CakePHP 2.0 的会话超时太快
我最近切换到 Cake2.0,并且遇到了一些会话超时的问题,比应有的要早得多。
从文档复制示例,我将会话类型设置为php,并将超时设置为3天(4320分钟)。然而,在阅读各种文章后,似乎即使在Cake中将超时设置为3天,如果PHP.ini为会话或GC设置了更短的超时,PHP也可能会破坏GC中的会话。
因此,我将会话默认值更改为 cake,并具有相同的超时时间。
Configure::write('Session', array(
'defaults' => 'cake',
'timeout' => 4320,
));
Configure::write('Security.level', 'medium');
然而,虽然这应该让我登录 3 天,但我发现我几乎没有 3 小时的时间就需要再次登录。
是否存在我应该注意的会话超时问题,或者超时以秒为单位(不是分钟?),还是像 1.3 中那样受到 Security.level 的影响?我还没有找到任何关于 2.0 中如何工作或可能导致问题的硬文档。
提前致谢。
答案: 对于后来进来并看到这个的人。 2.0.5 中有一个错误,会话超时没有保存 Config.write() 中的值;
要解决此问题,请更新到 2.0.6(或 2.1,当它离开测试版时)
I recently switched over to Cake2.0, and was having some issues with Sessions timing out much sooner than they should.
Copying the example from the documentation, I set the session type to php, and set the timeout to 3 days (4320 mins). However, after reading various articles, it seems that even after setting the timeout to 3 days in Cake, PHP may destroy the session in GC if PHP.ini is set with a shorter timeout for the session or GC.
So, I changed the Session default to cake, with the same timeout.
Configure::write('Session', array(
'defaults' => 'cake',
'timeout' => 4320,
));
Configure::write('Security.level', 'medium');
However, while this should leave me logged in for 3 days, I find I barely get 3 hours before I need to log in again.
Is there an issue with Session timeouts that I should be aware of, or is the timeout in seconds (not minutes?) or is it being influenced by the Security.level like in 1.3? I haven't been able to find any hard documentation about how this works in 2.0, or what could be causing the issues.
Thanks in advance.
Answer:
For anyone coming in later and seeing this. There is a bug in 2.0.5 where the Session timeout was not saving the value in Config.write();
To solve, update to 2.0.6 (or 2.1 when it leaves beta)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如果您正在使用安全组件,您也可以随时尝试将它们的过期时间更改为 3 小时:
我并不是说这是一个好主意,但它可以帮助您缩小问题范围。如果您使用安全组件,这可能就是问题所在。
另外,Session.timeout 以分钟为单位(而不是秒)。
If you are using the security component, you can always try changing the expiration on them to 3 hours as well:
I am not saying this is a good idea to do, but it could help you narrow down the problem. If you are using the Security component, this is probably the issue.
Also, the Session.timeout is in minutes (not seconds).