Session Timeout - specifies the number of minutes a session can be idle before it is expired in a web application. Suppose if we specify 5 minutes as session timeout period in an application and if an user is idle for more than 5 minutes then session of the user gets abandoned automatically which we generally called as logged out.
 |
| Session Timed Out |
We can define it inside deployment descriptor (web.xml) as shown below:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/
xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>MyWebApplication</display-name>
<session-config>
<session-timeout>10</session-timeout>
</session-config>
</web-app>
Here, the value set in element is the number minutes after which sessions in the web application expire and the above setting is apply for the entire web application.