject: How to set session timeout?
>
From where can you set the session timeout ? In other words where in
Tomcat can you control the session timeout ?
Thanks
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Perhaps because in the web.xml you specify the value in minutes, and in
the code the method getMaxInactiveInterval() retrieves the time in seconds??
;-)
Vitor
Chris Wahl wrote:
>Hi,all
>
>I am using TC4.0.6,
>After I setting session timeout to -1 by adding following in
>web.xml
Hi,all
I am using TC4.0.6,
After I setting session timeout to -1 by adding following in
web.xml:
-1
In a servlet of the same web module I get such interesting output:
hs.getMaxInactiveInterval() = -60 // hs is HttpSession
My question is, why "-1" is replaced by "
No sorry, was just an idea :(
> -Original Message-
> From: Michael Cardon [mailto:[EMAIL PROTECTED]
> Sent: 07 Януари 2004 г. 17:51
> To: Tomcat Users List
> Subject: RE: Warning of session timeout.
>
>
> Do you know of any Java Applets out there that I could
Do you know of any Java Applets out there that I could look at for examples?
Thanks.
Michael
-Original Message-
From: Altankov Peter [mailto:[EMAIL PROTECTED]
Sent: Wednesday, January 07, 2004 6:23 AM
To: Tomcat Users List
Subject: RE: Warning of session timeout.
And ofcourse, if you
: Warning of session timeout.
Hello,
When I'm doing online banking over the internet, I get a popup notice telling me my
session is about to expire and asking me if I want to stay logged in or not.
How do they do this? I would like to offer the same kind of message on our web site
to our
Howdy,
Probably a simple javascript function that fires off a popup a few
minutes before the configured session timeout. Trivial (and not
specific to java) to implement.
Yoav Shapira
Millennium ChemInformatics
>-Original Message-
>From: Michael Cardon [mailto:[EMAIL PROTECTED]
I guess you could get the desired result using JavaScript
locally to count down from when the page is last sent.
Just a suggestion.
Best regards
Chris
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail:
Hello,
When I'm doing online banking over the internet, I get a popup notice
telling me my session is about to expire and asking me if I want to stay
logged in or not.
How do they do this? I would like to offer the same kind of message on our
web site to our users when the session is about to ex
Hi,
I can increase the session timeout for a webapp by putting the following
in the webapp's web.xml file:
120
I can get SingleSignOn is working so that I can move between webapps
without logging in to each.
The probelm is that once I turn on SingleSignOn my session
At 07:08 AM 11/25/2003, you wrote:
Ben,
Thanks for the reply. But I'm still unclear on why setting the
timeout won't work for my situation. What is the difference between an
effectively idle session timing out, and "cancelling" a request?
Of course I agree that fixing the root problem would
A session timeout just means that the next time you hit the site with the same
browser, you will be assigned a new JSPSessionID to bind that transaction
with your session object. It would do nothing to stop a request that's hung.
Think of a "request" as one hit to a server and
r's session object and then retrieve
them on subsequent hits from that user's browser. The session-timeout
attribute allows you to explicitly set the length of your webapps sessions.
The default is 30 mins.
You're trying cancel a particular request. I don't think that can be d
quent hits from that user's browser. The session-timeout
attribute allows you to explicitly set the length of your webapps sessions.
The default is 30 mins.
You're trying cancel a particular request. I don't think that can be done in
tomcat (someone will correct me if I'm wro
Hi,
I'm a relatively new Tomcat user, running 4.0.4 (testing on Windows, deploying on
Sun UNIX). The UNIX servlet is having rare problems "hanging", for which the exact
cause is unknown.
I'm trying to see if a session timeout can solve the problem, but have not been abl
> -Original Message-
> From: Hayo Schmidt [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, October 08, 2003 11:07 AM
> To: Tomcat Users List
> Subject: Re: How do i handle session-timeout in an acceptable manner?
>
>
> Shapira, Yoav schrieb:
>
> >>
Shapira, Yoav schrieb:
I have implemented this workaround:
As for this workaround, why wouldn't it work with future tomcat
versions? There's nothing tomcat-specific in it, much less tomcat
4.1.x-specific.
Yoav Shapira
A different servlet engine could use a POST instead of a GET to cont
request was received the controllers id is
passed in along with the action.
Hope this helps
Thanks
Pete
-Original Message-
From: Mark W. Webb [mailto:[EMAIL PROTECTED]
Sent: 07 October 2003 14:49
To: Tomcat Users List
Subject: Re: auto refresh pages and session timeout
I would like to
Message-
From: David Rees [mailto:[EMAIL PROTECTED]
Sent: 06 October 2003 21:51
To: [EMAIL PROTECTED]
Subject: Re: auto refresh pages and session timeout
On Mon, October 6, 2003 1at 1:12 am, Mark W. Webb sent the following
Is there a way to implement ""
tag in HTML and stil
: 06 October 2003 21:51
To: [EMAIL PROTECTED]
Subject: Re: auto refresh pages and session timeout
On Mon, October 6, 2003 1at 1:12 am, Mark W. Webb sent the following
> Is there a way to implement ""
tag in HTML and still have the ability to timeout a session after X
number of minutes ?
On Mon, October 6, 2003 1at 1:12 am, Mark W. Webb sent the following
> Is there a way to implement ""
tag in HTML and still have the ability to timeout a session after X
number of minutes ? Would there have to be some logic in place for the
servlet that changes the session time
Is there a way to implement ""
tag in HTML and still have the ability to timeout a session after X
number of minutes ? Would there have to be some logic in place for the
servlet that changes the session timeout for every refres
Howdy,
>> The problem with your solution is, that the application does not know
>> where to continue after the login page. This will result in an error.
>If you want your login page to redirect you back to the page that the
>user timed out on, then why don't you just add a hint to the login url
>
the request to
> some kind of informational message.
>
> Of course there can't be any guarantee this works with coming
> versions
> of Tomcat. So i would like to have an general solution.
>
> Hayo Schmidt
>
> ---------
>
f Tomcat. So i would like to have an general solution.
Hayo Schmidt
-
Shapira, Yoav wrote:
Howdy,
Here's an idea: add an HTML META refresh tag to each page whose redirect
URL is the login page and whose timeout is the session timeout less a
few sec
Howdy,
Here's an idea: add an HTML META refresh tag to each page whose redirect
URL is the login page and whose timeout is the session timeout less a
few seconds. That way the user will get redirected to the login page
before the session timeout -- they won't be able to press the sub
I have a built a web application on Tomcat 4.1.18. The application is
running with a HTTPS connection. session-timeout is configured and works
so far. But i am absolutely not satisfied with what happens when a
timeout occurs.
The web application is configured for form based authentication. When
specification is the only authority on this, misleading
> books should be tossed aside. SRV.7.5 is clear, session timeout is for
> inactivity, not total duration, as Senor Curwen opined.
>
> The first part of his message, using $CATALINA_HOME/conf/web.xml, I
> would discourage, as it
gt; basis, unless overriden at a lower level.
>
> FWIW, I've always understood session-timeout to mean "after a period of
> inactivity". I mean really... how useful would sessions be if they
> logged you out after n minutes, no matter your activity level? Talk
> about frustra
Howdy,
The servlet specification is the only authority on this, misleading
books should be tossed aside. SRV.7.5 is clear, session timeout is for
inactivity, not total duration, as Senor Curwen opined.
The first part of his message, using $CATALINA_HOME/conf/web.xml, I
would discourage, as it
1 - 100 of 284 matches
Mail list logo