Servlet Session Timeout

Question

Servlet Session Timeout

I am writing my SPring MVC web application.

I set the session time of the session to 10080 minutes, equal to 1 week. Now I would like the user to register every time he opens the browser:

sessionService.setcurrentUser(myuser);
      HttpSession session = request.getSession();
      Cookie cookie = new Cookie("JSESSIONID", session.getId());
      cookie.setMaxAge(timeout);
      response.addCookie(cookie);

Should my Max Age cookie be the same as the session time?

cookie.setMaxAge(10080);

Is this a good practice?

+3

java spring-mvc servlets

danny.lesnik Nov 08 '10 at 8:11

source share

3 answers

web.xml, cookie .

<session-config>
    <session-timeout>10080</session-timeout>
</session-config>

, / .

+7

BalusC 08 . '10 11:38

.
, , , :

: .
The effects of memory, your session will be serialized, and you want to minimize it. Especially if the number of users can increase dramatically.

Discussion 1
Discussion 2
Discussion 3

+2

emt14 Nov 08 '10 at 12:54

source share

Roalt · Accepted Answer · 2010-11-08T08:15:03+0000

You use cookies to indicate a session ID. If the cookie timeout is below the session, it will no longer find your session. Therefore, it is recommended that you specify a timeout for your cookie at least for the duration of your session.

Servlet Session Timeout

More articles: