Handling Session TimeOuts
1 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   LIno_Fonseca
Posted On:   Monday, February 16, 2004 02:24 AM

The problem I have is associated to session management. Assuming that I am developing a website where i need to maintain a clients session. Now due to the critical information on the site I cannot keep a very large session timeout value. My problem is that if the client makes a request for some data from the DB which takes a long time in processing the request due to the large number of records in the db, chances are the session will timeout before the results are returned. How can i manage this scenario where I dont want the session to time out just because my backend processing is slow and the client would not get the results as well as have to re-login. please help me with this. What remedies can i apply to my design/code to overcome this pro   More>>

The problem I have is associated to session management. Assuming that I am developing a website where i need to maintain a clients session. Now due to the critical information on the site I cannot keep a very large session timeout value.


My problem is that if the client makes a request for some data from the DB which takes a long time in processing the request due to the large number of records in the db, chances are the session will timeout before the results are returned.


How can i manage this scenario where I dont want the session to time out just because my backend processing is slow and the client would not get the results as well as have to re-login.


please help me with this. What remedies can i apply to my design/code to overcome this problem

   <<Less

Re: Handling Session TimeOuts

Posted By:   Richard_Stacey  
Posted On:   Tuesday, February 17, 2004 03:58 PM


My suggestion would be to dynamically modify the session timeout on the fly. By default the session timeout is set during the configuration of the server. However it is possible to change the timeout on a case by case basis. Before calling the long running method you could change the timeout period on the session to be infinite. This would prevent the session timeout from occuring.



When the call returns you need to set the session timeout to allow for the long call duration. If you set it back to its original value it may immediately expire. This can be done by setting the timeout to the elapsed time taken in the call added to the default server timeout. I have provided an example of a servlet that performs this process:






/**
* Simple example servlet
*/
public class SimpleServlet extends HttpServlet {
private int timeout;

protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// Capture starting time
long startTime = System.currentTimeMillis();

// Make session time infinite
HttpSession session = request.getSession(true);
session.setMaxInactiveInterval(-1);

// Make call to long running function
longRunningFunction();

// Move the session timeout to include time already used
long endTime = System.currentTimeMillis();
int elapsedSeconds = (int) ((endTime - startTime) / 1000);

// Configure the session
session.setMaxInactiveInterval(elapsed + timeout);
}


public void init(ServletConfig config) throws ServletException {
timeout = Integer.parseInt(config.getInitParameter("timeout"));
}
}




To ensure that you fulfill your obligations to have short timeouts this mechanism would need to be implemented across the board. If not one call may set the timeout to be very long which would then apply across shorter running transactions. If you have a Sevlet 2.3 compatiable server then this can be done using Filters rather than in each individual servlet as I have shown here.



Hope that helps.
Richard

About | Sitemap | Contact