Session Management - Websphere Application Server_问答_开发者

Session Management - Websphere Application Server

开发者 https://www.devze.com 2023-01-10 16:41 出处：网络

I have a question about session management. Here\'s the scenario. There are 3 groups of users on the same network. There is a J2EE application that is set to end a user\'s session after 60 minutes.

I have a question about session management. Here's the scenario.

There are 3 groups of users on the same network. There is a J2EE application that is set to end a user's session after 60 minutes. The groups are A, B and C. Now Group A, B and C all log into the J2EE application and start using it. Group A users can use the application just fine with no issues. Group B and C though are kicked out are various times, but all before the set time of 60 minutes. Now a user from Group A goes to a Group B's PC. The G开发者_运维问答roup B user logs into their PC with their AD credentials and then the Group A user logs into the J2EE application. After some time, well before the 60 minute session time, the Group A users' session is ended prematurely.

Still with me? I hope so.

Now the Group B user, goes to a Group A users' PC and does the same as above. The Group A user logs into their PC with their AD credentials and the Group B user logs into the J2EE application. The Group B user has no timeout issues and doesn't get kicked out before the 60 minute set time for the session to end.

Whew! So it doesn't look like the J2EE application is terminating the users' session, because the Group B users is fine when logged into a Group A users PC.

Now, would someone be able to explain how this could occur? I was thinking that the Application Server (Websphere App Server 6.1) might be configured to do such a thing, but I'm not a websphere administrator.

Any ideas or suggestions of what I may try to solve this issue would be greatly appreciated. Also, please ask any questions as I know that there may be some things that I have left out in my explanation of what is going on.

Thanks!

Are you setting HttpSession.setMaxInactiveInterval(int secs) in your code. This overrides any other settings in WebSphere. maybe you have a random value that is being set ?

Besides trying the suggestion provided by Romain also try this. You can print the contents of HTTPSession (and its attributes) and see what the values are.

Use HTTPSessionListener and you would be notified when sessions are created and destroyed.

This would tell you when the sessions are getting destroyed.

It is likely that something in the application might be triggering it.

It is too difficult to say what are the possible problem and we can take a initial stab at these approaches.

HTH Manglu