will not postpone
the expiration date simply by adding
/YOUR-OTHER-URL-PATTERN
HTH anyone,
Sharon
-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: Monday, November 14, 2011 6:17 PM
To: Tomcat Users List
Subject: Re: Session time out never
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sharon,
On 11/10/11 3:11 AM, Sharon Prober (sprober) wrote:
> I understand it is invoked before the filters, but after
> completion it would arrive to the filter/servlet container anyway.
> So what your saying is that if I build a valve and read infor
>
> So to recap, and verify my understanding...
> Perhaps I am missing some valve overview.
>
> I understand it is invoked before the filters, but after completion it
> would arrive to the filter/servlet container anyway.
> So what your saying is that if I build a valve and read information from
>
--Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: Thursday, November 10, 2011 8:04 AM
To: Tomcat Users List
Subject: Re: Session time out never takes place with ajax
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sharon,
On 11/9/11 12:56 AM, Sha
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sharon,
On 11/9/11 12:56 AM, Sharon Prober (sprober) wrote:
> This is my first post here so wish me luck J
Welcome.
> My question is as follow:
>
> I have a web based application running on tomcat 6.0.29
>
> On my main page there is a polling ajax
Hi,
This is my first post here so wish me luck J
My question is as follow:
I have a web based application running on tomcat 6.0.29
On my main page there is a polling ajax call every 5 seconds.
Clearly this revalidates the session and by that renders the session
timeout feature unusable
, Caldarale, Charles R wrote:
>>>> From: Mark Thomas [mailto:ma...@apache.org] Subject: Re: Request
>>>> not forwarded to login page with security-constraint after session
>>>> time-out
>>>>
>>>> The spec is clearer than that. The "*&quo
On 27.02.2009, at 17:38, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 2/26/2009 5:39 PM, Caldarale, Charles R wrote:
From: Mark Thomas [mailto:ma...@apache.org] Subject: Re: Request
not forwarded to login page with security-constraint after session
time
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Subject: Re: Request not forwarded to login page with
> security-constraintafter session time-out
>
> I don't find this ambiguous at all
You have to carefully examine the sections being referred to; in each ar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 2/26/2009 7:22 PM, Caldarale, Charles R wrote:
>> From: Mark Thomas [mailto:ma...@apache.org]
>> Subject: Re: Request not forwarded to login page with
>> security-constraint after session time-out
>
>>> What
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 2/26/2009 5:39 PM, Caldarale, Charles R wrote:
>> From: Mark Thomas [mailto:ma...@apache.org] Subject: Re: Request
>> not forwarded to login page with security-constraint after session
>> time-out
>>
>> The
Marcel Stör wrote:
[...]
3. Why does it seem to be relevant that the request where
auto-forwarding-to-login-after-session-timeout fails is an AJAX request?
That was my last thought last night before I fell asleep...and my first this
morning when I woke up. And then the scales fell from my eyes
> From: Mark Thomas [mailto:ma...@apache.org]
> Subject: Re: Request not forwarded to login page with
> security-constraint after session time-out
> > What the spec is not explicit about is the combination
> > of "*" with an empty or non-existant list.
> I th
Marcel Stör wrote:
> Not sure I can follow you guys on this...A few questions, my assumption
> is that the role-issue has nothing to do with the real problem:
Correct. Chuck and I are off on our own little tangent.
> 1. Is the "*"-role issues even relevant in my context? After all, the
> security
Caldarale, Charles R wrote:
>> From: Mark Thomas [mailto:ma...@apache.org]
>> Subject: Re: Request not forwarded to login page with
>> security-constraintafter session time-out
>>
>> If "*" is all roles defined and you have no roles
>> defined th
On 26.02.2009, at 23:44, Mark Thomas wrote:
Caldarale, Charles R wrote:
From: Mark Thomas [mailto:ma...@apache.org]
Subject: Re: Request not forwarded to login page with
security-constraint after session time-out
The spec is clearer than that. The "*" role == all roles
defined
> From: Mark Thomas [mailto:ma...@apache.org]
> Subject: Re: Request not forwarded to login page with
> security-constraintafter session time-out
>
> If "*" is all roles defined and you have no roles
> defined then you are basically preventing anyone
> from acce
Caldarale, Charles R wrote:
>> From: Mark Thomas [mailto:ma...@apache.org]
>> Subject: Re: Request not forwarded to login page with
>> security-constraint after session time-out
>>
>> The spec is clearer than that. The "*" role == all roles
>> defined
> From: Mark Thomas [mailto:ma...@apache.org]
> Subject: Re: Request not forwarded to login page with
> security-constraint after session time-out
>
> The spec is clearer than that. The "*" role == all roles
> defined in web.xml.
Yes, but what it's not clear abo
Caldarale, Charles R wrote:
>> From: Marcel Stör [mailto:mar...@frightanic.com]
>> Subject: Re: Request not forwarded to login page with
>> security-constraint after session time-out
>>
>> No, I only mentioned this because Tomcat throws an SQL exception
>> beca
> From: Marcel Stör [mailto:mar...@frightanic.com]
> Subject: Re: Request not forwarded to login page with
> security-constraint after session time-out
>
> No, I only mentioned this because Tomcat throws an SQL exception
> because it tries to query a table called "&quo
On 26.02.2009, at 20:13, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marcel,
On 2/26/2009 10:21 AM, Marcel Stör wrote:
If I request a protected URL (manually clicking
link, AJAX request, etc.) *after* the session has timed out I
expect an
automatic forwarding t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marcel,
On 2/26/2009 10:21 AM, Marcel Stör wrote:
> If I request a protected URL (manually clicking
> link, AJAX request, etc.) *after* the session has timed out I expect an
> automatic forwarding to the login page. As I could see while debugging,
> t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gregor,
On 2/26/2009 9:59 AM, Gregor Schneider wrote:
> This looks a bit awkward to me (didn't know that this is possible),
> but I guess that's not the reason for your problem:
>
>*
This is fine. From the servlet spec SRV.13.3:
"
The auth-cons
Gregor Schneider wrote:
Marcel,
On Thu, Feb 26, 2009 at 12:16 AM, Marcel Stör wrote:
[Problem]
Upon session time-out the request is not forwarded to the login page (form
based auth). Nothing happens on the UI. However, forwarding to the login
page does work during the initially login into the
Marcel,
On Thu, Feb 26, 2009 at 12:16 AM, Marcel Stör wrote:
>
> [Problem]
> Upon session time-out the request is not forwarded to the login page (form
> based auth). Nothing happens on the UI. However, forwarding to the login
> page does work during the initially login into
Up to now I had always thought I understood the security aspects of
the Servlet spec quite well. Looks like I was wrong...
[Problem]
Upon session time-out the request is not forwarded to the login page
(form based auth). Nothing happens on the UI. However, forwarding to
the login page does
Urvish,
Urvish Shah wrote:
> In our application we are using Tomcat 5.5.9. Our tomcat session time
> out is 30 minutes
>
> We have one bottom html frame in our web page which automatically
> gets refreshed every 10 seconds to poll some event notifications
> after user logs in
Hi
In our application we are using Tomcat 5.5.9. Our tomcat session time
out is 30 minutes
We have one bottom html frame in our web page which automatically gets
refreshed every 10 seconds to poll some event notifications after user
logs in.
Because of this reason we never get session
I suppose you use a servlet to set the session, you can use
session.setMaxInactiveInterval(time)
where the variable time points out how many second you want to keep
alive your session.
e.g. time=60*60 =1h.
However you should set a reasonable time interval, you can't keep
alive your session for
Hi to allCan One of you help me how to make a session alive,
because my session is getting expired after the time mentioned in the
web.xmlWith regardsJitendra Ch
_
The idiot box is no longer passe!
http://content.m
Martin,
Martin Gainty wrote:
> On the connectionTimeout = "0" for indefinite timeout
>
> also a keepAliveTimeout on the Sender which I believe defaults to 60 sec
> http://tomcat.apache.org/tomcat-5.5-doc/cluster-howto.html
Once again, irrelevant and incorrect.
The OP is asking about the sessio
Hello Martin,
my main question was :
Does application WEB-INF/web.xml override default conf/web.xml setting?
I mean in a container containing several applications, can each of them
set session time out
in their /WEB-INF/web.xml and is that over ride the default setting
which is set in /conf
On 4/30/07, Tomcat <[EMAIL PROTECTED]> wrote:
Hello
Does application WEB-INF/web.xml override default conf/web.xml setting?
specifically session time out , but want to know if other setting is
overriden.
Specifically the session time out in /WEB-INF/web.xml overrides /conf/web.xml
Don&
t; <[EMAIL PROTECTED]>
To: "Tomcat Users List"
Sent: Monday, April 30, 2007 10:27 AM
Subject: session time out
Hello
Does application WEB-INF/web.xml override default conf/web.xml setting?
specifically session time out , but want to know if other setting is
overriden.
and c
Hello
Does application WEB-INF/web.xml override default conf/web.xml setting?
specifically session time out , but want to know if other setting is
overriden.
and can we disable this through server.xml ?
Thanks
Adam
-
To
bjet : how to change session time out one of the web app in tomcat
HI
I want to modify the time out of web app in tomcat where should i change
that?
what is the default value of time out?
thanks
bhavik
-
To start a new topic, e-m
HI
I want to modify the time out of web app in tomcat where should i change
that?
what is the default value of time out?
thanks
bhavik
38 matches
Mail list logo
