CakePHP 会话/身份验证间歇性注销

问题描述

我收到用户的报告和投诉，称他们将使用屏幕并在下一次请求时立即返回登录屏幕.它不会一直发生，而是随机发生.

I'm having reports and complaints from my user that they will be using a screen and get kicked back to the login screen immediately on their next request. It doesn't happen all the time but randomly.

我正在使用 CakePHP 和 Auth 组件，除此问题外，它们似乎运行良好

I am using CakePHP and the Auth component, which seem to work well other than this issue

我曾在 Cake 论坛上收到一些反馈，说这有时是由重置会话的 404 请求引起的，即如果您的图像链接损坏或网站图标文件丢失.我打开了 firebug 并且没有失败的请求，所以我排除了这种可能性，但用户偶尔会退出.这似乎跨浏览器和操作系统都会发生.

I got some feedback on the Cake forums once that this is sometimes caused by a 404 request that resets the session, i.e. if you have a broken image link or a missing favicon file. I have firebug open and there are no failed requests, so I ruled this out as a possibility, but the user is getting sporadically logged out. This seems to occur across browsers and operating systems.

以下是我的配置设置摘要:安全级别 = 高Session.timeout = 1200//这意味着我的实际超时应该是 12,000 秒Session.save = php

Below is a summary of my config settings: Security.level = high Session.timeout = 1200 // this means my actual timeout should be 12,000 seconds Session.save = php

我真的不知道是什么导致了这个问题......

I am really at a loss as to what is causing this issue...

推荐答案

我的安全设置为高也有问题.当您将其设置为高时，它会根据每个请求重新生成会话:如果 'Security.level' 设置为 'high'，CakePHP 会话 ID 也会在请求之间重新生成."

I have also had a problem with my security set to high. When you have it set to high it regenerates the session on every request: "CakePHP session IDs are also regenerated between requests if 'Security.level' is set to 'high'."

我在跨浏览器时也遇到了这个问题，所以我知道这不是最好的解决方案，但我只是将安全设置更改为中等，并更改了我的会话超时以反映该设置，此后没有出现任何问题.

I had this problem cross-browser as well, so I know its not the best solution but I just changed the security setting to medium, and changed my session timeout to reflect that setting and have not had any problems since.