search

mauriciorodrigues / memcached-session-manager

Automatically exported from code.google.com/p/memcached-session-manager
0 stars 0 forks source link

Sessions expired in memcached with very high webapp session timeout (e.g. 1 year) #104

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
This was reported on the mailing list 
(http://groups.google.com/group/memcached-session-manager/msg/822b244d81aaba5a):

"Well, we finally got round to properly testing the session stuff.
At first we were not getting a lot of success, but after debugging
what was going on we discovered that our (rediculously high)
session timeout value was causing problems.

Quoting from 
http://code.sixapart.com/svn/memcached/trunk/server/doc/protocol.txt

Expiration times
----------------

Some commands involve a client sending some kind of expiration time
(relative to an item or to an operation requested by the client) to
the server. In all such cases, the actual value sent may either be
Unix time (number of seconds since January 1, 1970, as a 32-bit
value), or a number of seconds starting from current time. In the
latter case, this number of seconds may not exceed 60*60*24*30 (number
of seconds in 30 days); if the number sent by a client is larger than
that, the server will consider it to be real Unix time value rather
than an offset from current time.

As our session timeout was set at one year (!) and
memcached-session-manager was passing this value on unchanged,
memcached interpreted the value as a Unix epoch date, which evaluates
to some time in the past; hence the sessions were expired by memcached
immediately.

We've solved our problem by setting the timeout to 30 days now,
but I suggest that memcached-session-manager should inspect the
timeout and correct accordingly; perhaps always convert to Unix epoch?"

Original issue reported on code.google.com by martin.grotzke on 29 Jul 2011 at 8:34

GoogleCodeExporter commented 8 years ago 
Issue 187 has been merged into this issue.

Original comment by martin.grotzke on 18 Dec 2013 at 10:46

GoogleCodeExporter commented 8 years ago 
Fixed in master.

Original comment by martin.grotzke on 18 Dec 2013 at 10:48

GoogleCodeExporter commented 8 years ago 
Issue 187 has been merged into this issue.

Original comment by martin.grotzke on 19 Dec 2013 at 10:04

GoogleCodeExporter commented 8 years ago

Original comment by martin.grotzke on 20 Dec 2013 at 10:28

GoogleCodeExporter commented 8 years ago 
Can you please update, the session will be expired immediately on the first 
request itself or its may come after a few minutes the user is still active in 
the system. Because in my test i am facing an issue where i am getting 403 
error which is session might have expired after the user is active for more 
than 30 minutes into the system. we are using the cluster with auto scaling and 
we have session failover jars 1.6.5

Original comment by gagan.jo...@snapwiz.com on 27 Dec 2013 at 7:20

GoogleCodeExporter commented 8 years ago 
This issue was fixed in 1.7.0. If you're experiencing issues with 1.7.0 please 
provide enough details like e.g. your msm configuration and session-timeout.

Original comment by martin.grotzke on 27 Dec 2013 at 8:48

GoogleCodeExporter commented 8 years ago 
Issue 187 has been merged into this issue.

Original comment by martin.grotzke on 28 Dec 2013 at 6:48