hi all,
I have to implement a polling mechanism that repeatedly sends a request
to a servlet.
This servlet doesn't need the user session, and i don't want these
requests to update the session's lastAccessedTime, thus preventing
regular session timeout when the user isn't doing anything else.
I've already had a look at the archives, and found possible solutions
using a filter, and that's ok, but...
i seemed to remember that, in a servlet, you have to call
request.getSession() to "touch" the session and reset the timeout counter.
So, i made a simple test servlet that does not call req.getSession(),
tried under both TC5.5.25 & TC6.0.18, and it seems to work: the session
normally expires when it's time to, ignoring the requests to that servlet.
Now my question is: can this be considered a reliable solution?
The sevlet spec seems to state that the accessed time should be updated
as soon as the request comes in.
Additionally, i've had a look at the sources (5.5.25 & 6.0.18) and found
this comment in org/apache/catalina/Session.java:
/**
* Update the accessed time information for this session. This method
* should be called by the context when a request comes in for a
particular
* session, even if the application does not reference it.
*/
public void access();
...so i'm afraid the answer is no, but i'd like some "official" advice
about that.
Thanks
alberto
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
