Delete Session Data in JSP

When you are done with a user's session data, you have several options −

• Remove a particular attribute − You can call the public void removeAttribute(String name) method to delete the value associated with the particular key.

• Delete the whole session − You can call the public void invalidate() method to discard an entire session.

• Setting Session timeout − You can call the public void setMaxInactiveInterval(int interval) method to set the timeout for a session individually.

• Log the user out − The servers that support servlets 2.4, you can call logout to log the client out of the Web server and invalidate all sessions belonging to all the users.

• web.xml Configuration − If you are using Tomcat, apart from the above-mentioned methods, you can configure the session time out in web.xml file as follows.

<session-config>
   <session-timeout>15</session-timeout>
</session-config>

The timeout is expressed as minutes and overrides the default timeout which is 30 minutes in Tomcat.

The getMaxInactiveInterval( ) method in a servlet returns the timeout period for that session in seconds. So if your session is configured in web.xml for 15 minutes, getMaxInactiveInterval( ) returns 900.