Application Session Timeout – The amount of time (in seconds/minutes) that a session can remain inactive before it is invalidated.

Default weblogic  application session timeout is set to be 3600 seconds, this is visible in Application’s configuration tab in Weblogic Admin Console.

If applications do not specify the timeout then above is applicable else,

There are two ways it can be set,

In web.xml (Remember this is in minutes)

Default value: 60 minutes

<!-- Set the default session timeout (in minutes) -->
<session-config>
<session-timeout>90</session-timeout>
</session-config>

 

In weblogic.xml

Default value: 3600 seconds

<session-descriptor>
       <session-param>
           <param-name>timeout-secs</param-name>
          <param-value>3600</param-value>
      </session-param>
 </session-descriptor>

 

On busy sites, you can tune your application by adjusting the timeout of sessions. While you want to give a browser client every opportunity to finish a session, you do not want to tie up the server needlessly if the user has left the site or otherwise abandoned the session which could result in building up thousands of sessions in memory eventually resulting in OOM (OutOfMemory) error.

REMEMBER:- This element can be overridden by the session-timeout element (defined in minutes) in web.xml.

If specified in web.xml, web.xml takes precedence over weblogic.xml.