This J2EE tip describes a method of setting session time in web.xml. Session time of a servlet may be set based on the requirement of the application. This may limit the session to a particular time interval and restrict the client that is accessing the session to use it indefinately.

import javax.servlet.*;
import javax.servlet.http.*;

public class SessionTime extends HttpServlet {
  int  i = 0;
  public void doGet(HttpServletRequest request , HttpServletResponse response)
       throws ServletException , IOException {
    i++ ;
    Integer a = new Integer(i);
    PrintWriter out = response.getWriter();
    HttpSession sess = request.getSession(true);
    // If the session doesnt exist a new session will be created
    Object b = sess.getAttribute("MySession");
    // Exatract the session set previosuly
    out.println("You Have Visited This Page"+b);

Here is the web.xml for the servlet. Session time out should be specified in minutes.

<servlet/> // Write Appropiate code
<servlet-mapping/>// // Write Appropiate code
<session-timeout> 1 </session-timeout >