I dont want my user have to login again everyday, I would like to increase login session to a week, for example. How can I archive that?
I’ve tried to increase cookie timeout and cookie life time in ZMI -> acl-users -> session -> properties, but it doesnt work.
You're on the right path :-)
Set the Cookie validity timeout to 0 and the Cookie lifetime to 7.
Make sure you're using a plone user, no one from the zope-root (inherited user).
You can check if the settings are working by check the browser resources, hier an example in chrome:
Today ist the 20. August, the Cookie __ac will expire in seven days.
Related
I am getting product name was added to your shopping cart on magento 1.9. I have changed cookie settings but still getting same issue.
Can anyone resolve this issue?
You can fix by increasing the cookie life time to 86400 under
Sytem -> Configuration -> Web -> Session and Cookie Management
The Reason that I found out after doing some research on internet and different forum is that in Magento, by default cookie lifetime is set to 3600 (1 hour). But if the end users computer time runs ahead of server’s time, cookies will not get set for Magento frontend as well as backend. For example, end user’s computer time is 1 hour forward than server’s time, that means the cookie (holding user’s session id) will expire as soon as user logs in or tries to add an item.
If that didt work, than try clearing your browser cookies and check....
Also one more opton is Set your cookie domain to: .domain.com in Backend
I thing it may be cache or cookie issue, try with following points.
Flush cache and try to add to cart in same or private window.
Flush cache and try to add to cart in another browser private window.
Lets say session for an application is opened and its session expiry time is 15 min.
Scenarios:
Leaving the application for 15 min and doing some action after that - leading to Login Page.
In other way I am removing the Browser cookies by using (Ctrl+Shift+Del) and trying to navigate in the application - leading to Login Page.
The Question is: Will both of the above cases were one and the same or will there be any difference in the behavior.
The first scenario is based on a cookie expiring while the second one will have the cookie removed.
If you are guaranteed the refresh for the first case is made after the cookie expired, then the client behaviour will be the same (login page) although the internal workings will be different (check the cookie exists vs check its expiry date)
If you can't guarantee the operation will happen after the cookie expiry, then you won't get the same outcome.
Depending on what you do on the server, you might end up with multiple sessions for the same user in the second case, because the server doesn't know the user has deleted the cookie (there are mechanisms to compensate for this though).
In internet-Explorer after updating quantity of product on checkout page,
page is redirect to empty cart page.
I tried the cookie solution but it doesn't work for my site
Here's your Solution:
Set cookie domain: http://www.domain.com/
Set your cookie domain to: .domain.com
This is due to the cookie problem, not in browser but in Magento itself. In Magento, by default cookie’s lifetime is set to 3600 (1 hour). But if the end users computer time runs ahead of server’s time, cookies will not get set for magento frontend as well as backend. For example, end user’s computer time is 1 hour forward than server’s time, that means the cookie (holding user’s session id) will expire as soon as user logs in or tries to add an item.
To solve this, set cookie’s lifetime to 86400 (1 day) instead of 1 hour and everything will work as expected. You can also set cookie lifetime to 0, so that cookie will only expire when the user’s browser is closed.
Go to: Magento backend -> Sytem -> Configuration -> Web -> Session and Cookie Management Set cookie lifetime to 86400 and save. Everything will work as expected now.
In case you or someone else out there is experiencing the same problem (I too was stuck on this issue for a long time).
I tried editing the files, I tried cookie lifetime extension, I tried the URL change, nothing worked.
What finally made my Magento 1.9 work and resolve empty cart is when I went to Config > Web > Under the cookie session management section, make sure the cookie domain and cookie path is blank. Once you have done that, save, clear cache, and everything should work properly.
Let me know if it works for you! :)
The premise is simple.
New customer arrives at our site, is redirected to the register/login page (since they are a new visitor and no cookie is present) and after registering or logging in (if already have an account but visiting from a different machine/browser) they are taken to the home page.
Every time they subsequently visit, they should not see the register/login page (unless they explicitly log out, cookies are disabled/blocked, or they visit from a different browser/device).
I would think that theoretically, setting the cookie value to an absurdly high number (in our case, 30+ years) and checking for the presence of that cookie before the redirect to the register/login page would work.
In our case it is not. I feel like the session is still lasting roughly an hour or so before a visit back to the home page of the site redirects a user to register/login.
So what am I missing here? Any advice?
---edit---
I had been assured by our web host that session.gc_maxlifetime was not the issue. I set it to 86400 on our development server and after leaving my browser idle overnight, I returned the next day and I think it's working as intended.
One issue I have with this is that it also sets the magento admin timeout to the same value, which may introduce a security risk if an employee is given Magento admin access and then gets fired/quits/etc. I certainly don't want their session to continue for as long as we want customer sessions to last (months).
I'm hoping that the CONFIG>>ADVANCED>>ADMIN>>SECURITY>>SESSION LIFETIME setting is not overridden by this.
Your problem is most likely with the Php session value you need to increase it to match the value in the cookie duration; on your php.ini put the following:
session.gc_maxlifetime = 86400
You need to replace the '86400' value with what equivalent time that you want the session / cookie to last I would advice that you set your sessions and cookie value'604800' that's about a week.
What is going to happen on your server is that magento is going to a session file per session under the var/sessions folder. This can potentially can cause your server to run out of inodes , depends on your server configuration.
Cheers!
My sinatra application uses Rack::Session::Pool and it works fine.
I created a logout route using session.clear and it works fine as well.
But (there is always one) if the user closes the browser without clicking in the logout button the user keeps logged when he reopens the browser.
I checked the cookies in firefox and the session cookie (rack.session) still there! I went to my site, went to another site, verified the cookies and it was there, closed the browser and opened it again and the rack.session still there :( My client even rebooted his machine and he still logged in the site.
If I set the expire_date in the Rack::Session::Pool it works but then the cookie became persistent. I want the user's session to expire when he closes the browser regardless of expiration date (the worse case scenario is an user in a public computer or in a lan house).
I'm already working on this for 2 days, I looked in the rack source and I tried setting the others variables in the Rack::Session::Abstract but with no success until now.
For now I set the session to expire in 5 minutes to minimize the problem but this is not a good solution since the user still exposed for 5 minutes since his last request (if the users don't hit the logout button).
This is my cookie configuration:
app = MyApp.new
sessioned = Rack::Session::Pool.new(app,
:domain => DOMAIN,
:expire_after => 5 * 60)
run sessioned
Maybe I missing something here. Does anyone know what could be the problem? or had the same problem? Or any link?
Cheers,
Jonas
Remove the :expire_after and it stops the session persisting when the browser is closed.