Tomcat not invalidating sessions
Each time that an HTTP request is received by the server, if there is an HTTP session associated with that request, then the property of the session is automatically updated to the current time.
However, if the application server JVM has a high system load due to a large number of concurrent threads then you have the option of invalidating serially.
However, you must set up the Coherence Clustered JMX Framework before you can access them.
The configuration and installation instructions for the framework is provided in "Using JMX to Manage Coherence" in Each Coherence*Web instance has a Session Reaper that will periodically iterate through all of the sessions in the session cache and check for expired sessions.
In most situations, it is far preferable to reduce resource usage than to ensure that sessions are cleaned up quickly after they expire.
Consequently, the default cycle of five minutes is a good balance between promptness of cleanup and minimal resource usage.