Text only | Text with Images

Roundcube Community Forum

Release Support => Pending Issues => Topic started by: pcanoero on February 23, 2012, 02:56:13 AM

Title: Session Expiration
Post by: pcanoero on February 23, 2012, 02:56:13 AM
Fist of all, great job with RC , it works great!

Hi, i have an issue with RC, the sessions doesnt expire, rc was installed years ago, updated periodically, (not with the scripts, exporting and importing the database, running the installer, updating database schema, modifing the config)  , recently    moved the whole server to one bigger.

  but searching in the database i found that  the table sessions got session information of years ago, its not all related with RC7.01 because of the exporting and importing of old data... but because that i deleted the content of the table sessions a time ago, but still session information is not deleted by RC on logout.

I got no related error in logs  of RC, apache, etc

Also i noticed that session never expire by timeout when i log in RC in a browser.

The relevant content of main.inc.php


Code Select
// Session lifetime in minutes
// must be greater than 'keep_alive'/60
$rcmail_config['session_lifetime'] = 10;

// session domain: .example.org
$rcmail_config['session_domain'] = '.something.org';

// session name. Default: 'roundcube_sessid'
$rcmail_config['session_name'] = null;

// Minimal value of user's 'keep_alive' setting (in seconds)
// Must be less than 'session_lifetime'
$rcmail_config['min_keep_alive'] = 60;

// use this timezone to display date/time
$rcmail_config['timezone'] = -3;

// Default interval for keep-alive/check-recent requests (in seconds)
// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime'
$rcmail_config['keep_alive'] = 60;


I have RC and the system timezone in sync, mysql should be in sync ...

mysql> SELECT @@global.time_zone, @@session.time_zone;
SYSTEM,SYSTEM


Any idea??

Regards
Title: Session Expiration
Post by: pcanoero on February 23, 2012, 01:39:47 PM
:)

http://www.roundcubeforum.net/5-release-support/17-pending-issues/8464-session-timeout.html

QuoteYou misunderstand Roundcube's session timeout. Session will not expire as long as you are logged in. Only if a user closes the browser tab without logging out, the session expires.

    If you want to force a logout on inactivity give my 'session_timeout' a shot (download link see footer).

    Share
    |
    Like

    Regards,
    Rosali

I will try if this occurs, i think it works.

But session information still in the database ....
Title: Session Expiration
Post by: pcanoero on March 06, 2012, 02:21:20 PM
Problem solved :), it was a problem with apache in Debian Squeeze.
The apache not loaded the .htaccess, changing  the option in /etc/apache2/sites-available/default
"AllowOverride None" to "AllowOverride All" solves the problem.

Regards
Text only | Text with Images