tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Will Hartung" <>
Subject Re: Sessions across browser restarts
Date Tue, 04 Feb 2003 23:46:37 GMT
> From: "Zabel, Ian" <>
> Sent: Tuesday, February 04, 2003 2:35 PM
> Subject: RE: Sessions across browser restarts

> I believe that just controls the timeout of the session on the server, and
> maybe the timeout of the cookies. To be more specific, I am asking about
> timeout of the jsessionid cookie on the client. Is it possible to control
> these separately, i.e., set session-timeout to 30 minutes, but make the
> jsessionid cookie expire when the browser is closed, or alternatively,
> the cookie expire in 30 minutes, so the user could close his browser, and
> come back to the app later and still maintain his session.

Yeah, you'll need to go into the core Session processing code I think to
alter the attributes of the session tracking cookie, being as it's
essentially opaque to the application (i.e. you know sessions exist, but you
should not rely on the actual mechanism of how they are implemented).

What this also means is that if you tweak the actual Session code within
Tomcat, then your application will lose portability across containers. To
pull it off, you might want to look at subclassing the stock Tomcat
SessionManager (I think) class and using your version in the server.xml

However, if you want this kind of functionality, and you want it portable,
you'll need to write your own session management code for the attributes
that you wish to persists past a browser closing. Of course, depending on
the state your managing, this doesn't have to be an onnerous task.

But it is a bit of a pain in the neck in a "reinventing the wheel" kind of


Will Hartung

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message