Application needs HTTP session time-out set.

The HTTP Session time-out can be set in the following places:

• From the Administrative Console at the server, Enterprise application, and Web application levels
• At the time when the application is packaged
• In the application code

Setting the HTTP Session time-out from the Administrative Console   1. To set the HTTP Session time-out at the server level, navigate to Servers > Application Servers >   Your Server   > Web Container > Session Management.   In the Session time-out section of this window, you can select   No time-out  or   Set time-out  by clicking the appropriate radio button. If you choose to set the time-out, type the desired value in minutes in the box.   2. To set the HTTP Session time-out at the Enterprise Application level, navigate to Applications > Enterprise Applications >   Your Application  > Session Management.   Check   Override  in the Override Session Management section, then select to set the time-out and the time-out value. This sets the application session to overwrite those values set at the parent, which in this case is the Server level.   3. To set the HTTP Session time-out at the Web Application level, navigate to Applications > Enterprise Applications >   Your Application > Web Module >   Your Web App.war  > Session Management.   Check   Override  in the Override Session Management section, then select to set the time-out and the time-out value. This sets the Application Session to overwrite those values set at the parent levels, which in this case is the Server or Enterprise Application level.   After modifying these settings, save the master configuration.   Setting HTTP Session time-out when application is packaged   The application developer can also select to set the HTTP Session time-out parameter when the application is packaged. This value is stored in the  web.xml  file for the Web application.   This setting overrides any session time-outs defined from the Administrative Console. Alter this setting by repackaging the application with a new value, or by modifying the web.xml file. The entry in the web.xml will be as follows:

      
       
        60
       
      

Where the "session-timeout" is an integer value for the desired session time-out in minutes. Setting HTTP Session time-out from the application code   Finally, the HTTP Session time-out can be set in the application code. The programmer can invoke the setMaxInactiveInterval() method on HttpSession object to set the time-out value as desired. This setting overrides any time-out defined in the application package or made from the Administrative Console.   HTTP Session time-out Override Precedence Summary   The list below shows the precedence from which the final HTTP Session time-out is derived.  

1.	Server Level		Lowest level
2.	Enterprise Application		Overrides the Server Level if Override is selected
3.	Web Application		Overrides the Server and Enterprise Application settings if Override is selected
4.	Application Level (web.xml)		Overrides Server, Enterprise Application, and Web Application settings
5.	Application Code		Overrides all other settings