Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtp (Exim 4.72) (envelope-from
	<pgsql-www-owner+M21582=pgsql+2Dwww=arkaria.postgresql.org@postgresql.org>)
	id 1UVynS-0001MX-1e
	for pgsql-www@arkaria.postgresql.org; Sat, 27 Apr 2013 06:39:46 +0000
Received: from localhost ([127.0.0.1] helo=postgresql.org)
	by malur.postgresql.org with smtp (Exim 4.72) (envelope-from
	<pgsql-www-owner+M21582=pgsql+2Dwww=arkaria.postgresql.org@postgresql.org>)
	id 1UVynR-0005pW-H6
	for pgsql-www@arkaria.postgresql.org; Sat, 27 Apr 2013 06:39:45 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtp (Exim 4.72)
	(envelope-from <stefan@kaltenbrunner.cc>) id 1UVynR-0005pR-3W
	for pgsql-www@postgresql.org; Sat, 27 Apr 2013 06:39:45 +0000
Received: from cronos.madness.at ([2a02:16a8:dc41::10])
	by magus.postgresql.org with esmtp (Exim 4.72)
	(envelope-from <stefan@kaltenbrunner.cc>) id 1UVynK-00063D-RU
	for pgsql-www@postgresql.org; Sat, 27 Apr 2013 06:39:44 +0000
Received: from mastermind.kaltenbrunner.cc ([2001:470:7a2d::22])
	by cronos.madness.at with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.72) (envelope-from <stefan@kaltenbrunner.cc>)
	id 1UVynE-0002Uj-TC; Sat, 27 Apr 2013 08:39:34 +0200
Message-ID: <517B729C.4060906@kaltenbrunner.cc>
Date: Sat, 27 Apr 2013 08:39:24 +0200
From: Stefan Kaltenbrunner <stefan@kaltenbrunner.cc>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:17.0) Gecko/20130329 Thunderbird/17.0.5
MIME-Version: 1.0
To: Paul Waring <paul@xk7.net>
CC: pgsql-www@postgresql.org
Subject: Re: Can we change auto-logout timing on wiki.postgresql.org?
References: <5179CD76.6030908@agliodbs.com>
	<CABUevEymuYyyof68ASuDt9GBpFOvF2r0WNyk8JxK1nbGG70Rpw@mail.gmail.com>
	<517A6C78.7000101@xk7.net>
	<CABUevEw0asBAR6jS=aqKBG1OAJmTsMP1FiocCm-cLJfqGEAm_w@mail.gmail.com>
	<517A7144.4070204@xk7.net>
In-Reply-To: <517A7144.4070204@xk7.net>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Pg-Spam-Score: -1.9 (-)
List-Archive: <http://archives.postgresql.org/pgsql-www>
List-Help: <mailto:majordomo@postgresql.org?body=help>
List-ID: <pgsql-www.postgresql.org>
List-Owner: <mailto:pgsql-www-owner@postgresql.org>
List-Post: <mailto:pgsql-www@postgresql.org>
List-Subscribe: <mailto:majordomo@postgresql.org?body=sub%20pgsql-www>
List-Unsubscribe: <mailto:majordomo@postgresql.org?body=unsub%20pgsql-www>
X-Mailing-List: pgsql-www
Precedence: bulk
Sender: pgsql-www-owner@postgresql.org

On 04/26/2013 02:21 PM, Paul Waring wrote:
> On 26/04/13 13:06, Magnus Hagander wrote:
>>> As far as I can tell from examining the headers, it looks like an expiry
>>> date/time is set for the login cookie, but then it is never updated.
>>> If this
>>> is the case, then eventually the expiry date will pass and the
>>> browser will
>>> delete the cookie, even if you have been regularly accessing the wiki.
>>>
>>> Another possibility is that the cronjob which auto-removes session files
>>> (assuming files are being used) is set to the default of 24 minutes -
>>> which
>>> will remove your session after that time regardless of what the cookie's
>>> expiry date is set to.
>>
>> We do have session.gc_maxlifetime set to 1440 which is the 24 minutes
>> you're referring to? So maybe this is the parameter we need to
>> (drastically) increase?
> 
> Assuming session data is being stored in files (you can check that with
> session.save_handler), then you might want to increase
> session.gc_maxlifetime.
> 
> The cleanup cronjob runs at 9 and 39 minutes past the hour by default,
> so a session file might be deleted 24-54 minutes since it was last
> modified.

interesting hint - thanks.

I have now increased the relevant timeouts to 6h - lets see how that goes..


Stefan


-- 
Sent via pgsql-www mailing list (pgsql-www@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-www