[pmwiki-users] persistence of login (hello?)
Kathryn Andersen
kat_lists at katspace.homelinux.org
Mon Jul 10 16:42:14 CDT 2006
On Mon, Jul 10, 2006 at 02:06:27PM -0500, Patrick R. Michaud wrote:
> On Mon, Jul 10, 2006 at 10:24:23AM +1000, Kathryn Andersen wrote:
> > I am running PmWiki for our intranet at work, and users have been
> > complaining that they keep on getting logged out; they want the login to
> > last as long as the browser is open, but they log in, do stuff, and then
> > come back the next day to find that they've been logged out again.
>
> I don't know of an obvious way to do this. PmWiki uses PHP sessions
> to manage most of its login information, and by default PHP expires
> sessions after approximately 24 minutes of inactivity.
Ah.
Which makes perfect sense in a situation where you have external access,
you want these to expire reasonably quickly.
> Which indirectly points to one possibility -- perhaps you can change
> PHP's session settings to keep track of logins over a longer
> period of time. To do this you'd probably want to make the following
> settings in the php.ini:
>
> session.gc_maxlifetime = 604800 # 7 days
> session.cookie_lifetime = 2592000 # 30 days
Ah.
> The session.gc_maxlifetime causes PHP to keep sessions around for
> at least a week, which means that the session will remain active
> as long as someone accesses the wiki at least once per week.
Which would probably suit our setup.
> The second setting causes the PHP session cookie (used to keep
> track of the browser and map to the session) to last for 30
> days. Thus, after 30 days the browser would be prompted to
> log in again.
(nods)
> Of course, either of these settings could be made larger or smaller
> as desired. On the other hand, if the server is being used for
> PHP scripts other than PmWiki, it's probably a good idea to localize
> them to take effect only for the wiki (probably within the Apache
> webserver configuration).
Pointers to docs for how to do that?
> You might want to also change the value of session.save_path so that
> these extended sessions are saved (and garbage collected) from somewhere
> other than the default directory that is shared by other PHP
> scripts on the server.
(nods)
> I can provide more information, but it would be good to know if
> you think these changes can be reliably made site-wide, or if
> it would be better to have a PmWiki-only solution (e.g., via changes
> in config.php).
In my case, it could be done site-wide, as I do have access to the
Apache server configuration (and I could change php.ini if necessary).
> Hope this helps,
Thanks muchly, it does!
Kathryn Andersen
--
_--_|\ | Kathryn Andersen <http://www.katspace.com>
/ \ |
\_.--.*/ | GenFicCrit mailing list <http://www.katspace.com/gen_fic_crit/>
v |
------------| Melbourne -> Victoria -> Australia -> Southern Hemisphere
Maranatha! | -> Earth -> Sol -> Milky Way Galaxy -> Universe
More information about the pmwiki-users
mailing list