On Fri, 31 Aug 2001, PHAM,TAM (HP-Vancouver,ex1) wrote:
> Regarding logging out of JDBC realms. This does not seem ideal if I
> have to explicitly call session.invalidate() when the user logs out.
Tam,
You can use javascript to fire session.invalidate() in case the
user closes browser window (ie. does not use you log-out link).
And regarding automatic expiration after given period of time
you should be able to put following in your web.xml:
<session-config>
<session-timeout>30</session-timeout> <!-- timeout in minutes -->
</session-config>
If you want to run your own code in case of automatic session
expiration then I hope this article helps:
http://w6.metronet.com/~wjm/tomcat/2001/Jan/msg00703.html
with best wishes,
Taavi
