Hi, I am playing around with this great product and (nearly) all works as expected. This is exactly what I need for my application and you guys are saving a lot of time for me! Thank you. The only thing I don't understand is the timeout of session_data_manager. If I test the example given in the help I expect 'Before change:' to be empty if called the first time (works) and filled for each subsequent call (works also). If timeout expires I expect 'Before change:' to be empty again, thus generating a new token. But it isn't. It still uses the old token. What's going on? I tested with cookies and form vars namespace, but it has always the same behaviour. What's the quirk? Oliver
Oliver,
If timeout expires I expect 'Before change:' to be empty again, thus generating a new token. But it isn't. It still uses the old token. What's going on?
Just for clarification: core session tracking tokens don't expire. Session data objects associated with tokens expire. See the section "Session Id (Non-)Expiration" in the help doc. Your question is still valid, however. The timeout parameter isn't exact. In the current implementation, for example, if your timeout is set to 20 minutes, it could take up to 40 minutes to expire the data object associated with the token. It will expire, however. I need to work on making this more exact, but for now consider the timeout the "minimum" amount of time before a session data object will expire. HTH, Chris
participants (2)
-
Chris McDonough -
Oliver Vecernik