Phil,
I don't have an explanation for the behavior that you describe. If I had the problem, I'd look at HTTP header traces (to see if the session cookie has an unexpected expiration), trace some more functions (those that call SESSION-TOO-OLD-P in particular) and the like. The problem could also be related to some header rewriting HTTP proxy in between, but all that is only speculation.
I'd also make an experiment with an out-of-the-box Hunchentoot and the hunchentoot-test package: I'd play around with various *SESSION-MAX-TIME* settings to see whether the behavior is as expected in an isolated setting. From there, I'd try to find out how the production environment differs.
It is certainly possible that Hunchentoot does not work, but I'm kind of reluctant to assume that given the little evidence and analysis that is available in your case.
-Hans
On Wed, May 19, 2010 at 15:13, Phil Marneweck zaries@global.co.za wrote:
Thanx for the speedy feedback.
I had to wait to for an opportune moment to shut down hunchentoot on my live server.
Steps
- I restarted it with the *session-gc-frequency* (5000) and
*session-max-time* (3600) values I wanted (before I creating any acceptors).
- Logged into my application and then left the system for 15 minutes, it
timed out when I tried to resume.
- I then placed a trace on HUNCHENTOOT::SESSION-TOO-OLD-P as suggested and
it comes back with a NIL, I pushed the system to make more than 50 new sessions.
- I logged in again and left the system for 15 minutes and again it timed
out when I tried to resume. All this time HUNCHENTOOT::SESSION-TOO-OLD-P is returning NIL.
I know I am grasping at straws now, but could the *SESSION-MAX-TIME* not working have something to do with the fact that the client and the server are in different time zones? If I run the server on my development box the session does not time out like on the server.
Regards Phil
On Wed, 2010-05-19 at 13:13 +0200, Hans Hübner wrote:
Phil,
are you sure that youre new value for *SESSION-MAX-TIME* is used by your sessions? Try tracing HUNCHENTOOT::SESSION-TOO-OLD-P and check the log file for entries saying "Session with ID <id> too old". If you see those messages in the log, or if HUNCHENTOOT::SESSION-TOO-OLD-P returns a true value for a session, your *SESSION-MAX-TIME* change has not been seen by Hunchentoot.
One reason could be that you're changing the value of the global variable after you started Hunchentoot in multi-threaded mode. In that case, the changed value might not be picked up.
Let us know how you proceed.
-Hans
On Wed, May 19, 2010 at 12:46, Phil Marneweck zaries@global.co.za wrote:
Hi
Is there any thing more than *session-gc-frequency* and *session-max-time* that influences session time outs?
Because it does not matter how high I set these values the session keeps on timing out with in a couple of minutes!
Can those values be set at any time or do they have to be set before any acceptors are created?
Any help would be much appreciated this is causing me major pain on a live site.
tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel
tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel
tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel