There are a number of ways this can be handled. You can set your timeout at a larger value but then you can have memory bloat if there are to many sessions. You can also create an object that implements the HttpSessionListener or HttpSessionBindingListener interface. When the user logs in place this object in their session, this object being the user object you want to save or the state you want to save. Be sure it implements one of both of those interfaces. Then when the container attempts to remove or destroy the session you can save the users data either to the database or serialize it somewhere to flat file, that's up to you. You can then as a part of the login process on your site check for serialized user data somewhere (database or flat file depending on how you implemented) and load that data back into their session. That way you don't lose any data they may have saved.
Hope this helps some ... don't be afraid of sessions, just make sure you intelligently manage them. Sean Enrique Rodriguez wrote: > Hi Nicolas, > > First of all, thank you very much for your response. > > What about the session timeout??? I don't like websites that if you left it > for ten minutes you have to login again. > > Is there any way to do a site without take care of session timeouts?? > > Regards, and pardon for my english. > > Enrique. > > _____________________________ > Enrique Rodriguez Lasterra > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>