session-timeout

问题 How can I implement a heartbeat with JSF 1.2, RichFaces 3.x using SEAM 2.x which also works during a long-lasting request executed by an user? Currently, we've got a heartbeat (to avoid session timeout) using <aj4:poll action="#{bean.keepAlive}" ... /> which does not work during long-lasting requests on the server. Using an own eventsQueue="heartbeat" allows that the required heartbeat is sent even while executing a long-term request but leads us into a org.jboss.seam

问题 Let's suppose I have a sign-in form. When I sign in successfully I am redirected to the logged in home page. Currently, when I close this page without signing out, and re-open Firefox, this logged in home page is started again. I want it so that when the user closes their browser the session is the session is expired and when they next open Firefox the logged-in home page isn't displayed. I think session will be used for this, but I don't know how I can set a time or even make it so that when

问题 My application's session is ending abruptly and don't see any error being generated in Application_Error in Global.asax. Also, the Session_Start event fires but not Session_End. It happens after I host the application on a server and does not happen on my dev machine. The steps to generate this auto exit is to switch between pages that load and display a list of objects (Client, Managers, etc). After about 30-40 seconds of activity, the user is logged out and Login screen is displayed. Any

问题 This issue has been driving me insane. On two separate projects (both of which use PEAR as libraries but are written on completely different custom frameworks) I am using PEAR Auth for authentication which uses the session. After logging in, users are logged out within an hour or so of being idle. I don't have the exact time, but it's very short. I have tried the following with no success. All attempts to extend the session to one day, just to nail the point home. <?php // Tried built-in

问题 OK basically I am trying to implement form authentication in my web application and to do this I need to know how does the web-server decide a request is a new one or not. This is becasue the webs-server creates a new session per new request. So i create an authenticatecoookie per successful login and its a persistent cookie that will last until it times-out regardless of weather the user closes his/her browser or looses connection and has to reconnect as this cookie is stored on the client

问题 I have the following issue. I am building a PHP + jQuery mobile website and I want to maintain the PHP session. The problem here is that when I close the browser App (Samsung Galaxy S4/S5 or Google Chrome on Android) and I leave the phone for say, ten minutes, and then reopen the browser, the whole session appears to be destroyed and I have to log in again. I tried to increase the cookie lifetime like this: ini_set('session.cookie_lifetime', 60 * 60 * 24); ini_set('session.gc-maxlifetime', 60

问题 I have an application running on JBoss 8.1 with JAAS form based login (j_security_check) and everything works fine. My problem is: 1) the user logs out and is redirected on the login page 2) here a session timeout occurs (the user doesn't know this) 3) the user returns and logs in correctly => BAM: he is redirected with j_security_check (the URI ends with j_security_check), but the page is empty. My guess is: JBoss doesn't know anymore the previously requested page, because the session

问题 Is there any option to destroy a session if user does not perform any action in 10 minutes? 回答1: session_start(); // 10 mins in seconds $inactive = 600; $session_life = time() - $_session['timeout']; if($session_life > $inactive) { session_destroy(); header("Location: logoutpage.php"); } S_session['timeout']=time(); The code above was taken from this particular page. 回答2: Try setting the session timeout to 10 minutes. ini_set('session.gc_maxlifetime',10); 回答3: I've done it with the following

问题 I'm developing a site where an admin user will be able to login as other user types in the system. I there for have a need to track a current "display" user and the current "logged in" user. The most obvious place seems to be session but then you have challenges keeping the session timeout in sync with the authentication timeout. See my question here: MVC session expiring but not authentication What are the best practices for handling this kind of a scenario? 回答1: Besides the usual web.config

问题 when there is a value in my session variable my ajax calls work properly... But when a session is timedout it doesn't seem to work returning empty json result.... public JsonResult GetClients(int currentPage, int pageSize) { if (Session["userId"]!=null) { var clients = clirep.FindAllClients(Convert.ToInt32(Session["userId"])).AsQueryable(); var count = clients.Count(); var results = new PagedList<ClientBO>(clients, currentPage - 1, pageSize); var genericResult = new { Count = count, Results =