[
https://issues.apache.org/jira/browse/ZETACOMP-81?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13035063#comment-13035063
]
Philipp Kamps commented on ZETACOMP-81:
---------------------------------------
I'm OK if isValid is updating the activity timestamp.
In general (even without the patch), I just wasn't aware that you should call
isValid on each page load (because that method actually destroys the session
when invalid).
isValid is also starting the session - so I don't think you'd need to call
$session->start() (as the example states).
Anyways, I think we're good. Just took me some time to understand the session
handling.
> Session timeout
> ---------------
>
> Key: ZETACOMP-81
> URL: https://issues.apache.org/jira/browse/ZETACOMP-81
> Project: Zeta Components
> Issue Type: Bug
> Components: Authentication
> Reporter: Philipp Kamps
> Attachments: patch.txt
>
>
> Not sure, but looks like the session timeout is strange. I have following
> code:
> $options = new ezcAuthenticationSessionOptions();
> $options->validity = 10;
> $session = new ezcAuthenticationSession( $options );
> I would expect a session timeout after 10 seconds __OF INACTIVITY__. But it
> looks like it's a total lifetime of 10 seconds, even when I'm active (
> constantly requesting more pages that start the session ).
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
