Project

General

Profile

Actions
Copy link

Bug #78695

closed

FrontendUserAuthentication timeout can't be less then 6000s

Added by Alexander Opitz about 8 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Should have
Assignee:
Alexander Opitz
Category:
Frontend
Target version:
next-patchlevel
Start date:
2016-11-14
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
3.5
PHP Version:
Tags:
Complexity:
Is Regression:
No
Sprint Focus:
On Location Sprint

Description

In FrontendUserAuthentication::start the $this->sessionTimeout will be set to $this->lifetime but only if $this->lifetime is higher then default of $this->sessionTimeout (which is 6000).

$this->lifetime gets filled in TypoScriptFrontendController::initFEuser() with the value of $GLOBALS['TYPO3_CONF_VARS']['FE']['lifetime'];

I don't think, that this behavior is desired.

Original issue:

Session timeout longer than industry best practice

Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Bug #14971: cookie lifetime from the localconf will be ignoredClosedMichael Stucki2005-09-15

Actions
Actions
Copy link

Also available in: Atom PDF