What is the default session timeout for a Java EE website?
https://stackoverflow.com/questions/141734
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
If I do not specify the following in my web.xml file:
<session-config>
<session-timeout>10</session-timeout>
</session-config>
What will be my default session timeout? (I am running Tomcat 6.0)
Solution
If you're using Tomcat, it's 30 minutes. You can read more about it here.
OTHER TIPS
You can also set this in code, for a specific session using the HttpSession setMaxInactiveInterval API:
Specifies the time, in seconds, between client requests before the servlet container will invalidate this session. A negative time indicates the session should never timeout.
I mention this in case you see timeouts that are not 30 minutes, but you didn't specify another value (e.g. another developer on the project used this API).
Another item to note is this timeout may not trigger on the exact second the session is eligible to expire. The Java EE server may have a polling thread that checks for expired sessions every minute. I don't have a reference for this, but have seen this behavior in the WebSphere 5.1 era.
I'm sure it depends on your container. Tomcat is 30 minutes.
Session Time out we can specify for that particular context in web.xml file as mentined below entry 60
Default Session time out is 30 mins
