Dear all, just a stupid question regarding Apache and sessions: We are running Apache 2.0.5x together with Tomcat 5.15.x and are using mod_auth_cookie_mysql. Authorization is handeld via Tomcat. Now mod_auth_cookie_mysql sets an expiration-time into the MySQL-database, after which the cookie is not valid any more, thus the Apache-session will time out and the user is forced to re-authenticate. Now here comes my question: In Tomcat, the Session is defined as "Max. Time Of Inactivity", meaning when the user interacts with Tomcat, the session is prolonged for the time specified in the web app's web.xml-file. What about Apache http? Will the session also be prolonged when the user interacts with Apache (i.e. content is served)? In case someone is using mod_auth_cookie_mysql, will Apache update the entry for session-expiration in the MySQL-database? How is the default behaviour of Apache with sessions? I'd appreciate any hints about where this can be read, i.e. RFC or similar. TIA Greg -- what's puzzlin' you, is the nature of my game --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|