HTTP Session timeout settings and overwrite precedence rules in V4.0
 Technote (FAQ)
 
Problem
It is possible to set the HTTP Session timeout at various places on the WebSphere® Application Server Administration Console. It is also possible to set HTTP Session timeout the application packaging process.

Since Session timeout can be set in multiple places, it is necessary to understand how the ultimate session timeout for an application is determined.
 
Solution
You can set the HTTP Session timeout in the following places:
  • From the Administration Console for a given Application Server
  • At the time when the application is packaged
  • In the application code

Setting the HTTP Session timeout from the Administration Console

1. To set the HTTP Session timeout at the Application Server level
  1. Expand Nodes.
  2. Navigate to Your Node > Application Servers.
  3. Click on the appropriate Application Server.
  4. Click the Services tab.
  5. Select Session Manager Service.
  6. Click Edit Properties.



2. Click the Advanced tab in the Session Manager Service window.

3. Select Set Timeout, then type the desired value in the field.



4. Click OK, then click Apply.

HTTP Session timeout settings made during packaging and development
The application designer or programmer can choose to set the HTTP Session timeout parameter when the application is packaged. This value is stored in the web.xml file located at:
 WebSphere InstallDirectory/AppServer/installedApps/Application Name/Web Module.war/WEB-INF/web.xml

This setting overrides any Session timeouts defined from the Administration Console. You can alter this setting by repackaging the application with a new value or by modifying the web.xml file. You must restart your Application Server to use any new settings.

HTTP Session timeout defined in the application code
Finally, the HTTP Session timeout can be set in the application code. The programmer can invoke the HttpSession.setMaxInactiveInterval method to set the timeout value as desired. This setting overrides any Session timeouts defined in the application package or made from the Administration Console.

HTTP Session timeout override precedence summary
The list below shows the precedence from which the final HTTP Session timeout is derived:

1. Server Level Lowest level
2. Application Level (packaged) Will override Server settings
3. Application Code Overrides all other settings
 
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Sessions and Session Management
Operating system(s): HP-UX
Software version: 4.0
Software edition:
Reference #: 1164077
IBM Group: Software Group
Modified date: Mar 24, 2004