tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rom <aldr...@gmail.com>
Subject Polling servlet and session expiration - avoid calling request.getSession() ?
Date Sat, 08 Jan 2011 14:14:39 GMT
 hi all,
I have to implement a polling mechanism that repeatedly sends a request
to a servlet.
This servlet doesn't need the user session, and i don't want these
requests to update the session's lastAccessedTime, thus preventing
regular session timeout when the user isn't doing anything else.

I've already had a look at the archives, and found possible solutions
using a filter, and that's ok, but...
i seemed to remember that, in a servlet, you have to call
request.getSession() to "touch" the session and reset the timeout counter.

So, i made a simple test servlet that does not call req.getSession(),
tried under both TC5.5.25 & TC6.0.18, and it seems to work: the session
normally expires when it's time to, ignoring the requests to that servlet.

Now my question is: can this be considered a reliable solution?
The sevlet spec seems to state that the accessed time should be updated
as soon as the request comes in.
Additionally, i've had a look at the sources (5.5.25 & 6.0.18) and found
this comment in org/apache/catalina/Session.java:

    /**
     * Update the accessed time information for this session.  This method
     * should be called by the context when a request comes in for a
particular
     * session, even if the application does not reference it.
     */
    public void access();


...so i'm afraid the answer is no, but i'd like some "official" advice
about that.

Thanks

alberto


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message