One of the outstanding issues we had was to figure out how to 'touch' the http session to prevent it timing out. This you might remember was for the case where a user has logged into web application containing web sockets (e.g. stock trading with live updates). The user doesn't issue any more http requests, but the websocket sessions are still open (ticker updates).
We talked this through with Rajiv - we can use httpsession.setMaxInactiveInterval to postpone (indefinitely) the expiry of the http session on the server at any time. But the client cookie will retain the expiry time of its last http interaction. In which case, it seems that a browser client will clean out the cookie and the session will effectively be lost. Obviously we can't set the expiry of the cookie to an irresponsibly long time.
Has anyone come up against this problem ?
[jsr356-experts] WebSocket Session/HttpSession