Enthuware

I think this question's answer seems to be incorrect

If i am wrong, please correct me about below information. Thank you

setMaxInactiveInterval(-1) -- session never ends
setMaxInactiveInterval(0) -- session ends immediately
setMaxInactiveInterval(1) -- session will be invalidated after that many seconds have passed.

and as added by stella

<session-timeout>0<session-timeout> //never ends
<session-timeout>-1</session-timeout> //never ends
<session-timeout>1 </session-timeout> //time out after 1 minute

No, it is correct. The explanation mentions the specification section number also for this. You might want to check it out. I have no idea about stella.

HTH,
Paul.

I copied this from the Servlet 3.0 spec section 7.5:

This time out can be changed by the Developer using the setMaxInactiveInterval
method of the HttpSession interface. The time out periods used by these methods
are defined in seconds. By definition, if the time out period for a session is set to -1,
the session will never expire.

There is nothing in this section that says that if the time out period for a session is set to 0,
the session will never expire.

In Head First Servlets and JSP's it is said that the session is caused to time out immediately if the time out period for a session is set to 0.

So I agree with jGuriUK.

I think I know the reason for the confusion. I looked at the most recent version of the spec ( Servlet 3.1) while responding earlier and it says in Section 7.5:

The time out periods used by these methods are defined in seconds. By definition, if the time out period for a session is set to 0 or lesser value, the session will never expire.

In Servlet 3.0, it says:

The time out periods used by these methods are defined in seconds. By definition, if the time out period for a session is set to -1, the session will never expire.

However, in JavaDoc API for HttpSession EE 6, it says:

setMaxInactiveInterval

void setMaxInactiveInterval(int interval)
Specifies the time, in seconds, between client requests before the servlet container will invalidate this session.
An interval value of zero or less indicates that the session should never timeout.

Parameters:
interval - An integer specifying the number of seconds

So, given the above details, I would say the most recent specification has only made it more clear what was
impression earlier i.e. an interval value of zero or less indicates that the session should never timeout.

HTH,
Paul.

Hello again why Servlet spec 3.1 in use when exam is about Servlet spec 3.0?
setMaxInactiveInterval(0) will invalidate the session in servlet 3.0. Here is the code output
IllegalStateException: isNew: Session already invalidated
Is this behaviour not guaranteed since option 4 is not valid ?
As soon as I know Servlet spec only states for dd "If the time out is 0 or less, the container ensures the default behavior of sessions is never to time out."
And no behaviour for value 0 if used with setMaxInactiveInterval "By definition, if the time out period for a session is set to -1,the session will never expire."

Did you go through the explanation for option 4? It explains exactly the point that you are making. Servlet 3.0 specification is not clear about what happens with time out period is set to 0. But the Servlet api version 6 (which is what the exam is also based on) says that an interval value of zero or less indicates that the session should never timeout.