How can I reset the session timeout in a Spring Boot application

Question

I have set the session timeout to 20 minutes by adding the following line to my application.properties file:

server.servlet.session.cookie.max-age=20m

The problem is that my application is a single page application. So even if I use it I never change page and the timeout is never reset. Therefore after 20 minutes I am logged out. I can I tell Spring to reset the timeout after each REST request?

You need to set the server's session timeout rather than cookie max age. This will reset on each interaction with the server. See here: https://stackoverflow.com/questions/35105410/what-is-the-difference-between-session-timeout-and-max-age-in-web-xml — Alan Hay, Jun 26 '19 at 14:49

score 0 · Answer 1 · answered Jun 27 '19 at 09:54

0

I solved the problem by replacing this line:

server.servlet.session.cookie.max-age=20m

with this line

server.servlet.session.timeout=20m

in the application.properties file.

answered Jun 27 '19 at 09:54

nix86

2,837
11
36
69

hello, this solution works, but spring does not renew cookie automatically on request. So after 20 minutes (even its 20 minutes of activity), user will be logged out. Is there any property or "nice" solution to tell spring to renew (beside the session renew) cookie expiry on each request? – Johnczek Aug 06 '20 at 12:56

How can I reset the session timeout in a Spring Boot application

1 Answers1