tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: control of session timed out with tomcat
Date Thu, 20 Oct 2011 14:52:58 GMT
Alejandro Soto wrote:
> Hi, thanks for your replies, These are the only ways I have to do it?, I was
> reading something about filters, but I think only works with user
> interaction.

The basic issues are these :

1) Tomcat (probably) doesn't spend its time all the time scanning stored sessions to see 
if one has expired, and deleting it.
What it does is : when a new request comes in, and that new request has a session-id in 
it, then Tomcat looks for this stored session.  If it finds it, it checks if it has 
expired, and if so, it deletes it and does as if the session had not been there in the 
first place.

2) even assuming that Tomcat would find out, without user interaction, that a session has

expired, and wanted to send something somewhere, where would it send it ?
It is not certain that the browser of that user still has a connection open with the server.
And even if there was such a connection open, and Tomcat sent something on it, the browser

isn't waiting for anything, since it has not requested anything.  I wouldn't be surprised

if the browser got very confused then.

That's why you always need the browser to send something, to have Tomcat react and search

for the session, and send an answer.

Personally, I think that by trying to do this (in whatever way), you set yourself up for 
all kinds of bizarre happenings and side-effects.
What is the problem you are trying to solve ?

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message