2

I keep losing sessions on one of my development machines. At first it would happen at a couple of random moments, but the problem got worse and now it happens immediately after logging in.

I can see that there is one session file created upon landing on the website, one is created when logging in (containing the appropriate roles etc) and one is create directly thereafter (without the auth information) effectively logging me out.

It only happens on one dev machine, everything is fine on another dev machine and in production.

Does anyone have a clue?

UPDATE:

Turns out the LIIPImagineBundle breaks my setup somehow. As long as I don't create a writeable folder (/media/cache) for the bundle, everything is fine (except for the images). As soon as I create the folder, everything breaks again. Does anyone know why this may be?

hakre
  • 193,403
  • 52
  • 435
  • 836
Thomas K
  • 6,076
  • 5
  • 39
  • 56
  • iS other sites or projects working on your dev server with out session loss – Gowri Nov 09 '12 at 12:05
  • NOw I ca't auth at all on my local machine. When I try to register I get an invalid csrf token error. Same code in production, no problem.. I've also installed a different php version, without any success – Thomas K Nov 09 '12 at 14:06
  • Please post your config.yml and config_dev.yml (obviously with any private information obscured). I'm guessing there is something linking your sessions to an IP or domain, which is causing this problem. Also try completely deleting the app/cache/dev folder. Using the console command to clear the cache is not always reliable. – james_t Nov 09 '12 at 17:41
  • I just did a fresh install of sf including the FOSUserBundle and everything works great. So it seems to be related to my project on this machine.. – Thomas K Nov 12 '12 at 08:50

2 Answers2

1

I guess your server session server parameters are having low value. You need to increase value of those parameter.

consider to check below parameter value

  • session.gc-maxlifetime
  • session.cache_expire

How to increase the value:

ini_set('session.gc_maxlifetime', 60*60*22); //22h

More discussion and explanation can be found here

Community
  • 1
  • 1
Gowri
  • 16,587
  • 26
  • 100
  • 160
0

Had this issue few weeks ago and it was quite random on some other computers. Not being able to fix it I switched to database based session storage and haven't got any problem since.

Jovan Perovic
  • 19,846
  • 5
  • 44
  • 85
  • 1
    I'm pretty sure you now have locking issues - because database session storage most likely omits locking a once read session info until it is written back. But you might be lucky enough that you have no parallel calls for the same session id. – Sven Nov 13 '12 at 21:26
  • Yes, that was also my thought. Anyhow, everything went for better since I moved to database-based sessions :) – Jovan Perovic Nov 13 '12 at 21:28