tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jacob Kjome <>
Subject Re: JDBCRealm - Session not timing out
Date Thu, 10 Jul 2003 16:16:05 GMT
At 12:09 PM 7/10/2003 -0400, you wrote:
>Should my JDBCRealm login reset when the session times out?
>I have tried it in both Basic AUTH and Form AUTH.
>My session never times out.

I'm not entirely sure about Form AUTH, but Basic AUTH doesn't use 
sessions.  The browser caches the login information provided and re-sends 
it on each request.  So, there is no real "time out" for Basic AUTH.  The 
only equivalent would be to close all open browsers.  This deletes the 
cache of the Basic AUTH credentials forcing the user to re-enter it once a 
new browser is opened and the protected web site is re-visited.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message