tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: SingleSignonValve and webapp session timeout
Date Tue, 11 Oct 2011 19:22:18 GMT
Brian Burch wrote:

> But I am having trouble understanding the life cycle of a Session. If 
> the browser has navigated away from my "static" webapp container, into a 
> completely different webapp container, why does it still have an 
> associated Session?

Probably because the first webapp has no idea that the browser has "navigated away".
How would it know ?  When the browser "navigates away", it does not send any information 
to the webapp it navigated away from, saying "hey, I am navigating away from you".
It just does not send anything anymore to that webapp, and sends something to another 
webapp instead (or to
But for the first webapp, that is the same situation as if the browser stayed on the same

page, and the user went away for lunch for half an hour (or in my country, more like two 
and a half hours).

  I can understand how the browser would retain two
> Sessions if it held two tabs open, one to each webapp. 

The browser does not "retain sessions".  What is retaining sessions, is the server.
The browser may just keep some "token" received from the server (be it a cookie, or a 
session-id embedded in links contained in the currently displayed page), but that's it. 
When (and if) the browser ever accesses that same server again (and the same path on the 
server), it may send this token along with the new request. When the server receives a 
request with such a token, it /may/ be able to use the information in the token, to 
reconnect this request with some session information that it has kept until then, and thus

retrieve the session's state, and process the request "knowing" that it is the 
continuation of a session (instead of back from zero).


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message