[Tickets #14171] session timout is used for cookie timeout and session timeout
noreply at bugs.horde.org
noreply at bugs.horde.org
Thu Nov 26 13:25:37 UTC 2015
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: https://bugs.horde.org/ticket/14171
------------------------------------------------------------------------------
Ticket | 14171
Created By | o+horde at immerda.ch
Summary | session timout is used for cookie timeout and session
| timeout
Queue | IMP
Version | Git master
Type | Bug
State | Unconfirmed
Priority | 1. Low
Milestone |
Patch |
Owners |
------------------------------------------------------------------------------
o+horde at immerda.ch (2015-11-26 13:25) wrote:
The configuration parameter session timeout is used for session
timeout and cookie timeout. This situation is not satisfactory since
many users will want to leave cookie timeout to 0 (forcing logout on
browser window close) but sessions not to last indefinitely (e.g.
making cookie a persisten security problem).
To solve this issue it would be advisable to have two different
settings for cookie and session timeout.
More information about the bugs
mailing list