If the security level is set to medium and the browser is closed, the user session is not deleted. So when opening the browser again after a few minutes, the user still has access to the authorized pages without logging in again.
My question is, if the browser is kept closed long enough, will the session eventually expire if the security level is medium? How long will it take? Would it be possible to adjust the duration when the session expires while keeping the same security level (medium)? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
