tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <>
Subject Re: Polling servlet and session expiration - avoid calling request.getSession() ?
Date Mon, 10 Jan 2011 20:00:34 GMT
Hash: SHA1


On 1/8/2011 6:52 PM, Konstantin Kolinko wrote:
> As [1] mentions, it depends on whether the following system property
> is set to "true":
> org.apache.catalina.STRICT_SERVLET_COMPLIANCE
> [1]
> So, yes, your solution is unreliable.
>>  i don't want these requests to update the session's lastAccessedTime
> I think that such a requirement is rare.
> It is easy to implement it if you move your servlet into a separate webapp

How would someone do something like this? Presumably, the "ping"
operation would like to interact with the session in /some/ way, except
that it doesn't want to force the session to live.

For example, you might want to check to see the status of a per-user job
that is running in the background. That might require checking something
in the session (say, the status) but the HTTP request should be allowed
to peek at the session without extending it's life.

I'm not sure you could do this with a separate webapp.

I'm wondering if something like this could be implemented as a Valve:
the Valve checks the request for a special request parameter or header
and wraps the session (if there is one) in a wrapper which discards
updates to the last modified time. Would that be possible? I'm not yet
familiar enough with the session code to know where that touch-update
logic is implemented.

- -chris
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla -


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message