New HttpSession method: getExpireTime()

[fanste]

Currently I hack into the servlet implementation (here undertow) to get the expire time. Custom calculations (like lastAccessdTime + maxInactiveInterval) are not really accurate and may not reflect all implementation specific changes to that time.
I need this for a customer requirement - show a notification X minutes before the session expires.

Maybe this timestamp could be added as a new API method named getExpireTime?

[martin-g]

Usually such kind of notifications are implemented with JavaScript on the client side, because if you make a request to the server to get the remaining time you will actually refresh the session and the result will be the full timeout.

[arjantijms]

Maybe we could add a special request type that didn't refresh the session?

[fanste]

The way we implemented the notification does not require an additional request. It's an company internal application that relies on websockets (Session listener which installs a task scheduled on a managed execution service which then checks the expired time as soon as the task is executed, etc...). This new method would be a great help to implement this spec compliant without checking the implementation after each server upgrade.

But I have to agree with you, martin-g. Without the separate communication channel (here websocket) it would be nearly impossible to get an accurate notification without additional requests - which then extends the session... But if the suggestion of arjantijms is possible, why not? That would be an all-embrancing solution.