Using this servlet for testing: @WebServlet(name= "SessionTimeoutCheck" , urlPatterns={ "/SessionTimeoutCheck" }) public class SessionTimeoutCheckServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession session = request.getSession(); response.setContentType( "text/html" ); PrintWriter out = response.getWriter(); out.write( "Current session ID: " + session.getId()); out.write( "<br />\n" ); out.write( "Requested session ID " + request.getRequestedSessionId()); out.write( "<br />\n" ); if (request.getRequestedSessionId() != null ) { if (request.isRequestedSessionIdValid()) { out.write( "Valid session" ); } else { out.write( "Session expired" ); } } else { out.write( "No sessionId specified => new session" ); } } } start server deploy recently showed servlet via cli set default-session-timeout to a reasonable value for testing (e.g. 2 minutes): /subsystem=undertow/servlet-container= default :write-attribute(name= default -session-timeout,value=2) reload perform request on http: //localhost:8080/session-timeout-checker/SessionTimeoutCheck to see what happens. After 1 minute session will be already expired (you should see it when you perform another request)