I guess I need to explain my situation little better. It is slightly complicated so bear with me.
I have 2 types of servlets. Type-1 servlets make use of sessions (using JSESSIONID cookie) and type-2 servlets do not use JSESSIONID cookie and instead implement some API specs which require the authentication token to be passed by the client as part of each request (request here is XML in the body of HTTP request). They are part of same Tomcat application because my clients are mix clients which make use of functionality provided by both type of servlets. These mix clients first login using a type-1 servlet. As part of the successful login, they get an authentication token back, which is HTTP session's id. These clients use this token (in XML request) when they talk to type-2 servlets. I have implemented a session listener to keep track of authenticated HTTP sessions in type-1 servlets. So the type-2 servlets are able to validate the authentication token with my session listener. I had to tell all this background to clarify that my long duration request does not directly come on the session that I need to keep alive. Instead this long duration request comes on type-2 servlet. Note that type-2 servlets do not use JSESSIONID cookie. And my challenge is to keep the corresponding HTTP session alive, the one that maps to the given authentication token from this long duration request. So I was hoping for something like "httpSession.setLastAccessTime (now)"... or some other trick. -----Original Message----- From: André Warnier [mailto:a...@ice-sa.com] Sent: Tuesday, November 23, 2010 2:47 PM To: Tomcat Users List Subject: Re: how to keep session alive on the server side Aggarwal, Ajay wrote: > I have a situation where client what kind of client ? enters a long duration request do you mean that the request takes a long time to send to the server, or that the server will take a long time to respond ? and I > need to keep the session alive for the client ? or for the server ? while this long duration > request is going on. Since this long duration request could be hours, I > do not want to change the default HTTP session timeout value. I also do > not want to put the burden on the client to keep his session alive in > the background (by making dummy requests). > > > > I want to be able to handle it inside tomcat, if possible. Is there a > way to manipulate the lastAccessTime on the session object? > What I mean with the above is : if the client is a browser, and he sends a short request, and the server takes a long time to respond, then the browser will time out after a few minutes (4-5) and display an error page, thinking that the server is down. On the other hand, if your concern is that the server may time out the client session, while it is still processing the client request, then it should not do that. It should only start timing the client inactivity after it has responded to the request, no ? See servlet Specification v 3.0, sections 7.5 & 7.6. "The session invalidation will not take effect until all servlets using that session have exited the service method." My interpretation of this is that the session timeout only counts *between* requests, not while a request is still being processed. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
