views:

116

answers:

1

Hello. I have a web application that uses DWR reverse Ajax (pollAndCometEnabled set to true) In my web.xml i have set a timeout of 30 minutes for the HttpSession. Since DWR polls the server, the http session is always active and the result is that it never expires, even if the user's interaction is inactive for over 30 minutes. Does anyone knows how solve this problem?

A: 

I can think of 3 different options for you...

1) keep your comet requests on domain that doesn't use session cookies; as a side benefit, you'll also reduce your request overhead

2) monitor the timeout on the client side. depending on your application setup, this might be a bit more of a chore, but a setTimeout is an incredibly simple solution; downside is, you're not really expiring them, so the session is technically still valid to the server, but the upside is you can easily give them a nice "your session is about to expire" warning.

3) Monitor the activity from the server; since you're using a comet solution, you can monitor the sessions on the server, and when the session is expiring, push a message to the client notifying them that the session has ended. This is the best option if you can't switch domains, because you can trash the session on the server, and let the client know at the same time.

jvenema