Thomas you have right :D I didn't enabled 'Remember me' - in
filters.yml so it should look:
rendering: ~
security: ~
# insert your own filters here
security:
class: sfGuardBasicSecurityFilter #it is very important !!!
cache: ~
common: ~
execution: ~
Now we don't need session_cookie_lifetime in factories.yml so this
file should have:
all:
user:
class: myUser
param:
timeout: 2592000
And then: php symfony cc
AND NOW IT WORKS !! Now after clicked 'Remember me' and closed and
opened browser I am still log on :D
Thx Thomas, Sid and everybody else who was trying to help me :)
On 22 Cze, 13:36, Nickolas Daskalou <[email protected]> wrote:
> What happens when you make every page "secure" (in view.yml)? Does it work
> as expected then?
>
> 2009/6/22 Sid Bachtiar <[email protected]>
>
>
>
> > But did you check the settings?? Most browser would kill the session,
> > because it is a privacy issue.
>
> > On Mon, Jun 22, 2009 at 11:09 PM, dziobacz<[email protected]>
> > wrote:
>
> > > Remember me doesn't work in Firefox, IE8, Opera and Chrome.
>
> > > On 22 Cze, 12:50, Sid Bachtiar <[email protected]> wrote:
> > >> If you are using Firefox then check the Firefox settings. Make sure
> > >> session is not made expired on closing the browser.
>
> > >> On Mon, Jun 22, 2009 at 10:45 PM, dziobacz<[email protected]>
> > wrote:
>
> > >> > But checked 'remember me' checkbox doesn't work.
>
> > >> > On 22 Cze, 12:30, Sid Bachtiar <[email protected]> wrote:
> > >> >> But I think there is a 'remember me' checkbox option that warns them
> > about it.
>
> > >> >> It is a dangerous arrangement, so you need to be very careful here.
>
> > >> >> On Mon, Jun 22, 2009 at 10:25 PM, dziobacz<[email protected]>
> > wrote:
>
> > >> >> > But in 99% forums user is still loged on after closed and opened
> > >> >> > browser. For example here:http://www.dbforums.com/Sothissolution
> > >> >> > is normal and very popular.
>
> > >> >> > I think I have found a solution:
>
> > >> >> > user:
> > >> >> > class: myUser
> > >> >> > param:
> > >> >> > timeout: 2592000
>
> > >> >> > storage:
> > >> >> > class: sfSessionStorage
> > >> >> > param:
> > >> >> > session_cookie_lifetime: 2592000
>
> > >> >> > timeout and session_cookie_lifetime must be exacly the same because
> > >> >> > Symfony takes minimum from timeout and session_cookie_lifetime.
>
> > >> >> > On 22 Cze, 12:09, Gareth McCumskey <[email protected]> wrote:
> > >> >> >> Here's an example scenario. Your user goes to an Internet cafe. He
> > logs into
> > >> >> >> your web application and does what he wants to do then closes the
> > browser
> > >> >> >> (without logging out first) then walks out the door. If the
> > session was not
> > >> >> >> killed on browser exit then the next person that comes along and
> > opens the
> > >> >> >> browser and views the history or if the browser was setup to keep
> > tabs open,
> > >> >> >> they can then access your users account.
>
> > >> >> >> Work with the assumption that the browser exit will always kill
> > the session.
> > >> >> >> It is by far a better security arrangement.
>
> > >> >> >> On Mon, Jun 22, 2009 at 11:45 AM, Sid Bachtiar <
> > [email protected]>wrote:
>
> > >> >> >> > Hi,
>
> > >> >> >> > That's just how browser usually setup, to kill session when it
> > is closed.
>
> > >> >> >> > The timeout is for if user has the browser window opened, but
> > inactive
> > >> >> >> > (e.g.: not making any request to server) for x amount of time.
>
> > >> >> >> > You need to think about the security aspect when setting the
> > timeout.
> > >> >> >> > The longer the timeout, the more chance of your user forgot to
> > logout
> > >> >> >> > and someone else using their account.
>
> > >> >> >> > On Mon, Jun 22, 2009 at 8:59 PM, dziobacz<
> > [email protected]> wrote:
>
> > >> >> >> > > User should be log in 30 days = 2592000 seconds. In
> > factories.yml I
> > >> >> >> > > have:
> > >> >> >> > > all:
> > >> >> >> > > user:
> > >> >> >> > > class: myUser
> > >> >> >> > > param:
> > >> >> >> > > timeout: 2592000
>
> > >> >> >> > > But after closed browser user is log out and he must log in
> > again,
> > >> >> >> > > why ? What should I do ?
>
> > >> >> >> > --
> > >> >> >> > Blue Horn Ltd - System Development
> > >> >> >> >http://bluehorn.co.nz
>
> > >> >> >> --
> > >> >> >> Gareth McCumskeyhttp://garethmccumskey.blogspot.com
> > >> >> >> twitter: @garethmcc
>
> > >> >> --
> > >> >> Blue Horn Ltd - System Developmenthttp://bluehorn.co.nz
>
> > >> --
> > >> Blue Horn Ltd - System Developmenthttp://bluehorn.co.nz
>
> > --
> > Blue Horn Ltd - System Development
> >http://bluehorn.co.nz
>
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"symfony users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~----------~----~----~----~------~----~------~--~---
