Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Servlet Session timeout

Tags:

java

spring-mvc

servlets

I'm writing my SPring MVC web application.

I have set my session time out to be 10080 minutes equal to 1 week. Now I would like to keep user logged in every time he open browser:

sessionService.setcurrentUser(myuser);
      HttpSession session = request.getSession();
      Cookie cookie = new Cookie("JSESSIONID", session.getId());
      cookie.setMaxAge(timeout);
      response.addCookie(cookie);

Should my cookie Max Age be the same as session time out? 

cookie.setMaxAge(10080);

Is it good practice?

like image 428
danny.lesnik Avatar asked Jan 25 '26 07:01

danny.lesnik

1 Answers

You should configure it in web.xml, not by hacking the default session cookie.

<session-config>
    <session-timeout>10080</session-timeout>
</session-config>

Note that you shouldn't store too much data in session and/or that your server has enough memory.

like image 55
BalusC Avatar answered Jan 26 '26 19:01

BalusC
Sign in to Comment

Related questions

Having trouble using the java "if" statement
Difference between String[] and Array<String>
Order 2 related arrays
Executing a jar file in Linux [closed]
android java setOnClickListener error
Collections.sort in java for any class
java regex for US State Validation
Storing result set for later fetch

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!