The purpose of the session heartbeat is to reduce server load by closing sessions earlier (for example, by detecting sessions where the user is offsite).
The HeartBeat feature is an automatic process on the browser that regularly sends information to the server (e.g. every 5 minutes) to indicate that the browser is open. Once the user has closed the browser, the server no longer receives this HeartBeat and can therefore close the session immediately, without waiting for the timeout.
Caution: The HeartBeat does not allow extending the session beyond the idle user timeout (defined in the WEBDEV Application Server). If you set a session timeout to 10 minutes, the session will be closed after 10 minutes without an action from the user, even if the browser is still open.
Therefore, choosing the right interval is essential:
- If the interval is too big, sessions remain open for too long.
- If the interval is too short, the server is unnecessarily loaded with heartbeat calls to keep the sessions alive.
Caution: These heartbeat calls consume resources (network and battery) in the case of mobile clients.
The WEBDEV Application Server tries to dynamically detect if session maintenance is available. Sessions are ended sooner only if the application server detects that the page displayed on the client side is a page from the site. Otherwise, (e.g. an external payment page is displayed), sessions are not ended.