My Oracle Support Banner

HTTP Sessions Created In A ServletRequestListener Do Not Expire In Oracle Glassfish Server 3.1.1 (Doc ID 1385467.1)

Last updated on AUGUST 06, 2018

Applies to:

Oracle GlassFish Server - Version 3.1 to 3.1.1 [Release 3.1]
Information in this document applies to any platform.

Symptoms

The problem is with HTTP Sessions not expiring which, depending on how your application uses HTTP Sessions, could be difficult to spot as your application in all likelihood will continue to function normally unless you have specific checks in place. 

The only way to see if this problem is occurring is to examine some of the metadata in the HTTP Session object itself, principally the session's last access time and its max idle time, and compare that to the current wall clock time.  This problem is present if:

lastAccessedTime() + (maxInactiveInterval() * 1000) < currentTimeMillis()


Here the first two method calls are available from the HttpSession object, and the last from the System object.  Note the max inactive interval is in seconds, and needs to be converted to milliseconds to be able to used correctly in the above comparison.

Changes

This problem is only present in Oracle GlassFish Server 3.1 and 3.1.1, and is not seen in 2.1.1 or 3.0, and therefore its possible that upgrading to 3.1 or 3.1.1 could then lead to this problem being encountered where no problem existed before.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.