Friday, June 21, 2013

Cakephp - Session Timeout

I am using Cakephp 1.3 and having a lot of troubles with session timeouts.

So, here's my core.php file.

 Configure::write('Session.save', 'cake');   Configure::write('Session.cookie', 'TESTING');   Configure::write('Session.timeout', '0.01');   Configure::write('Session.start', true);   Configure::write('Session.checkAgent', false);   Configure::write('Security.level', 'low');

Here comes the first problem, on session.timwout it is specified as SECONDS but if I put 1 using low that gives my cookie expire of 5 hours (?). with this setting I am getting 3 minutes to cookie expire, I don't understand that, it should be 1 x 300 seconds = 5 minutes. what kind of math is that?

And the main problem is that this is not being respected, when I log to my website I can see it generated a session and will expire in 3 minutes, but as soon as I log on and click a link i get back to the log in page, which means I get de authenticated in less than 30 seconds.

I am trying to set such a low value for testing, I know high and medium security values regenerate session between requests but I would like to understand what's going on.

Thanks a lot.

--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
 
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

No comments: