Lot of time passed since last post in this thread, but I want to renew discussion.
In my opinion, Your workaround provide many problems. For example, my application has many different "timeout-critical" models, so I can't easly check session status in each of them (time for implementaion and resources cost). Next, when sessions time-to-live is over, Tersus throws alert, likt this one:
It would'nt be a problem, if after alert, Tersus could easly logout User or just redirect to logout page. Unfortunately its not going to happen. Instead of this, User has still access to system with possibility to switch between views, etc.Or maybe there is some other way to catch this kind fo exception?
Also, I'm thinking about security problem, using long-time sessions, for example 12+ hours. Is this safe and is Tomcat capable to hold such many sessions?
The best solutions would be (provided by Your team), some kind of throw-catch mechanism. For example, proposed by Joel <On time out>, which could check current status of session, and if session is dead, it could safely logout User.
Darek Gorecki / Neoprimus.com
For best results, use the Firefox browser..