Re: httpd session timeout

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Forgot to mention... I am using httpd as a reverse proxy. But the downstream server has no notion of a user or sessions. 

On Wed, Aug 24, 2016 at 8:53 AM, Roger Paanini <rogerpaanini@xxxxxxxxx> wrote:
Chris, I am testing it by logging into the website using basic authentication and then waiting for the time out duration and try to access the page again. I am expecting to be challenged for credentials again when I tried to access the page after the timeout. But I am never challenged after the timeout - ever after several hours beyond the timeout value.

But I see the following messages in my log file... I suspect my session modules are not configured correctly?

[Wed Aug 24 08:41:46.851228 2016] [session:warn] [pid 61410:tid 140098663421696] [client x.x.x.x:5675] AH01815: session is enabled but no session modules have been configured, session not loaded: 

I have the following in my httpd.conf: 

LoadModule session_module modules/mod_session.so
LoadModule session_cookie_module modules/mod_session_cookie.so
#LoadModule session_dbd_module modules/mod_session_dbd.so
***
<Location />
        Session on
        SessionMaxAge 1
        AuthType Basic
        AuthLDAPBindDN "xxxxx"
        AuthLDAPBindPassword "xxxx"
        AuthBasicProvider ldap
        AuthName "LDAP - login"
        AuthLDAPURL "xxxxx"
        Require valid-user
        Require ldap-group "xxxx"
        AuthLDAPRemoteUserAttribute uid
</Location>

Any thoughts on what I am missing?

Thanks!



On Tue, Aug 23, 2016 at 3:29 PM, Christopher Schultz <chris@xxxxxxxxxxxxxxxxxxxxxx> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Roger,

On 8/23/16 4:26 PM, Roger Paanini wrote:
> Folks, I have tried to configure httpd with session timeout but it
> does not seem to work. My httpd.conf has the following:
>
> Session on SessionMaxAge 1 AuthType Basic ***
>
> I was trying to put a timeout value of 1 sec just to test. This is
> not working. Am I missing something?
>
> Thanks for any pointers on this.

How are you testing it? What did you expect? What happened if it
wasn't what you expected?

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJXvLIwAAoJEBzwKT+lPKRYWnAP/Ax2yBWc8laAbRC3jKTA7TlI
3Y5kfIrJi8tiNfzga/PXUWR82b6KmjMbXD5VKlD98YFFJhOjlMF8JSqV1MQIX1Lu
v9mfjkasfwhapPGtlksecNzJEA2KtSS+sLZfg5m1gPmv9R8sH5A6aFICmwVs87b8
DcZK/e/4STGvzGs6hGwQGaSgDDT3H4UFZqrLPCHx/jK85wNDkIZ+rHodzsLXjD9Y
/St2ER0bCWr090v0s/sKqKP28g7WrXBCiqh/MpCnIJ70B798GEmGI3sXnepFKSWV
1IzsK8J8KAufGY24XCgRMXad1TshaftnPiTIGmZ6pPesyq8sc4Rr8FN/Mo7xvR3Z
eSZYCJd639Ir76MHikCjVhgRzWphh82PN+9wf9hA7snk0yt+uFEsrcxTlURdErbB
0XWW7lKSor7R+OksK9HmL3izhEyNymXiOryRy5wBa2emlCajCoczy8XYy9CffkNq
OM81k343CdbdjLO5Z7AUdTIbnZjx5zGS9r6nVcf5uyg5j70ZuOyE1P6zft94KR4S
b6R2UMWUJ9aku7tzwP1cSox3DRSnhAI6VPXuwYiJYAZo6+kSTLCs0gW3Jb1q5nWj
1IF2lsGvZIqH0yqxZ49rgvYSnkCdp+pp3ZVFHfDED9LBD4B90tRzlQFI4QF0w5YV
TLNlGhmIB+eqb5dW9LnK
=9Yn+
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux