httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 47476] New: Cannot renew stored session
Date Mon, 06 Jul 2009 08:05:01 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=47476

           Summary: Cannot renew stored session
           Product: Apache httpd-2
           Version: 2.3-HEAD
          Platform: All
        OS/Version: All
            Status: NEW
          Keywords: PatchAvailable
          Severity: normal
          Priority: P3
         Component: Other Modules
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: alexey.v.varlamov@gmail.com


Created an attachment (id=23933)
 --> (https://issues.apache.org/bugzilla/attachment.cgi?id=23933)
Suggested fix to the problem.

Once mod_session saves a session (to cookie), the session expiration cannot be
reset - the only way to delete and re-create cookie anew. 

Accordingly to documentation:
"The SessionMaxAge directive defines a time limit for which a session will
remain valid. When a session is saved, this time limit is reset and an existing
session can be continued."
However tests and code inspection show that the expiry can be set just once and
later updates do not refresh the session.
Also, "Max-Age" value for the updated session cookie is not passed to a user
agent.

Please see the suggested fix attached.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message