Symfony2 会话未按预期工作/会话不断超时 [英] Symfony2 sessions not working as expected / session keeps timing out

问题描述

我的 Symfony2 应用程序显示一个主页，然后它主要使用 AJAX 请求通过模式向用户显示内容.

My Symfony2 application displays a main page, and from there on it primarily uses AJAX requests to display content to the user via modals.

我注意到，在用户空闲一段时间(大约 15-30 分钟)后，会话被破坏，用户退出并需要重新登录.这非常令人沮丧，因为我不能指望用户每次闲置几分钟后都会再次登录.

I've noticed that after the user is idle for some period of time (around 15-30 minutes) the session is destroyed, and the user is logged out and needs to log in again. This is incredibly frustrating, since I can't expect users to log in again every time they've been idle for a few minutes.

据我所知，根据我的 config.yml 文件，这个问题不应该发生，如下所示:

As far as I can tell, this problem should not be happening according to my config.yml file, which is as follows:

framework:
    session:
        cookie_lifetime: 0      # Session lifetime in seconds
        gc_maxlifetime: 28800   # Seconds after which data will be seen
                                # as garbage and potentially cleaned up
        handler_id:  ~          # Current using the default session handler

为了完整起见，我当前的环境如下:

For completeness, my current environment is as follows:

• Symfony 2.4.8
• PHP 5.4
• 会话处理程序:默认(根据php.ini基于文件)
• Ubuntu 服务器 12.10

总结:

• 应该发生的事情:用户不应被注销，即使闲置数小时后也是如此
• 实际情况:用户在闲置 15-30 分钟后被注销

• What should be happening: users should not be logged out, even after being idle for hours
• What is actually happening: users are being logged out after being idle for 15-30 minutes

我该如何解决这个问题?

How can I fix this?

推荐答案

问题:

事实证明，在 Debian/Ubuntu 系统上，有一个系统 cronjob 每 30 分钟运行一次，清除所有旧"会话.问题就在这里.

It turns out that on Debian / Ubuntu systems, there is a system cronjob which runs every 30 minutes, cleaning out all "old" sessions. Herein lies the problem.

cronjob 实际上并不知道什么是旧".cronjob 只是调用位于 /usr/lib/php5/maxlifetime 的 PHP-CLI 脚本，然后删除所有超过特定年龄的会话文件.由于该脚本由 PHP-CLI 参与，并且与 Symfony2 无关，因此它不知道您在 Symfony2 配置文件中为 gc_maxlifetime 和 cookie_lifetime 指定了什么值.相反，如果只是默认使用 /etc/php5/cli/php.ini 配置中的 session.cookie_lifetime 和 session.gc_maxlifetime 值文件，默认情况下为 24 分钟.因此，无论您在 Symfony2 配置文件中指定什么，如果您空闲时间过长，您的会话都将被删除.

The cronjob doesn't actually know what constitutes "old". The cronjob simply calls a PHP-CLI script located at /usr/lib/php5/maxlifetime which then removes all session files that exceed a certain age. Since the script is involved by PHP-CLI, and independently of Symfony2, it has no idea what values you specified for gc_maxlifetime and cookie_lifetime in your Symfony2 config file. Instead, if just defaults to using the session.cookie_lifetime and session.gc_maxlifetime values from the /etc/php5/cli/php.ini config file, which by default, is 24 minutes. So no matter what you specify in your Symfony2 config file, if you are idle for too long, your session will be removed.

解决方案:

• 删除 /etc/cron.d/php5 中的 cronjob 文件，或者，
• 将您的会话存储在 cronjob 无法触及的数据库中

• Either delete the cronjob file at /etc/cron.d/php5 or,
• Store your sessions in a database where they can't be touched by the cronjob

这篇关于Symfony2 会话未按预期工作/会话不断超时的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！