You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Les Hazlewood (JIRA)" <ji...@apache.org> on 2013/05/05 02:34:15 UTC

[jira] [Commented] (SHIRO-421) Unable to set long timeouts on HttpServletSession

    [ https://issues.apache.org/jira/browse/SHIRO-421?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13649225#comment-13649225 ] 

Les Hazlewood commented on SHIRO-421:
-------------------------------------

This will require new methods for the Session API to support setting time with various units (e.g. setTimeout(long, TimeUnit)).

We can add this for 1.3 or 2.x, whichever comes first (point releases cannot introduce new public/protected methods).
                
> Unable to set long timeouts on HttpServletSession
> -------------------------------------------------
>
>                 Key: SHIRO-421
>                 URL: https://issues.apache.org/jira/browse/SHIRO-421
>             Project: Shiro
>          Issue Type: Bug
>          Components: Session Management
>    Affects Versions: 1.2.1
>            Reporter: Andrew Pitman
>              Labels: session
>
> When I set the timeout on a org.apache.shiro.web.session.HttpServletSession to a large value (30 days == 2592000000 milliseconds) using the setTimeout(long) method and then read the timeout with the getTimeout() method, I get -1702967296. I would like to be able to do this in order to have a long-lasting session for users who select "remember me" when logging in to a web app.
> I think this may have something to do with the fact that the getTimeout() method is using integer multiplication before converting the javax.servlet.http.HttpSession's max inactive interval from an int to a long.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira