Instead of using a ServletContextListener, use a HttpSessionListener
.
In the sessionCreated()
method, you can set the session timeout programmatically:
public class MyHttpSessionListener implements HttpSessionListener {
public void sessionCreated(HttpSessionEvent event){
event.getSession().setMaxInactiveInterval(15 * 60); // in seconds
}
public void sessionDestroyed(HttpSessionEvent event) {}
}
And don’t forget to define the listener in the deployment descriptor:
<webapp>
...
<listener>
<listener-class>com.example.MyHttpSessionListener</listener-class>
</listener>
</webapp>
(or since Servlet version 3.0 you can use @WebListener
annotation instead).
Still, I would recommend creating different web.xml files for each application and defining the session timeout there:
<webapp>
...
<session-config>
<session-timeout>15</session-timeout> <!-- in minutes -->
</session-config>
</webapp>