Developing (v7+)

Setting Session Expiration Time

Permalink April 30, 2009 at 5:19 PM

I am developing a site for a client, and have noticed that my Concrete sessions don't time out. I can leave my browser open overnight, and the next morning I don't have to log in at all. This is a potential security issue, especially if any of the site is accessed from a public computer.

Is there a way I can specify the duration of a session?

ScottC replied on Apr 30, 2009 at 7:15 pm Permalink Reply

which can be overridden. I believe this might also be a cookie variable but I haven't looked into this further. Obviously if you can go to sleep and come back this session constant is being overwritten by something but I haven't investigated further(yet).

Forums

Developing (v7+)

Setting Session Expiration Time

Code

Post Reply

Delete Post

Mark Post as Spam

Destroy Spammer

Sign In?