mercredi 24 octobre 2018

Session Timeout Confusion

Here is a scenario. In a java /jsp web app running on Web Logic Server:

  1. Login to the app. Program code creates a session and set setMaxInactiveInterval to 15 minutes.
  2. After 13 minutes, via a button click some other program code runs and invalidates the session created in step 1, and then creates a new session and sets the new session's setMaxInactiveInterval to 20 minutes.
  3. Two minutes later, or exactly 15 minutes after the first session was created that app times out.

Why would this happen? If the code destroyed the first session and created a new session with a new setMaxInactiveInterval value shouldn't the new session's timeout apply?

Please help me to understand this and thanks in advance for your intelligence.




Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)