You are viewing a plain text version of this content. The canonical link for it is here.

Posted to zeta-issues@incubator.apache.org by "Philipp Kamps (JIRA)" <ji...@apache.org> on 2011/05/15 11:43:47 UTC

[jira] [Updated] (ZETACOMP-81) Session timeout

     [ https://issues.apache.org/jira/browse/ZETACOMP-81?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Philipp Kamps updated ZETACOMP-81:
----------------------------------

    Attachment: patch.txt

I added another timestamp to $_SESSION. It gets updated when IsValid gets called.

It's still a bit confusing because (to me) it's not obvious that you need to call "isValid" in order to update the activity timestamp.

> Session timeout
> ---------------
>
>                 Key: ZETACOMP-81
>                 URL: https://issues.apache.org/jira/browse/ZETACOMP-81
>             Project: Zeta Components
>          Issue Type: Bug
>          Components: Authentication
>            Reporter: Philipp Kamps
>         Attachments: patch.txt
>
>
> Not sure, but looks like the session timeout is strange. I have following code:
> 		$options = new ezcAuthenticationSessionOptions();
> 		$options->validity = 10;
> 		$session = new ezcAuthenticationSession( $options );
> I would expect a session timeout after 10 seconds __OF INACTIVITY__. But it looks like it's a total lifetime of 10 seconds, even when I'm active ( constantly requesting more pages that start the session ).

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira