Apache Tomcat session timeout- Let’s fix it!

apache tomcat session timeout

Table of Contents

Timeout errors are troublesome, isn’t it?

Apache Tomcat session timeout mainly occurs due to longer idle sessions. But, finding the real reason for the timeout error can be tricky.

At 1 onlyhost, we receive many requests to fix the Apache Tomcat session timeout error as part of our Server Management Services.

Today let’s have a deep look at this error and how our Support Engineers fix it for the customers.



What is the Apache Tomcat session timeout error?

Recently, one of our customers approached us with a session time out error.

He had web applications running under Apache Tomcat Webserver. He left his application idle for about 30 minutes.

After that, when he tried to access the page, he got the following error,

Apache Tomcat session timeout error

This occurred due to the idle session timeout error of an application server.

Usually, the default session timeout in the Apache Tomcat application server is 30 minutes. Unless it is set as per the application requirement, it can result in website errors.

How we change the session timeout value?

Now let’s check how our Support Engineers change the session timeout setting for an Apache Tomcat application server.

To modify the default session timeout value on an Apache Tomcat server,

1. Firstly, we open the web.xml file within the Tomcat installation directory. For security reasons, we always make a backup copy of this file.

Usually, in Windows, web.xml file appears under the path c:\Program Files\Apache Software Foundation\Tomcat x.0\conf.

Similarly, in Linux, we can edit this file from /opt/tomcat/conf/web.xml.

2. After that, we edit the following segment of code in the web.xml file,


3. Next, we change the timeout setting to the desired value. It is important to note that the value of timeout is set in minutes.

4. Finally, we save the file and restart the Tomcat server.

Similarly, we can set up an unlimited session timeout or no timeout in Tomcat. We can do this by setting the number in the session timeout tag to -1.

But, we do not recommend this due to security reasons. An attacker can steal and use the existing user session during this session timeout.

Therefore, setting the session timeout value to a minimum is the best practice.

[Need help to change the Tomcat session timeout value?- We’re available 24/7.]


In short, the login screen appears frequently due to the idle session timeout of the Application Server. Today, we saw how our Support Engineers fix the Apache Tomcat session timeout error for our customers.

Leave a Comment

Your email address will not be published. Required fields are marked *

Social Share


Cheapest Web Hosting

Fasters Web Hosting Promo
Scroll to Top

Launch your Website at RS599

Create a professional website yourself with our domain hosting combo. Get Extra benefits at this Year end Sale with 10% OFF and Enjoy Amazing Deels on Shared Hosting!

Starting at Only RS599/Year

Year End Sale


Use Code STARTBIZ at Checkout.

Create an earning opportunity with A Web Hosting Business

Become reseller and start reselling domains, web hosting, ssl certificates and More.

45% OFF

Starting at RS399/Month


Use coupon: at the checkout.