cross
New Foswiki release 2.1.6 is available with important security fixes.
Sourceforge foswiki email lists being discontinued. Subscribe to the new Foswiki announce and discuss lists at MailingLists
This question about Documentation: Answered

What is the effect of extending the cache expiry time?

According to the documentation, by default the cache expires and is recreated every 24 hours. You can change this setting, including disabling it entirely by setting the value to zero. What I'm wondering is, if I do either of these things, what is the impact on end users?

(1) If a new user is added to the LDAP directory (so not in the cache) - will the cache get refreshed/updated for that user when the user tries to login? Or only on the next full cache refresh? Is there such a thing as a partial or single user cache update?

(2) If a user changes his/her password between cache expiries - does Foswiki continue to expect the old password until the cache is refreshed?

The reason I'm asking these questions is actually more about session expiry. Users of my site are complaining that they don't like having to log in every day and would like this time to be lengthened or the timeout to be disabled. I'm assuming the LDAP cache expiry is the reason they need to login again every day (assuming the browser is left open)?

-- LeilaPearson - 27 Aug 2012

Just an added comment - I tried extending the time on a test site, and it does seem to keep me signed in longer - so it does seem to be the LDAP cache expiry that causes the session to need restarting. I just don't want to make the change on my main site if it's going to cause other issues...

-- LeilaPearson - 28 Aug 2012

Never mind. I finally realized this has nothing to do with LDAP. The problem is simply CGI Session expiry time. The setting for this wasn't visible using configure for some reason but is in the LocalSite.cfg file. I manually edited the {Sessions}{ExpireAfter} setting from 21600 which is 6 hours, to 604800 which is 1 week.

-- LeilaPearson - 13 Dec 2013

The setting is there in configure; {Sessions}{ExpireAfter}, in the "Security and Authentication" tab. It's not even an expert setting.... (looking at 1.1.9)

-- CrawfordCurrie - 16 Dec 2013

Yes, it is now. For some reason the setting wasn't visible in Foswiki 1.0.9 - but it is visible in 1.1.9.

-- LeilaPearson - 26 Dec 2013

In 1.0.9, it's in the Security Setup - Sessions section, but it's an expert parameter, so you have to click the "Yes, I've read all the documentation" button to make it visible.

-- GeorgeClark - 26 Dec 2013
 

QuestionForm edit

Subject Documentation
Extension LdapContrib
Version Foswiki 1.0.9
Status Answered
Related Topics
Topic revision: r6 - 26 Dec 2013, GeorgeClark - This page was cached on 25 Jun 2018 - 11:26.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy