| tensh |
|
|---|---|
|
Hi;
I've got a problem. Despite the fact that in Cotonti setings there's the longest cookie lifetime set, users on my site are logged out after a couple of minutes of inactivity. What else can inluence the session time? My server settings: session.gc_maxlifetime = 1440 session.cache_expire = 180 |
| GHengeveld |
|
|---|---|
|
Check your cookie settings, it sounds like they don't get stored or read properly.
|
| tensh |
|
|---|---|
|
What should be correct (universal?) settings for cookies?
Added 13 days later: Another question would be: does Cotonti use ssl without any problem? I'm wondering about SSL login page. I'm also open for possible ideas on what can influence the quick loging out - I pretty much don't know what should I look for, but clearly it's from the server's side (without changing any settings in Cotonti, during recent server system "improvements" the login time was drastically shortened, so it kicks me out of Cotonti after a couple of minutes) It's very frustrating also for my users, who get logged out as they hit "post a message", and no message is saved. |
|
Dit bericht is bewerkt door tensh (2010-06-22 17:53, 13 jaren ago) |
| Trustmaster |
|
|---|---|
|
One of my customers suffered a lot from sudden logouts. We had tried a million ways until we found that session handler they use (memcache) causes this. We solved it by using another session handler (file based) and forcing the "remember me" flag.
BTW, it makes a bit difference: whether you're logged out with "remember me" or not. This option stores data in cookies, without it sessions are used. Another thing to check is how often your IP changes. As for SSL, there shouldn't be any problems with it. May the Source be with you!
|
| tensh |
|
|---|---|
|
My IP doesn't change, also the same sudden logouts are with "remember me" buttons.
My site's using the eAccelerator, maybe this is what causes problems? I also saw the suhosin extension installed. Can you please show me how you solved the session handling using files? (it required corehacking?) |
| foxhound |
|
|---|---|
|
We are experiencing the same issue, being logged out from the admin panel at random. Its impossible to tell when it happens as one minute you are checking the config of a plug and your logged out and other times while opening topics to check.
<img src="http://www.armaholic.com/datas/thumbs/green-sea-battalion-uniforms-version-03-preview_4.jpg" alt="green-sea-battalion-uniforms-version-03-" />
|
| Trustmaster |
|
|---|---|
|
Please tell me if you get this problem if using "remember me" option.
May the Source be with you!
|
| foxhound |
|
|---|---|
|
Yes, I always select "remember me". But today for example I was logged out when doing a search (on both pages and forums).
<img src="http://www.armaholic.com/datas/thumbs/green-sea-battalion-uniforms-version-03-preview_4.jpg" alt="green-sea-battalion-uniforms-version-03-" />
|
| tensh |
|
|---|---|
|
Any thoughts about this problem?
|
| Trustmaster |
|
|---|---|
|
Yes actually and these thoughts are implemented on Siena. I wonder if it is important enough to apply the patch on Genoa too (it changes some login internals).
May the Source be with you!
|
| GHengeveld |
|
|---|---|
|
Can you be more specific about these changes? I remember we've been having issues with the 'remember me' option in the past, with unexpected behavior when following a certain route through the site. These problems seem fixed. I can't find the trac ticket anymore though.
One reason for asking specifics is because I've more or less copied the Cotonti auth system to my own custom PHP framework (similar to Kohana 2, but more basic). I'd like to update it if necessary. |
| donP |
|
|---|---|
|
Actual Login method shows many problems if we use mod_rewrite to create subdomains...
I discussed here: http://www.cotonti.com/forums.php?m=posts&q=5657 but with no much interest. Mostly, it seems to me that Cotonti development had stopped from long time (I look at Trac tickets every day and they are always the same). in [color=#729FCF][b]BLUES[/b][/color] I trust
|
| Trustmaster |
|
|---|---|
|
Recent login changes in Siena:
http://trac.cotonti.com/ticket/496 accompanied by this: http://trac.cotonti.com/ticket/497 See changes in common.php and users.*.php in r1237 Most of the subdomain issues are fixed there except for PHPSESSID cookie which is more a PHP thing rather than Cotonti (see the topic mentioned in the previous post). May the Source be with you!
|
| tensh |
|
|---|---|
|
If it wouldn't be a problem, a patch to Genoa is highly appreciated!
 |
| pieter |
|
|---|---|
|
Or release Siena shortly
... can we help you ...
|
