Override Session timeout at runtime in wicket.

Question

Hi All ,

How can I override session timeout interval during the runtime. Basically at the time of login, user is given an option if wants to be logged in for specific hours say(7).

So what I did once user is authenticated , set the max inactiveInterval at the session.

WebRequest request = (WebRequest) WebRequestCycle.get().getRequest(); request.getHttpServletRequest().getSession().setMaxInactiveInterval(HOURS * 60);

but this doesn't seems to work . User is still logged on after that time.

Thanks!

Pratik

Answer 1

The method takes seconds instead of minutes, but that does not explain the phenomenon.

Maybe you can verify the session id in the cookie on your browser if it changes? I have had situation where the session handling was so "robust" a brand new session was created that unless the browser pages were notified that the session was terminated, it would simply create a new one. Now I admit that was back in my perl days and that this is extremely unlikely to happen with container manages sessions

Answer 2

I believe the name of the method would speak for itself. setMaxInactiveInterval() would surely wait for a period of time after the last response before expiring the session, so your session would have been kept alive for 7 hours after the last response?

As for the answer, you're probably looking at something wither within the page or within the session that checks against a pre-defined time to see if its longer than the pre-defined period.

Hope this helps.