Get started
Loading...
Important Notice - Forums is archived

To simplify things and help our users to be more productive, we have archived the current forum and focus our efforts on helping developers on Stack Overflow. You can post new questions on Stack Overflow or join our Discord channel.

Product icon
TUTORIAL

Vaadin lets you build secure, UX-first PWAs entirely in Java.
Free ebook & tutorial.

CssImport when using Component Exporter by Mikhail Shabarov, 1 month ago
Recent Posts
Vaadin Forum4. Other

Disable Session Timeout

Rajesh Thanga
10 years ago Mar 28, 2012 12:26pm

Hi sir,

My vaadin application needs to run 24*7/365 format . So I don't need Session timeout . How to disable ?

Thank you

+1
Joonas Lehtinen
10 years ago Mar 28, 2012 1:03pm

<session-config>
<session-timeout>-1</session-timeout>
</session-config>

Rajesh Thanga
10 years ago Apr 02, 2012 3:12am

Joonas Lehtinen: <session-config>
<session-timeout>-1</session-timeout>
</session-config>

Hi sir,

Thank you for your information . It was greately helpful to me.

Bobby Bissett
10 years ago Apr 18, 2012 9:18pm

Can I ask why you're doing this? Unless you restart the server occasionally, you will run out of memory since session objects never expire. Every time a user starts your app, a session gets created that never goes away (even if you only have one user, a single memory leak in your app will use all available memory eventually).

Can't you just store the application state in a database and retrieve it when a user loads the app? If you need some kind of 24 hour processing that keeps the app working, you can do that without keeping sessions around indefinitely.

Cheers,
Bobby

Last updated on Apr, 18th 2012
David Wall
10 years ago Apr 18, 2012 9:38pm

I agree that it makes little sense. Most apps need to be available all the time, but to assume that a user will communicate with your app once, and then not do anything ever again to communicate with the server doesn't mean you need no session timeout, it implies you can timeout the session immediately. If your app instead gets more user interaction, the session timeout resets, so session timeout is just how long to wait with no communications with the client browser before you can assume they are gone.

+1
Rajesh Thanga
10 years ago May 04, 2012 5:46am

Hi all ,
You are correct sir. I already faced the memory leak problem not because of session timeout but some objects are not cleared properly.
Now i turned to default session time out .

Thank you all for valid information.

Hugo Laibaças
9 years ago Aug 21, 2012 11:28pm

Joonas Lehtinen: <session-config>
<session-timeout>-1</session-timeout>
</session-config>

I also need to use this code, but I don't know where to place it... Can anyone tell me?

Thanks.
Hugo

Charles Anthony
9 years ago Aug 22, 2012 7:53am

It needs to be added to WEB-INF/web.xml

+2
Bobby Bissett
9 years ago Aug 23, 2012 6:02pm

And, again, you are guaranteeing that your server will run out of memory eventually. If you make it so that sessions never time out, make sure you plan to reboot your server every now and then.

Can I ask again: what are you hoping to accomplish with this? There's no reason to maintain a session for a user who isn't using it.

Cheers,
Bobby

+1
Gugan Mohan
8 years ago Oct 22, 2013 7:51am

I use this in my web.xml of Vaadin 7 project.

<session-config>
        <session-timeout>1</session-timeout>
</session-config>

But the session is not closing after a minute.. any ideas??

I have a background thread running in my app that gets some information from the browser. Will that be a problem?

Update:
Even I stopped the thread and ran my app. Session is not expiring.. :-(

Agata Vackova
8 years ago Oct 22, 2013 8:53am

Wait few more minutes ;-). From my experience, a session expires about 3-7 minutes after the time is set for a timeout.

Gugan Mohan
8 years ago Oct 22, 2013 9:39am

Agata Vackova: Wait few more minutes ;-). From my experience, a session expires about 3-7 minutes after the time is set for a timeout.

Nothing happens Agata... I have waited for more than 30 minutes..

And also I use ICEPush in my application. Will that be a reason?

peter voland
7 years ago Nov 27, 2014 6:00pm

This session expired nonsesne is driving my company to dump Vaadin. 
even demos suffer from this nonsense behavior....the reloading of the entire page and session expired red message
No other toolkit has this issue....see this

http://demo.vaadin.com/calendar

and compare to google calendar. the difference a deal breaker. how come the design of vaadin
makes it so obtrusive while the google calendar is so smooth. 

 

+1
Gili Buzaglo
7 years ago Dec 14, 2014 7:02am

hi
Sometimes users can run real time chart for example(using timeline) and they might want to visit the page a day or 2 later and see the results.
Instead they see "Session Expired

 

Julian BanaÅ›
7 years ago Dec 19, 2014 1:51pm

Disable session timeout and set cookie max age, so that session cookie will be kept in the browser after it is closed, (normaly session cookie is session scoped and disapears after browser restart.)

​        <cookie-config>  
            <max-age>720000</max-age>  
        </cookie-config>  
    </session-config>
Julian M
7 years ago Apr 20, 2015 3:50pm

this above piece of config - where exactly should I put it?
 

Julian BanaÅ›
7 years ago Apr 20, 2015 4:05pm

Put it inside your web.xml file. At the session-config section.
here you can find example. And here the docs.

Julian M
7 years ago Apr 20, 2015 4:07pm

I dont have web.xml. Can I use annotation for that?
 

Nemanja Kostic
7 years ago May 21, 2015 7:41am
VaadinSession.getCurrent().getSession().setMaxInactiveInterval(300);

in

init(VaadinRequest request) {
          VaadinSession.getCurrent().getSession().setMaxInactiveInterval(300); 
           ...
}

as far as I know, there is no annotation parameter for that. 

 

Yichun Zhao
4 years ago Sep 05, 2017 11:45pm

Julian M: I dont have web.xml. Can I use annotation for that?

 

Thanks. is this set in any UI component? all all of UI components. 
each Vaadin session for one UI component? 

Benjamin Huygir
4 years ago Dec 11, 2017 5:33pm

I still cannot find any combination of techniques that will prevent rapid session timeout on a "idle" UI.  Wth?

I have settings in the code and in web.xml - nothing seems to have any effect whatsoever, and the timeout is fast (like only a few minutes of "idle" time).  I say "idle" because I am generating activity on a thread that is being dispayed on the UI - I just am not clicking or typing.  The scenario is an active "Dashboard" that gets updated every 5 seconds.  User will only interact when needed, but the dashboard is intended to run continuously until stopped, exception warrants auto-stop or it literally crashes somewhere.

How the heck do I keep this thing alive?  At this point, the application is literally useless because of this BS timeout.

What am I missing or is Vaadin the wrong tool for this?

c

Benjamin Huygir
4 years ago Dec 11, 2017 5:34pm

Benjamin Huygir: I still cannot find any combination of techniques that will prevent rapid session timeout on a "idle" UI.  Wth?

I have settings in the code and in web.xml - nothing seems to have any effect whatsoever, and the timeout is fast (like only a few minutes of "idle" time).  I say "idle" because I am generating activity on a thread that is being dispayed on the UI - I just am not clicking or typing.  The scenario is an active "Dashboard" that gets updated every 5 seconds.  User will only interact when needed, but the dashboard is intended to run continuously until stopped, exception warrants auto-stop or it literally crashes somewhere.

How the heck do I keep this thing alive?  At this point, the application is literally useless because of this BS timeout.

What am I missing or is Vaadin the wrong tool for this?

c

P.S.  Test environment is a local Tomcat 8 server - usually just running via Eclipse so I can debug.  Is that having an effect?  Are there additional Tomcat or JVM settings I have to provide?

Benjamin Huygir
4 years ago Dec 11, 2017 5:36pm

Joonas Lehtinen: <session-config>
<session-timeout>-1</session-timeout>
</session-config>

Seems to have zero effect in Vaadin 8 / Tomcat 8.5 configuration.  I wish it was this easy.
 

Benjamin Huygir
4 years ago Dec 11, 2017 6:32pm

Wow - that actually seems to be working.  No other value positive or negative seems to do anything (like I had a value of 7200 in there which should be at least hours but if it's minutes means 5 days - and that did nothing at all).  The zero value must be a "magic number" that does more than an actual value.  Thanks!  Finally.

Goran Atanasovski
4 years ago Dec 11, 2017 6:40pm

Benjamin Huygir: Seems to have zero effect in Vaadin 8 / Tomcat 8.5 configuration.  I wish it was this easy.

Hi Benjamin,

If you are using Tomcat 8.5, according to the specs, you should specify a value of 0 for an unlimited timeout.

Benjamin Huygir:
Wow - that actually seems to be working.  No other value positive or negative seems to do anything (like I had a value of 7200 in there which should be at least hours but if it's minutes means 5 days - and that did nothing at all).  The zero value must be a "magic number" that does more than an actual value.  Thanks!  Finally.

edit: not certain what happened to my original post, but I am glad that setting the value to 0 worked in your case.

BR,
Goran