Hello and thank you for that (all),
Originally,
request.getSession().setMaxInactiveInterval(-1);
was set. After some deliberation (not a lot), I opted for setting the session to time
out, defined in web.xml:
<session-config>
<session-timeout>1</session-timeout>
</session-config>
After defining the above, setting a value in the session, restarting TC, and running
my app, why does it continue to persist well after the session-timeout has elapsed?
When the session is timed out, is the current session invalidated and a new one
created? Hence all fields set in the original should be null? (the “true” attribute
(below) persists well past one minute)
Thanks again
G.
Code:
(servlet)
request.getSession().setAttribute("sessionStatus", "true");
(JSP)
String sessionStatus = (String) request.getSession().getAttribute("sessionStatus");
out.println("alert('sessionStatus: " + sessionStatus + "');");
1. Reduce the session timeout.
2. Store less stuff in the session so that it's not such a memory drain.
3. Beg your customers to logout before leaving your app. ;)
---------------------------------
Yahoo! Messenger - Communicate instantly..."Ping" your friends today! Download
Messenger Now
