Why is the userid field blank in the wwsessions table?
I noticed this when trying not have the session timeout.. I only want to end the session when the user closes the browser.. I tried leaving the param blank. Still timesout... When the user does an ajax call.. "the user doesnt know the page has already timedout" the json that comes back is the whole "login.usm" page.. I need to know how to set it so the session is alive until the browser closes..
THIS.InitSession(Server.oConfig.oUserSecurityManagerProcess.cCookieName,???? ,.T.)
Jim
The UserId field is an optional field that you as the user can use to store some identifier. wwSession
does nothing to read or write that value.
It's meant as a link field that can link something like a Customer PK to a User record. Such values depend on the application so you have to provide that. It's easily set and read using SetUserId()
and GetUserId()
or the field on the oData.UserId
member.
+++ Rick ---
I figured it was just an option field..
However, as far as session timeout.. i've set it for ike 30 days into the future.. still seems to timeout.. Is there a way to have it timeout only when browser or tab is closed?
Jim
Check what you're cookies are set to when the session is created.
To really check clear the session table, then check the output in Fiddler or Display Request data.
If you want persistent cookies that last over browser shutdowns you need to set the persist flag in the InitSession()
.
+++ Rick ---
ok... I see no place in the docs that have a persist property.. How is this flag set? or where is where can I call with a llpersist flag as .t.?
++ Jim
I'm already passing THIS.InitSession(Server.oConfig.oUserSecurityManagerProcess.cCookieName,60 * 60 * 24 * 20,.T.) It's not persisting.. Still timeout in an hour or 2 even though I'm setting it for 20 days and also pass .t. for persist..
Jim
Don't know then. This works - you can see it working here on this message board 😃
Check your cookies stored in the browser and see what they're being set to with Fiddler or the like.
+++ Rick ---
hmmm... Could it be cookies being set in the usersecurityprocess and also being set in my mymainprocess?
Jim
Very sorry Rick... I forgot about the user security process file.. I had it set there for THIS.InitSession(Server.oConfig.oUserSecurityManagerProcess.cCookieName,3600,.T.) and this is the cookie in the browser..
In my mainprocess file I made it
THIS.InitSession(Server.oConfig.oUserSecurityManagerProcess.cCookieName,60 * 60 * 24 * 10,.T.)
I changed the usersecurityprocess to THIS.InitSession(Server.oConfig.oUserSecurityManagerProcess.cCookieName,60 * 60 * 24 * 10,.T.)
Again.. Sorry.. Was pulling my hair out..
Jim
You'll probably want to make sure you use the same cookie for your application and user security processes if separate (as they should be). This will ensure that both get the same cookie expiration rules applied. IOW make InitSession()
identical in both places.
+++ Rick ---