the session. There are three specific settings:
1. Set in the web container (use tomcat as the Example)
Set in tomcat-7.0\conf\web.xml, the following is the default configuration in tomcat7.0:
<session-config> <session-timeout>30</session-timeout> </session-config>
The default session timeout time of tomcat is 30 minutes, which can be modified as needed. Negative number or 0 means unlimited session expiration time
. It should be noted that the time set for this session is calculated according to the server, not the client. So if you are debugging the program, you should modify the server-side time to test, not the client-side
2. Set in the web.xml of the project
<!--The time unit is minutes-->
<session-config> <session-timeout>15</session-timeout> </session-config>
15 here refers to the 15-minute invalidation
3. Set by java code
session.setMaxInactiveInterval(30*60);//In seconds, that is, after 30 minutes of inactivity, the session will be invalid
If the value is set to zero or a negative number, it means the session will never time out. Often used to set the current session time. This priority is higher than that of the previous method.
Priority levels of three methods: 1 < 2 < 3
In general systems, it may also be necessary to do some operations after the session expires:
1. Control the number of users. When the session expires, the number of users in the system is reduced by one, and the number of control users is within a certain amount. Within the scope, ensure the performance of the system
2. Control a user to log in multiple times. When the session is valid, if the same user logs in, it will prompt that the user has logged in. When the session expires, you can log in directly with different prompts.
Then how to log in after the session expires , to carry out a series of operations?
The listener needs to be used here, that is, when the session fails due to various reasons, the listener can listen to it, and then execute the program defined in the listener. The
listener class is: HttpSessionListener class, with sessionCreated and sessionDestroyed The two methods can inherit this class by
themselves , and then implement sessionCreated respectively, which
refers to the method executed when the session is created. SessionDestroyed refers to the method executed
when the session expires.
Example :
public class OnlineUserListener implements HttpSessionListener{
public void sessionCreated(HttpSessionEvent event){
HttpSession session=event.getSession;
String id=session.getId()+session.getCreationTime();
SummerConstant.UserMap.put(id,Boolean.TRUE);//Add user
}
public void sessionDestroyed(HttpSessionEvent event){
HttpSession session=event.getSession;
String id=session.getId()+session.getCreationTime();
synchronized(this){
SummerConstant.USERNum--;//Number of users minus-
SummerConstant.UserMap.remove(id);//Remove from the user group, the user group is a map
}
}
}
Then just declare this listener in web.xml
<listener>
<listener-class>com.demo.OnlineUserListener</listener-class>
</listener>