Sign in using Google or Yahoo! id.  

Extending JSESSIONID Cookie timeout

 Comments Share:   Twitter   Reddit   HackerNews   Facebook 

JSESSIONID Cookie in Tomcat

When we create a Session in Java Web Application, it creates a corresponding Cookie JSESSIONID:

http://farm5.static.flickr.com/4045/4479153294_e22bbbe480_o.png

http://www.flickr.com/photos/subwiz/4479153294/

The trouble with this Cookie is its timeout in Tomcat. Whatever session timeout value we set in our web.xml or using code, this cookie's time out was set to expire on browser close (by Tomcat).

We can overcome this limitation by setting the timeout value explicitly thus: 

Cookie[] cookies = request.getCookies();
if ((cookies != null) && (cookies.length > 0)) {
    for (int i = 0; i < cookies.length; i++) {
        Cookie cookie = cookies[i];
        if (cookie.getName().equals("JSESSIONID")) {
           cookie.setMaxAge(Integer.MAX_VALUE);
           response.addCookie(cookie);
        }
    }
}
Posted on March 31, 2010 02:26 PM by Subhash Chandran
tomcat javaee java servlet
blog comments powered by Disqus

View: All Posts; All Users | Get Bookmarklets
Partner Sites: indiWiz.com | WizTools.org | WizTools.co.in
© Subhash Chandran (subwiz [at] gmail [dot] com or Twitter: Ping for reporting problems and asking clarifications)