How to configure the session timeout in servlet

The session timeout in a web application can be configurable in two ways

1) Timeout in the deployment descriptor (web.xml)

– Specified the timeout value in “minute” , enclose with “session-config” element.

<web-app ...>
	<session-config>
		<session-timeout>20</session-timeout>
	</session-config>
</web-app>

The above setting is apply for the entire web application, and session will be kill by container if client doesn’t make any request after 20 minutes.

2) Timeout with setMaxInactiveInterval()

– You can manually specified the timeout value in “second” for a particular session.

HttpSession session = request.getSession();
session.setMaxInactiveInterval(20*60);

The above setting is only apply on session which call the “setMaxInactiveInterval()” method, and session will be kill by container if client doesn’t make any request after 20 minutes.

Thoughts….

This is a bit confusing , the value in deployment descriptor (web.xml) is in “minute”, but the setMaxInactiveInterval() method is accept the value in “second”. Both functions should synchronize it in future release :)

Tags :

About the Author

mkyong
Founder of Mkyong.com and HostingCompass.com, love Java and open source stuff. Follow him on Twitter, or befriend him on Facebook or Google Plus. If you like my tutorials, consider make a donation to these charities.

Comments

  • kaka

    Thanks, it’s work

  • vineet kaushik

    Hi,
    as You have mentioned in first point that session will be killed by container if client doesn’t make any request after 20 minutes.

    what if you made a request 20 mins ago but response did not come back in those 20 minutes for that request. so it should timeOut? and mind, we did not make any other request in those 20 mins.

    Thanks,
    Vineet

  • Rudresh

    Hi my JSF web application application is integrated with JAAS Form Based authentication, in this if i mentioned session time out as below in web.xml of my application this will not timeout the session.

    20

  • http://abhijat.name Abhijat

    Another one where i have some to your website :)

    thanks as always

  • Jonathan Carrillo

    How to screen print the time session remaining?

    • ajay

      @Jonathan–session.getMaxInactiveInterval() .