I'm trying to find the error why we have no session timeout on our websphere 5.1 server.
Information about our Application & Server:
We using websphere 5.1 on sun solaris server (E4500) with 8GB Ram.
Our application is using java with struts 1.2, no EJB in any kind and an Oracle DB.
We have specified in the web.xml the timeout to 30 and I have checked this on the Admin console of Websphere (for our application) and it is 30.
But after an hour after enter the application (user/password) we still have our session with the data in it (role specific navigation still works, data still there...)
What I need to know is:
-how the session invalidate process works (exactly), what does websphere after an session should timeout.
-and what type of java code can avoid websphere to remove a session?
thanks for your help.