Login Sessions Timing Out OJS 2.4.8


#1

We just moved some journals to new servers, and now user sessions time out after about ten minutes of inactivity. How can we extend the timeout?


#2

Hi @glenng,

That’s probably a matter of adjusting your PHP configuration, e.g. the gc_maxlifetime setting. If you’re behind a proxy, you may also want to try disabling session_check_ip in config.inc.php. Check also the session_lifetime setting in config.inc.php.

Regards,
Alec Smecher
Public Knowledge Project Team


#3

The gc_maxlifetime setting in php.ini does have an effect on the login timeout, although the value does not seem to reflect the exact length of time that the session stays logged in. How does gc_maxlifetime work with the “Remember me” checkbox on the login page? For example, if gc_maxlifetime is set for 1440 (24 minutes), the “Remember me” checkbox does not seem to work. I’m assuming the checkbox is supposed to hold the session open for the configured days, 30 days by default.


#4

Hi @glenng,

The “remember me” checkbox effectively causes OJS to refresh the cookie lifetime on every request from that user.

If you’re seeing what looks like a random session expiry, check the session_check_ip setting in config.inc.php.

Regards,
Alec Smecher
Public Knowledge Project Team


#5

I turned off session_check_ip and it does seem to behave better. Our server is behind an application load balancer in Amazon Web Services. Browser requests appear to come from the AWS load balancer, but the load balancer has two IP addresses.

Thanks.