There are two methods used to transfer data between the two more more security domains:
CROS – Cross Origin Resource Sharing and it works with the HTTP web browsers
JSONP – JSON with Padding which works with the HTTP GET and on legacy browsers
I have a web application which is deployed on a Tomcat server (version 7). I have set the session timeout value as 10 minutes in the web.xml file. In pages with no Ajax call, the session time out value is reset promptly. But it is not renewed on pages with Ajax calls. Web application is taking user back to Login screen even though some activity is happening on the page (with Ajax).
Can anyone help me?