1

In a Java web application, the session timeout doesn't work. It is set in the file application.properties:

#the timeout for user login, in milliseconds
#after this time passes, the user is no longer logged in
mandatory.config.rest.user_login_timeout_ms = 900000

It is set to 900000 ms (15 minutes). I tried also to set to a tiny value, as 6, on my local, to test. It still does not work. It seems to be a bug (2 weeks ago, the session timeout worked). The application server for back-end is "wildfly-9". The application server for front-end is "grunt". Database used is of type OrientDB.

P.S.: I have been working for 2 days on this project, and it is possible the question has not enough details, so you can ask me more details, if it is necessary.

Catalin Vladu
  • 389
  • 1
  • 6
  • 17

1 Answers1

1

Just mentioning timeout property under application.properties file will not work as web container does not know about your custom property and property file.Check if it is used somewhere in you code or not You can do it under web.xml. check Session TimeOut in web.xml

Community
  • 1
  • 1
M Sach
  • 33,416
  • 76
  • 221
  • 314
  • I found a method, "boolean notExpired(Date lastAccess)". I put a breakpoint there. If I login, and then do nothing, after several minutes, the program runs automatically through this method, and the last access is reset. Because this, it never reaches 15 minutes. – Catalin Vladu Jun 24 '16 at 09:07
  • I see also this timer is reset when it is called a metthod, filter(ContainerRequestContext ctx). This method is in a class which implements ContainerRequestFilter, and it is called at each request, as I read in documentation. But I don't understand how could be called a request if I do nothing where I am logged in. – Catalin Vladu Jun 27 '16 at 13:03