Issue #863 has been updated by Clément OUDOT.
Well this is weird.
You can try to disable the session garbage collector tuning in the code by
commenting following lines in pages/resetbytokens.php:
<pre>
# Manage lifetime with sessions properties
//if (isset($token_lifetime)) {
// ini_set("session.gc_maxlifetime", $token_lifetime);
// ini_set("session.gc_probability",1);
// ini_set("session.gc_divisor",1);
//}
</pre>
The timeout will still be checked with the 'time' parameter registered in the
session.
----------------------------------------
Bug #863: Password Token Expiring
http://tools.lsc-project.org/issues/863
Author: Jeff G
Status: New
Priority: High
Assigned to:
Category: Self Service Password
Target version: self-service-password-?
It seems the password tokens expire when a new one is requested, even for
completely different people. If I request a password reset token for client A,
then 5 minutes later for client B, client A will no longer be able to reset
their password using the token they were sent. Is this normal?
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://tools.lsc-project.org/my/account
_______________________________________________
ltb-dev mailing list
[email protected]
http://lists.ltb-project.org/listinfo/ltb-dev
