https://stackoverflow.com/questions/23685608
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianGood Question..
Configuring large session timeout value results in HttpSession objects occupying memory longer than necessary
The Servlet container keeps track of all HttpSession objects and determines whether a user is active or not by comparing the time of the user's last access of the application with the session timeout value.
take one example, if average memory taken by a session is 10KB, here is case of 1lakhs and 2lakhs user with 30 minutes timeout
and now if increase timeout to 60 minutes,
You can see the difference in memory application occupy double memory to hold session.
Conclusion : Do not increase the session timeout value unless it is absolutely necessary. It is best if you can leave the default session timeout value at 30 minutes, or even set it lower if your application permits.
