Is there a way to avoid HttpSession time renew for a specific url pattern?

First, I know the simple answer is no. But my problem is: I have a webapp that uses come开发者_Python百科t to notify events to users, but when a reconnection occurs, the session time is renewed. In some cases, if the user let the browser open, the session will never expire.

So I'm trying to figure out if there is a way to avoid the session renewing for requests to the comet url (maybe using a solution for a specific container, like Tomcat's valve), or if I really have to create a custom session controller for my app, that doesn't relies on the HttpSession.

Any Ideas?

---

The simplest way to do this is to have the comet connection stream on a different domain, and make sure your session cookies aren't set for that domain. Then the streaming connection can't renew the session and you're good to go.

This solution does require that your comet solution supports cross-domain streaming; not sure what you're using for that, but any commercial comet solution worth its salt should work cross-domain without a problem.