Bug #59365

Session Lifetime for FE-Users can not be less than 6000 secs

Added by Alexander Bohndorf about 1 year ago. Updated 6 months ago.

Status:Resolved Start date:2014-06-05
Priority:Should have Due date:
Assigned To:- % Done:

0%
Category:- Spent time: -
Target version:-
TYPO3 Version:6.1 Is Regression:No
PHP Version: Sprint Focus:
Complexity:

Description

Setting the session lifetime to a value less than 6000 secs has no effect, f.e.

$GLOBALS['TYPO3_CONF_VARS']['FE']['lifetime'] = 1800;

results in the default lifetime of 6000 secs.

Reason for this is
\typo3\sysext\frontend\Classes\Authentication\FrontendUserAuthentication.php:171:

1        if (intval($this->auth_timeout_field) > 0 && intval($this->auth_timeout_field) < $this->lifetime) {
2            // If server session timeout is non-zero but less than client session timeout: Copy this value instead.
3            $this->auth_timeout_field = $this->lifetime;
4        }

and in __construct (line 144) is defined:

1$this->auth_timeout_field = 6000;

Maybe the fix suggested in #14836 (adapted to the 6.1 sources) could be the right solution?

adding the following line in \TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController::initFEuser after line 912:

1$this->fe_user->auth_timeout_field = intval($this->TYPO3_CONF_VARS['FE']['lifetime']);

This behaviour was found in TYPO3 6.1.7.

Best regards

Alexander

Related issues

related to Core - Bug #14836: Session-Lifetime for BE-User and FE-User doesnt work in FE Resolved 2005-06-22
related to Core - Bug #19153: Insonsistent description/initialisation of class.t3lib_be... Closed 2008-07-25

History

#1 Updated by Alexander Opitz about 1 year ago

You assigned this issue to me, was this correct? I fixed the description of the issue.

#2 Updated by Alexander Bohndorf about 1 year ago

  • Assigned To deleted (Alexander Opitz)

#3 Updated by Mathias Schreiber 6 months ago

  • Status changed from New to Resolved

fixed on master

Also available in: Atom PDF