tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Konstantin Kolinko <>
Subject Re: Polling servlet and session expiration - avoid calling request.getSession() ?
Date Sat, 08 Jan 2011 23:52:55 GMT
2011/1/8 rom <>:
>  hi all,
> I have to implement a polling mechanism that repeatedly sends a request
> to a servlet.
> This servlet doesn't need the user session, and i don't want these
> requests to update the session's lastAccessedTime, thus preventing
> regular session timeout when the user isn't doing anything else.
> (...)
> So, i made a simple test servlet that does not call req.getSession(),
> tried under both TC5.5.25 & TC6.0.18, and it seems to work: the session
> normally expires when it's time to, ignoring the requests to that servlet.
> Now my question is: can this be considered a reliable solution?
> The sevlet spec seems to state that the accessed time should be updated
> as soon as the request comes in.

As [1] mentions, it depends on whether the following system property
is set to "true":


So, yes, your solution is unreliable.

>  i don't want these requests to update the session's lastAccessedTime

I think that such a requirement is rare.

It is easy to implement it if you move your servlet into a separate webapp

Best regards,
Konstantin Kolinko

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message