tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Echerer <>
Subject Re: disabling session management
Date Thu, 14 Oct 2010 06:13:37 GMT

you could also use a SessionListener an invalidate sessions immediately
after being created or you could write your own implementation of
| and
configure it to be used instead of the default manager.
Can't be too difficult if jit ust has to serve as a NOP
implementation... However I would prefer to figure out why sessions are
unexpectedly created at all.


Christopher Schultz wrote:
> Emerson,
> On 10/8/2010 10:25 AM, emerson wrote:
> > We been doing some tuning on our TC environment and noticed that
> > tomcat is holding 30 megabytes of classes related to session
> > management.
> Which classes, specifically?
> > This is on our middletier servler, where sessions are irrelevant.
> Okay, great.
> > Is there a way to disabled session management for this server?
> Don't call request.getSession(). If you have JSPs (in a middle tier?),
> make sure they all have session="false" in their <@page> directives.
> > What is the impact of using session-timeout = 0?
> Your sessions will never time out, and your problem will likely get worse.
> > We currently use 30 minutes for the session-timeout.
> You could always set it to 1 minute just to be sure they don't last very
> long if they are accidentally created.
> -chris

To unsubscribe, e-mail:
For additional commands, e-mail:


TNG Technology Consulting GmbH, Betastr. 13a, D-85774 Unterföhring
Geschäftsführer: Henrik Klagges, Gerhard Müller, Christoph Stock
Amtsgericht München, HRB 135082

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message