Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Hugo Migneron 32 posts 105 karma points
    Dec 08, 2015 @ 11:15
    Hugo Migneron
    0

    Session timed out in the backoffice after a few minutes

    I am having problems with Sessions timing out. I have read a lot of posts about it (both here and on stack overflow -- some examples here and here but there a lot more) but none of them solve the problem for me.

    I am getting timeouts after something like 15 minutes. No warning or anything, I just end up on the lock screen with the message "Session timed out. Log in below" when I save or click an item in the backend.

    Running Umbraco 7.3.1 on our own server (not a shared environment).

    In the web.config I have

    <add key="umbracoTimeOutInMinutes" value="120" />
    

    In umbracoSettings.config I have

    <keepUserLoggedIn>true</keepUserLoggedIn>
    

    (but I have tried with both keepUserLoggedIn set to true and false with no success)

    I used the developer tools to see what was going on when I was getting disconnected. I left the page open but inactive for around 30 minutes. During that time, I see the all the requests to /umbraco/backoffice/UmbracoApi/Authentication/GetRemainingTimeoutSeconds. They all work fine and return 200. When I inspect them. I can see, in the response headers, the

    Set-Cookie:UMB_UCONTEXT=64F9F37AF1539577FCF716614177DD58 [...] domain=FALSE; path=/; expires=Tue, 08-Dec-2015 05:12:41 GMT; HttpOnly
    

    The response, for that particular request, is 7199.3749218

    Then, I click on a link to trigger a page load. That request, which happens only seconds after the GetRemainingTimeoutSeconds request, is when I get locked out. Here is a screenshot of it from the dev tools :

    enter image description here

    So, what's going on? Why is the session timing out before the 120 minutes? What do I need to change to make it work ?

    EDIT :

    Just looking at my own screenshot, I realized that the dates seemed wrong. The GetRemainingTimeoutSeconds is set to expire 3 hours before it even occurs. Here is a screenshot of it :

    enter image description here

    Is that normal ?

  • Ajmal 19 posts 51 karma points
    Dec 08, 2015 @ 12:24
  • Hugo Migneron 32 posts 105 karma points
    Dec 09, 2015 @ 07:44
    Hugo Migneron
    0

    It seems very similar but not quite the same. I do not get the authentication popup you get. Usually that dialog is a Windows Authentication one (if I remember correctly anyway) no? And then, once I get the 401 the request doesn't quite look the same.

    Our problems seem fairly similar though so I wonder if / how they could be related.

Please Sign in or register to post replies

Write your reply to:

Draft