|
Problem |
It is possible to set the HTTP Session timeout at various
places on the WebSphere® Application Server Administration Console. It is
also possible to set HTTP Session timeout the application packaging
process.
Since Session timeout can be set in multiple places, it is necessary to
understand how the ultimate session timeout for an application is
determined. |
|
Solution |
You can set the HTTP Session timeout in the following
places:
- From the Administration Console for a given Application
Server
- At the time when the application is packaged
- In the application code
Setting the HTTP Session timeout from the Administration Console
1. To set the HTTP Session timeout at the Application Server level
- Expand Nodes.
- Navigate to Your Node > Application Servers.
- Click on the appropriate Application Server.
- Click the Services tab.
- Select Session Manager Service.
- Click Edit Properties.
2. Click the Advanced tab in the Session Manager Service window.
3. Select Set Timeout, then type the desired value in the field.
4. Click OK, then click Apply.
HTTP Session timeout settings made during packaging and
development
The application designer or programmer can choose to set the HTTP Session
timeout parameter when the application is packaged. This value is stored
in the web.xml file located at:
WebSphere
InstallDirectory/AppServer/installedApps/Application
Name/Web
Module.war/WEB-INF/web.xml
This setting overrides any Session timeouts defined from the
Administration Console. You can alter this setting by repackaging the
application with a new value or by modifying the web.xml file. You must
restart your Application Server to use any new settings.
HTTP Session timeout defined in the application code
Finally, the HTTP Session timeout can be set in the application code. The
programmer can invoke the HttpSession.setMaxInactiveInterval method to set
the timeout value as desired. This setting overrides any Session timeouts
defined in the application package or made from the Administration
Console.
HTTP Session timeout override precedence summary
The list below shows the precedence from which the final HTTP Session
timeout is derived:
1. |
Server Level |
Lowest level |
2. |
Application Level (packaged) |
Will override Server settings |
3. |
Application Code |
Overrides all other settings |
|
|
|
|
|
|
|