Jump to content

Single sign on doesn't keep the session active

Lince

By Lince
in Technical Problems

Recommended Posts

Lince Apprentice

Lince

Posted
Posted

Hello,

I have SSO in my web app and in order to authenticate people using ipb I'm using the following code: 

require $path.'/forum/init.php';
\IPS\Session\Front::i();

echo id: ".\IPS\Member::loggedIn()->member_id;

Very ofter I get an empty member_id from the echo command and the session disappears from my part of the application. The session in ipb still works fine and after clicking several links in the forum, the member_id variable becomes available again and so the session for my part of the app. This happens all the time.

Should I add anything else to those two first lines in order to use the session information in my app ?

Thanks.

Link to comment
Share on other sites
bfarber Grand Master

bfarber

Posted
Posted

PHP session garbage collection will clear out sessions that haven't been updated after a certain period of time, however the member_id and pass_hash cookies set in the user's browser will re-initiate a session when they visit the forums again if that happens.

Without knowing your specific setup, it is possible that your forums are on a subdomain and the cookies can't be read by the main site, for instance, which would explain why visiting the forums works but your basic script does not.  If that were the case, you'd want to set the COOKIE_DOMAIN constant in your constants.php to be global for your domain (i.e. ".domain.com" with the preceding dot).

Link to comment
Share on other sites
MADMAN32395 Enthusiast

MADMAN32395

Posted
Posted
1 hour ago, bfarber said:

PHP session garbage collection will clear out sessions that haven't been updated after a certain period of time, however the member_id and pass_hash cookies set in the user's browser will re-initiate a session when they visit the forums again if that happens.

Without knowing your specific setup, it is possible that your forums are on a subdomain and the cookies can't be read by the main site, for instance, which would explain why visiting the forums works but your basic script does not.  If that were the case, you'd want to set the COOKIE_DOMAIN constant in your constants.php to be global for your domain (i.e. ".domain.com" with the preceding dot).

Brandon, if we are using custom scripts elsewhere. Should we do the 'cookie_domain', '*.domain.tld'   or do something like this? 

curious as I use the cookie on subdomain and also at domain.tdl/directory  ; just want to make sure I have the ideal setup.

Link to comment
Share on other sites
Lince Apprentice

Lince

Posted
  • Author
Posted
22 hours ago, bfarber said:

PHP session garbage collection will clear out sessions that haven't been updated after a certain period of time, however the member_id and pass_hash cookies set in the user's browser will re-initiate a session when they visit the forums again if that happens.

Without knowing your specific setup, it is possible that your forums are on a subdomain and the cookies can't be read by the main site, for instance, which would explain why visiting the forums works but your basic script does not.  If that were the case, you'd want to set the COOKIE_DOMAIN constant in your constants.php to be global for your domain (i.e. ".domain.com" with the preceding dot).

Thanks for your reply :)

I haven't got any issues with the domain and subdomains. The cookie and the session works fine everywhere. The problem is that after some time it stops working and when this happens I have to go to the forum, click several links (is never enough with 1) and then the session comes back and I can access again all my sections for some time.

So you think this could be because of the garbage collector ?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...