I tested out navigating to another web page in a different window and coming back to the web app page after it should have timed out, but no go.
I just removed the comments for the access log as you mentioned below. What I'm seeing in the access log are heartbeat requests? Like follows. I'm not touching the page and I did navigate to another page after I ran the report... 10.5.2.18 - - [14/Sep/2010:15:22:03 -0700] "POST /sree/Reports?op=heartbeat&ID=RA_QA[2f]PST[20]Complaints.12845027269201@ local&&isAJAXRequest=true&isContainer=false&isXML=false HTTP/1.1" 200 - I don't know if this is because we're using LDAP for our security and InetSoft is checking this constantly. I have a feeling that's what it is though. :-( Debbie Shapiro, Data Warehouse Manager Office: 425.402.2233 -----Original Message----- From: Wesley Acheson [mailto:wesley.ache...@gmail.com] Sent: Tuesday, September 14, 2010 2:48 PM To: Tomcat Users List Subject: Re: session-timeout not taking effect On Tue, Sep 14, 2010 at 11:39 PM, Debbie Shapiro <dshap...@cardiacscience.com> wrote: > I should add that I am neither a Java nor a Tomcat expert by any means. > Where would I find some of these settings? hmm may be a bit tricky > > I'm using IE to access this application. > > Where would one enable the access log? I essentially have the entire > Tomcat installation using the defaults at installation, with the > exception that I have included the InetSoft application directory in the > webapps folder. Is a valve usually on server.xml If you reciently downloaded tomcat and haven't played with these files there a commented out access log valve which you can uncomment ( i.e. remove <!-- and its end --> ) > If I navigate to another website and immediately navigate back to the > InetSoft page, it first displays a page that the login has expired and > then prompts me to login again. I don't suppose you know if its using urlRewriting to keep sessions. There may be something in the browser address bar that says jsessionid. >It's only if I leave the page up that it > seems to not expire. My version of IE doesn't have tabs (I'm still on > 6.0), so it's either change the current window to a new page or open a > new window. Thats fine for the test. Change the current window by navigating to another site and back (You said before it asks you for a login). I'd advise a better browser however. > I'm not sure how to determine that the session-timeout is anything other > than 30 minutes aside from looking at the web.xml file. Not familiar > with JConsole. I don't currently have the Tomcat manager running. I just > found the documentation concerning that part of the app and I will see > about getting that started. As I said, I have everything set to the > defaults... > > Sorry for the stupid question but when you said the session should be expired, I assume you don't mean the report shouldn't still be on the screen. Is this a public website where someone could test? Wes --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
