views:

153

answers:

2

Hi,

I'm having a problem with java sessions.

I'm developing a simple web app, where I have to use sessions and session attributes. Everything is fine until I close my browser. When I close my browser the JSessionId disappears. Here's my code:

request.getSession().setMaxInactiveInterval(30*60); //it's 30 minutes
request.getSession().setAttribute("someinteger", 10);

It works great, but when I shut down the browser, and reopen it I can't find the jsessionId (before I closed the browser I could find it in the 'localhost' section). The strange thing is I can still find the "someinteger" cookie. What is the problem? What am I doing wrong?

I'm using this, too: link text, and it shows that JSESSIONID cookie expires : "SESSION", and "someinteger" expires in 30 minutes

Thanks in advance.

+3  A: 

Session cookies don't persist across browser restarts. Thus, the JSESSIONID cookie won't exist when you re-open the browser.

Taylor Leese
I didn't know that. Thanks!
Bob
To clarify: request.getSession().setMaxInactiveInterval(30*60); sets a server-side timeout, it doesn't affect the cookie timeout for jsessionId
jayshao
A: 

Actually the reason is that the session timeout defined in the web.xml is probably still set to its default:

<session-config>
    <session-timeout>30</session-timeout>
</session-config>

The session cookie will persist across browser restarts if the browser has been configured to (all do by default). The cookie with the JSESSIONID is not a special cookie to the browser, it's just another cookie.

If you look at the cookie you can see when it is set to expire. Cookie expiry and persistence is independent of session timeout. Except that the cookie is what connects the browser to the seesion.

If either the cookie or the session are lost, then the session is effectively lost.

Chris Mountford