Why does not expire session in weblogic when websocket is enabled?

Question

I developed a Spring Boot 2.1.0 web application and used Weblogic 12.2.1.4 as a web server. When I enabled WebSocket, session does not expired in Weblogic but it works correctly in the embeded Tomcat and session is expired.

Some configs when I used Weblogic are as bellow:

pom.xml

<dependency>
    <groupId>org.webjars</groupId>
    <artifactId>sockjs-client</artifactId>
    <version>1.0.2</version>
</dependency>
<dependency>
    <groupId>org.webjars</groupId>
    <artifactId>stomp-websocket</artifactId>
    <version>2.3.3</version>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-amqp</artifactId>
</dependency>

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-websocket</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-tomcat</artifactId>
    <scope>provided</scope>
    <exclusions>
        <exclusion>
            <groupId>org.apache.tomcat.embed</groupId>
            <artifactId>tomcat-embed-websocket</artifactId>
        </exclusion>
    </exclusions>
</dependency>

weblogic.xml

<wls:context-root>/</wls:context-root>
<wls:charset-params>
    <wls:input-charset>
        <wls:resource-path>/*</wls:resource-path>
        <wls:java-charset-name>UTF-8</wls:java-charset-name>
    </wls:input-charset>
</wls:charset-params>

<wls:jsp-descriptor>
    <wls:page-check-seconds>8</wls:page-check-seconds>
</wls:jsp-descriptor>

<wls:container-descriptor>
    <wls:prefer-application-packages>
        <wls:package-name>org.slf4j.*</wls:package-name>
        <wls:package-name>com.fasterxml.jackson.*</wls:package-name>
        <wls:package-name>oracle.*</wls:package-name>
        <wls:package-name>org.springframework.*</wls:package-name>
        <wls:package-name>org.apache.cxf.*</wls:package-name>
    </wls:prefer-application-packages>
</wls:container-descriptor>

<wls:session-descriptor>
    <wls:timeout-secs>1800</wls:timeout-secs>
</wls:session-descriptor>

WebSocektConfig.java

@Configuration
@EnableScheduling
@EnableWebSocketMessageBroker
public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {

    @Override
    public void configureMessageBroker(MessageBrokerRegistry config) {
        config.enableSimpleBroker("/topic","/queue");
        config.setApplicationDestinationPrefixes("/app");
    }

    @Override
    public void registerStompEndpoints(StompEndpointRegistry registry) {
        registry.addEndpoint("/websocket").withSockJS();
    }
}

Index.jsp

<script src="<c:url value='/View/header/assets/websocketJs/js/sockjs.min.js'/>"></script>
<script src="<c:url value='/View/header/assets/websocketJs/js/stomp.min.js'/>"></script>
<script>
    var stompClient = null;
    function connectWebsocket() {
        var socket = new SockJS('/websocket');
        stompClient = Stomp.over(socket);
        stompClient.connect({}, function (frame) {
            console.log('Connected: ' + frame);
            stompClient.subscribe('/user/queue/msg', function (res) {
                showMessageToUser(JSON.parse(res.body));
            });
        });
    }
</script>

Are there any solutions or Weblogic configs for this problem?

If you have any suggestions that can be help me, please add comment or answer.

Thanks.

Answer 1

I had the same problem. After a lot of investigation I finally solved by putting in the weblogic.xml the following settings:

  <session-descriptor>
        <timeout-secs>3600</timeout-secs>
        <cookie-max-age-secs>3600</cookie-max-age-secs>
  </session-descriptor>

The important part is: <cookie-max-age-secs> which makes the sessionID cookie expire as well as the sessionID. Please note that in this way the websocket doesn't keep anymore the session alive.