In Java EE HttpSession, when I set the session timeout to negative (by using

Question

0

Asked: June 13, 20262026-06-13T20:14:57+00:00 2026-06-13T20:14:57+00:00

In Java EE HttpSession, when I set the session timeout to negative (by using

0

In Java EE HttpSession, when I set the session timeout to negative (by using setMaxInactiveInterval), supposedly, I thought it should be retained even after the browser is closed. But according to this page Session Lost when closing the browser, it seems like it doesn’t.

How can this happen? Then I have to use a cookie to store the session id? Then how am I going to generate this session id by myself? I will lose the HttpSession’s advantage if I manage the session by myself.

I am using Tomcat in this case. How do you all settle this issue? Any simplest way in doing this?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-13T20:14:59+00:00

Editorial Team

2026-06-13T20:14:59+00:00Added an answer on June 13, 2026 at 8:14 pm

Instead of using cookies you could use a flag in the database to check whether the person has logged out or not. So you don’t have to worry about the filters and the cookies

Make sure to toggle the flag once the user logs out.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

In Java EE HttpSession, when I set the session timeout to negative (by using

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply