User Security Manager
Session table
Gravatar is a globally recognized avatar based on your email address. Session table
  Jim Monte
  All
  May 21, 2020 @ 08:43am

Why is the userid field blank in the wwsessions table?

I noticed this when trying not have the session timeout.. I only want to end the session when the user closes the browser.. I tried leaving the param blank. Still timesout... When the user does an ajax call.. "the user doesnt know the page has already timedout" the json that comes back is the whole "login.usm" page.. I need to know how to set it so the session is alive until the browser closes..

THIS.InitSession(Server.oConfig.oUserSecurityManagerProcess.cCookieName,???? ,.T.)

Jim

Gravatar is a globally recognized avatar based on your email address. re: Session table
  Rick Strahl
  Jim Monte
  May 21, 2020 @ 12:58pm

The UserId field is an optional field that you as the user can use to store some identifier. wwSession does nothing to read or write that value.

It's meant as a link field that can link something like a Customer PK to a User record. Such values depend on the application so you have to provide that. It's easily set and read using SetUserId() and GetUserId() or the field on the oData.UserId member.

+++ Rick ---

Gravatar is a globally recognized avatar based on your email address. re: Session table
  Jim Monte
  Rick Strahl
  May 21, 2020 @ 01:02pm

I figured it was just an option field..

However, as far as session timeout.. i've set it for ike 30 days into the future.. still seems to timeout.. Is there a way to have it timeout only when browser or tab is closed?

Jim

Gravatar is a globally recognized avatar based on your email address. re: Session table
  Rick Strahl
  Jim Monte
  May 21, 2020 @ 02:19pm

Check what you're cookies are set to when the session is created.

To really check clear the session table, then check the output in Fiddler or Display Request data.

If you want persistent cookies that last over browser shutdowns you need to set the persist flag in the InitSession().

+++ Rick ---

Gravatar is a globally recognized avatar based on your email address. re: Session table
  Jim Monte
  Rick Strahl
  May 21, 2020 @ 03:08pm

ok... I see no place in the docs that have a persist property.. How is this flag set? or where is where can I call with a llpersist flag as .t.?

++ Jim

Gravatar is a globally recognized avatar based on your email address. re: Session table
  Jim Monte
  Rick Strahl
  May 21, 2020 @ 06:45pm

I'm already passing THIS.InitSession(Server.oConfig.oUserSecurityManagerProcess.cCookieName,60 * 60 * 24 * 20,.T.) It's not persisting.. Still timeout in an hour or 2 even though I'm setting it for 20 days and also pass .t. for persist..

Jim

Gravatar is a globally recognized avatar based on your email address. re: Session table
  Rick Strahl
  Jim Monte
  May 21, 2020 @ 06:55pm

Don't know then. This works - you can see it working here on this message board 😃

Check your cookies stored in the browser and see what they're being set to with Fiddler or the like.

+++ Rick ---

Gravatar is a globally recognized avatar based on your email address. re: Session table
  Jim Monte
  Jim Monte
  May 21, 2020 @ 07:19pm

hmmm... Could it be cookies being set in the usersecurityprocess and also being set in my mymainprocess?

Jim

Gravatar is a globally recognized avatar based on your email address. re: Session table
  Jim Monte
  Jim Monte
  May 21, 2020 @ 07:49pm

Very sorry Rick... I forgot about the user security process file.. I had it set there for THIS.InitSession(Server.oConfig.oUserSecurityManagerProcess.cCookieName,3600,.T.) and this is the cookie in the browser..

In my mainprocess file I made it

THIS.InitSession(Server.oConfig.oUserSecurityManagerProcess.cCookieName,60 * 60 * 24 * 10,.T.)

I changed the usersecurityprocess to THIS.InitSession(Server.oConfig.oUserSecurityManagerProcess.cCookieName,60 * 60 * 24 * 10,.T.)

Again.. Sorry.. Was pulling my hair out..

Jim

Gravatar is a globally recognized avatar based on your email address. re: Session table
  Rick Strahl
  Jim Monte
  May 21, 2020 @ 08:44pm

You'll probably want to make sure you use the same cookie for your application and user security processes if separate (as they should be). This will ensure that both get the same cookie expiration rules applied. IOW make InitSession() identical in both places.

+++ Rick ---

Gravatar is a globally recognized avatar based on your email address. re: Session table
  Jim Monte
  Rick Strahl
  May 22, 2020 @ 05:13am

Yes.. I did that last night.. logged in this morning and session still going..

Thanks Rick

Jim

© 1996-2020