Red Hat Training

A Red Hat training course is available for Red Hat JBoss Enterprise Application Platform

15.2. Configure the HTTP Session Timeout

The HTTP session timeout defines the period after which a HTTP session is considered to have become invalid because there was no activity within the specified period. Changing the HTTP session timeout requires that all affected JBoss EAP instances be restarted. Until that is done, the original HTTP session timeout value applies.
The HTTP session timeout can be configured in several places. In order of precedence these are:
  • Application - defined in the application's web.xml configuration file. For details see Configure the HTTP Timeout per Application in the Development Guide
  • Server - specified via the default-session-timeout attribute. This setting is only available from JBoss EAP 6.4.
  • Default - 30 minutes.

Procedure 15.1.  Configure the HTTP Session Timeout using the Management Console

  1. Click the Configuration tab, then navigate to Subsystems, Web, and click on the Servlet/HTTP menu item.
  2. Click the Global tab in the Servlet/HTTP Configuration panel.
  3. Click the Edit option.
  4. Enter the new value for the Default session timeout.
  5. Click the Save button.
  6. Reload the JBoss EAP server.

Procedure 15.2.  Configure the HTTP Session Timeout using the Management CLI


Add the prefix /host=HOST_NAME to the command for a managed domain.
  1. Specify the desired HTTP Session Timeout value.
    /subsystem=web:write-attribute(name=default-session-timeout, value=timeout)
  2. Reload the JBoss EAP server.