Forgot to mention... I am using httpd as a reverse proxy. But the downstream server has no notion of a user or sessions.
On Wed, Aug 24, 2016 at 8:53 AM, Roger Paanini <rogerpaan...@gmail.com> wrote: > Chris, I am testing it by logging into the website using basic > authentication and then waiting for the time out duration and try to access > the page again. I am expecting to be challenged for credentials again when > I tried to access the page after the timeout. But I am never challenged > after the timeout - ever after several hours beyond the timeout value. > > But I see the following messages in my log file... I suspect my session > modules are not configured correctly? > > [Wed Aug 24 08:41:46.851228 2016] [session:warn] [pid 61410:tid > 140098663421696] [client x.x.x.x:5675] AH01815: session is enabled but no > session modules have been configured, session not loaded: > > I have the following in my httpd.conf: > > LoadModule session_module modules/mod_session.so > LoadModule session_cookie_module modules/mod_session_cookie.so > #LoadModule session_dbd_module modules/mod_session_dbd.so > *** > <Location /> > Session on > SessionMaxAge 1 > AuthType Basic > AuthLDAPBindDN "xxxxx" > AuthLDAPBindPassword "xxxx" > AuthBasicProvider ldap > AuthName "LDAP - login" > AuthLDAPURL "xxxxx" > Require valid-user > Require ldap-group "xxxx" > AuthLDAPRemoteUserAttribute uid > </Location> > > Any thoughts on what I am missing? > > Thanks! > > > > On Tue, Aug 23, 2016 at 3:29 PM, Christopher Schultz < > ch...@christopherschultz.net> wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA256 >> >> Roger, >> >> On 8/23/16 4:26 PM, Roger Paanini wrote: >> > Folks, I have tried to configure httpd with session timeout but it >> > does not seem to work. My httpd.conf has the following: >> > >> > Session on SessionMaxAge 1 AuthType Basic *** >> > >> > I was trying to put a timeout value of 1 sec just to test. This is >> > not working. Am I missing something? >> > >> > Thanks for any pointers on this. >> >> How are you testing it? What did you expect? What happened if it >> wasn't what you expected? >> >> - -chris >> -----BEGIN PGP SIGNATURE----- >> Comment: GPGTools - http://gpgtools.org >> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ >> >> iQIcBAEBCAAGBQJXvLIwAAoJEBzwKT+lPKRYWnAP/Ax2yBWc8laAbRC3jKTA7TlI >> 3Y5kfIrJi8tiNfzga/PXUWR82b6KmjMbXD5VKlD98YFFJhOjlMF8JSqV1MQIX1Lu >> v9mfjkasfwhapPGtlksecNzJEA2KtSS+sLZfg5m1gPmv9R8sH5A6aFICmwVs87b8 >> DcZK/e/4STGvzGs6hGwQGaSgDDT3H4UFZqrLPCHx/jK85wNDkIZ+rHodzsLXjD9Y >> /St2ER0bCWr090v0s/sKqKP28g7WrXBCiqh/MpCnIJ70B798GEmGI3sXnepFKSWV >> 1IzsK8J8KAufGY24XCgRMXad1TshaftnPiTIGmZ6pPesyq8sc4Rr8FN/Mo7xvR3Z >> eSZYCJd639Ir76MHikCjVhgRzWphh82PN+9wf9hA7snk0yt+uFEsrcxTlURdErbB >> 0XWW7lKSor7R+OksK9HmL3izhEyNymXiOryRy5wBa2emlCajCoczy8XYy9CffkNq >> OM81k343CdbdjLO5Z7AUdTIbnZjx5zGS9r6nVcf5uyg5j70ZuOyE1P6zft94KR4S >> b6R2UMWUJ9aku7tzwP1cSox3DRSnhAI6VPXuwYiJYAZo6+kSTLCs0gW3Jb1q5nWj >> 1IF2lsGvZIqH0yqxZ49rgvYSnkCdp+pp3ZVFHfDED9LBD4B90tRzlQFI4QF0w5YV >> TLNlGhmIB+eqb5dW9LnK >> =9Yn+ >> -----END PGP SIGNATURE----- >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >> For additional commands, e-mail: users-h...@httpd.apache.org >> >> >
