I think you mixing things up. The http session isn't designed to run forever. The session ends as soon as the user closes his browser. If you want to have some kind of direct login, you should just set your own cookie, evaluate this cookie in your first servlet/jsp/action or filter and login the user properly. Trying to prolong the session duration is surely not the right way to do it.
regards Leon On 4/4/06, Andrew E. Davidson <[EMAIL PROTECTED]> wrote: > Hi > > > > I am trying to figure out how to set up my application so that users are > only forced to log on every couple of day. Sort of like my.yahoo.com. If you > click "remember my id" you can close/restart you browser and not have to log > back in again. > > > > Here is part of my web.xml file > > > > <session-config> > > > > <!-- the session time out is set so that they can > > > > be idle for about 1.5 days > > > > --> > > > > <session-timeout>2160</session-timeout> > > > > </session-config> > > > > I think the problem that that the jsessionid cookie is not being created > correctly. When I looked at the cookie in my browser, I noticed that Expires > was set to "at end of session". Any one know how I can configure this? > > > > I guess I could create a filter, to get the cookie and call setMaxAge(), how > ever its seems like I should not being writing this kind of code > > > > Any help would be greatly appreciated > > > > Andy > > > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
