79588872

Date: 2025-04-23 14:46:09
Score: 0.5
Natty:
Report link

found the bug.

In my index.jsp in my ROOT context, I added
Session Timeout=<%= session.getMaxInactiveInterval() %>

when accessing the root context using https://<host>/ and it gets redirected to index.jsp it shows Session Timeout=120

when accessing the root context using https://<host>/index.jsp it shows Session Timeout=7200

So when accessing / the timeout is not being set?

I added a workaround in my index,jsp

<% 
int timeout=session.getMaxInactiveInterval();
%>

<script>
   console.log("Session Timeout=<%= timeout %>");
<%
if (timeout < 1000) {
   session.setMaxInactiveInterval(2*60*60); //2hrs
   timeout=session.getMaxInactiveInterval();
%>
   console.log("Session Timeout=<%= timeout %>");
<%
}
%>
</script>
Reasons:
  • Long answer (-0.5):
  • Has code block (-0.5):
  • Contains question mark (0.5):
  • Self-answer (0.5):
  • Low reputation (0.5):
Posted by: zackhalil