How do I set session timeout in seconds in web.xml?

Question

I have a requirement to set the session timeout of 40 seconds. I know we keep normally to 20 minutes.

But my current application requirement is to keep the session timeout to 40 seconds. The web.xml is taking only integer value as 1 but it is not taking 0.6. Is there any way to write this? We are running our java web application on Apache tomcat server.

So how do I set session timeout in seconds in web.xml?

Visit http://stackoverflow.com/questions/15382895/session-timeout-in-web-xml for more information — harunaydin28, Apr 11 '14 at 07:04

score 14 · Answer 1 · edited Aug 08 '19 at 15:11

14

Using the deployment descriptor, you can only set the timeout in minutes:

<session-config>
    <session-timeout>1</session-timeout>
</session-config>

But using the HttpSession API you can set the session timeout in seconds for a servlet container:

HttpSession session = request.getSession();
session.setMaxInactiveInterval(40);

Suggested reading: Deployment Descriptor Elements

edited Aug 08 '19 at 15:11

informatik01

16,038
10
74
104

answered Apr 11 '14 at 07:00

Juned Ahsan

67,789
12
98
136

6

this will treat as 40 mins not secs. – Deepu--Java Apr 11 '14 at 07:04
@DeepakTiwari Fixed. – informatik01 Aug 08 '19 at 15:11
https://tomcat.apache.org/tomcat-5.5-doc/servletapi/javax/servlet/http/HttpSession.html states that setMaxInactiveInterval is for specifying the time in seconds – julodnik Oct 01 '20 at 08:37

score 3 · Answer 2 · answered Apr 11 '14 at 07:10

well in web.xml file you can provide in minutes

<session-config>
    <session-timeout>Minutes</session-timeout>
</session-config>

but you programatically provide values in seconds

HttpSession session = request.getSession();
session.setMaxInactiveInterval(20*60);

score 0 · Answer 3 · answered Mar 15 '16 at 08:17

1) Timeout in the deployment descriptor (web.xml)

– Specified the timeout value in “minute” , enclose with “session-config” element.

Markup

<web-app ...>
    <session-config>
        <session-timeout>20</session-timeout>
    </session-config>
</web-app>

The above setting is apply for the entire web application, and session will be kill by container if client doesn’t make any request after 20 minutes.

2) Timeout with setMaxInactiveInterval()

– You can manually specified the timeout value in “second” for a particular session.

Java

HttpSession session = request.getSession();
session.setMaxInactiveInterval(20*60);

The above setting is only apply on session which call the “setMaxInactiveInterval()” method, and session will be kill by container if client doesn’t make any request after 20 minutes.

Rahul Kumar · Answer 4 · 2016-12-07T17:17:31.553

0

you can override the session timeout through "setMaxInactiveInterval()".

HttpSession session = request.getSession();
session.setMaxInactiveInterval(20000);

here it will take the time in milliseconds, means in next 20 seconds session will get expire.

edited Dec 07 '16 at 17:17

answered Oct 12 '16 at 17:03

Rahul Kumar

145
9

2

setMaxInactiveInterval takes value in seconds – Ramzah Rehman May 19 '17 at 04:34

score 0 · Answer 5 · answered Nov 09 '20 at 16:50

0

How do i set session timeout in seconds in web.xml? Solution: Try this const token = jwt.sign({ _id: user._id }, process.env.JWT_SECRET) // Your token here res.cookie('Cookie', token, { expire: new Date(Date.now()+ 9999)})

answered Nov 09 '20 at 16:50

Sajid Khaki

121
1
3

How do I set session timeout in seconds in web.xml?

5 Answers5

Linked