Strange Session timeout in CakePHP

1
votes

i developed a program using cakePHP. This program uses frameworks own authentification system. Now i got a notice from a user. He gets logged out after 20-30 mins of inactivity. The strange fact: no other user has this problem AND cakePHP-settings and php-settings for timeouts are set to over 2 hours. Where is the problem? Browser settings? OS? I hae no clue.

Greets

EDIT
All users have this problem. Some days they got logged out after 15 min, some days 2 hours is no problem.

EDIT 2
My Cake-Seetings:

Configure::write('Session.save', 'cake');
Configure::write('Session.timeout', '120');
Configure::write('Security.level', 'medium');
1
phpcakephpauthenticationsession-timeout
Most likely it's an issue on the client side. Hard to tell from the distance.Lars Stegelitz
I have no clue what client side issues can cause this Problem. But thanks so far Lars.KommiZZar
Losing the session cookie (or deleting it from the browser) is sufficient to lose the session, for example. Since no other user reports this kind of problem, i'd assume that the problem is not on the serverside, but the client. I might be wrong here, but your description indicates such assumption.Lars Stegelitz
Like what's said above, it's probably a security feature on the browsers people are using (to prevent unauthorized access). To debug, look at the response that sets the cookie in the browser. Provided the settings are right, it's an issue with the browser's configuration.ahjohnston25
I also think that this is your cookie timeout (which you failed to raise to far): dereuromark.de/2012/02/02/more-persistent-sessions-in-cake2-x/… Note that the level is not used in 2.x anymore.mark

1 Answers

0
votes

Longshot, probably doesn't matter but I noticed on the cakephp page that 

Configure::write('Session.timeout', '120');

is actually used as :

Configure::write('Session.timeout', 120);

It could be defaulting to default settings. Info here: Cake sessions. Untested, worth a shot.