incubator-zeta-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Philipp Kamps (JIRA)" <>
Subject [jira] [Commented] (ZETACOMP-81) Session timeout
Date Tue, 17 May 2011 21:27:47 GMT


Philipp Kamps commented on ZETACOMP-81:

I'm OK if isValid is updating the activity timestamp.

In general (even without the patch), I just wasn't aware that you should call isValid on each
page load (because that method actually destroys the session when invalid).

isValid is also starting the session - so I don't think you'd need to call $session->start()
(as the example states).

Anyways, I think we're good. Just took me some time to understand the session handling.

> Session timeout
> ---------------
>                 Key: ZETACOMP-81
>                 URL:
>             Project: Zeta Components
>          Issue Type: Bug
>          Components: Authentication
>            Reporter: Philipp Kamps
>         Attachments: patch.txt
> Not sure, but looks like the session timeout is strange. I have following code:
> 		$options = new ezcAuthenticationSessionOptions();
> 		$options->validity = 10;
> 		$session = new ezcAuthenticationSession( $options );
> I would expect a session timeout after 10 seconds __OF INACTIVITY__. But it looks like
it's a total lifetime of 10 seconds, even when I'm active ( constantly requesting more pages
that start the session ).

This message is automatically generated by JIRA.
For more information on JIRA, see:

View raw message