I tried many options in config.php file but no success.
Here the options.
first one:
Configure::write('Session', array(
'defaults' => 'php',
'timeout' => 31556926, // The session will timeout after 30 minutes of inactivity
'cookieTimeout' => 31556926,
'ini' => array(
'session.gc_maxlifetime' => 31556926 // 36 hours
)
));
second one:
Configure::write('Session', array(
'defaults' => 'php',
'Session.timeout' => 36000
));
Please let me know, as session expires in middle of work!
use the following code in your (app/Config/core.php)
Configure::write('Session', array(
'defaults' => 'cake',
'timeout' => 30, // The session will timeout after 30 minutes of inactivity
'cookieTimeout' => 1440, // The session cookie will live for at most 24 hours, this does not effect session timeouts
'checkAgent' => false,
'autoRegenerate' => true, // causes the session expiration time to reset on each page load
));
When add a new app to access saml, I am facing this issue.
SSOService.php:1 GET https://saml.testing.net/www/saml2/idp/SSOService.php?spentityid=newapp&cookieTime=1459920375
net::ERR_TOO_MANY_REDIRECTS
in my local I don't facing any issue, but when I copy the codes to staging servers, then it shows ERR_TOO_MANY_REDIRECTS errors, keep redirecting, and not able to display the saml login page. The Staging servers with Load balancers, would this caused the error?
Thanks.
Update:
$config = array(
'baseurlpath' => 'https://saml.testing.net/',
'certdir' => '/etc/test/sslcerts/',
'tempdir' => '/tmp',
'datadir' => 'data/',
'auth.adminpassword' => '1234567',
'admin.protectindexpage' => TRUE,
'admin.protectmetadata' => TRUE,
'secretsalt' => 'xxxxxxxxx',
'timezone' => NULL,
// logging related options
'loggingdir' => '/var/log/simplesamlphp/',
'logging.level' => LOG_WARNING,
'logging.logfile' => 'simplesaml_' .date("Ymd") . '.log',
'debug' => true,
'showerrors' => true,
'logging.handler' => 'file',
'logging.facility' => LOG_USER,
'logging.processname' => 'simplesaml',
'debug.validatexml' => FALSE,
'enable.saml20-idp' => TRUE,
'enable.shib13-idp' => FALSE,
'enable.adfs-idp' => FALSE,
'enable.wsfed-sp' => FALSE,
'enable.authmemcookie' => TRUE,
'session.duration' => 2*(60*60),
'session.requestcache' => 4*(60*60),
'session.cookie.lifetime' => 0,
'session.cookie.path' => '/',
'session.phpsession.cookiename' => 'SimpleSAMLSessionID',
'session.cookie.name' => 'SimpleSAMLSessionID',
'session.cookie.domain' => NULL,
'session.cookie.secure' => FALSE,
'session.cookie.lifetime' => 0,
'session.datastore.timeout' => 4*(60*60),
'session.state.timeout' => (60*60),
'session.phpsession.savepath' => NULL,
'session.phpsession.httponly' => FALSE,
'session.disable_fallback' => FALSE,
'session.authtoken.cookiename' => 'SimpleSAMLAuthToken',
'session.rememberme.enable' => FALSE,
'session.rememberme.checked' => FALSE,
'session.rememberme.lifetime' => 1209600, // 14 days
'enable.http_post' => FALSE,
'language.available' => array('en'),
'language.default' => 'en',
'attributes.extradictionary' => NULL,
'theme.use' => 'oldtheme:abcdef',
'attributes.extradictionary' => NULL,
'default-wsfed-idp' => 'urn:federation:pingfederate:localhost',
'idpdisco.enableremember' => TRUE,
'idpdisco.rememberchecked' => TRUE,
'idpdisco.validate' => TRUE,
'idpdisco.extDiscoveryStorage' => NULL,
'idpdisco.layout' => 'dropdown',
'shib13.signresponse' => TRUE,
'authproc.idp' => array(
10 => "frogauth:LogHandler",
30 => 'core:LanguageAdaptor',
45 => array('class' => 'core:StatisticsWithAttribute', 'attributename' => 'realm', 'type' => 'saml20-idp-SSO'),
50 => 'core:AttributeLimit',
99 => 'core:LanguageAdaptor',
100 => "newauth:ToLogin",
101 => "newauth:VerifyLogin",
99 => 'core:LanguageAdaptor',
),
'authproc.sp' => array(
99 => 'core:LanguageAdaptor',
),
'metadata.sources' => array(
array('type' => 'flatfile'),
),
'store.type' => 'memcache',
'memcache_store.servers' => array(
array(
array('hostname' => '10.11.11.11'),
),
),
'memcache_store.expires' => 36 * (60*60),
'metadata.sign.enable' => FALSE,
'metadata.sign.privatekey' => NULL,
'metadata.sign.privatekey_pass' => NULL,
'metadata.sign.certificate' => NULL,
'proxy' => null,
'xframe_options'=> array( 'enable' => TRUE, 'trusted_sites' => array()),
'session.duration' => 2*(60*60),
'theme.use' => "newtheme:multitheme",
);
saml20-sp-remote.php
$metadata['newapp'] = array(
'AssertionConsumerService' => 'https://www.newapp.com/mobile/saml',
'SingleLogoutService' => 'https://www.newapp.com/mobile/logout',
'Theme' => 'mobile',
);
In my case the SameSite=None cookie attribute was the culprit. SameSite=None cookies must be used along with the secure attribute!
Solution:
'session.cookie.secure' => true // config.php
If your service is running behind a reverse proxy and is not running over https you additionally need to define the URL schema:
'baseurlpath' => 'https://my.url.com/<path_to_simple_saml>' // indicating the https schema (config.php)
If it helps at all, whenever this occurs in our setup it is because something has gone wrong with the cookies.
The user is not being seen as logged in at the service because the cookies aren't set correctly. Therefore they are redirected to the idp at which point they are shown as logged in and redirected back to the service; and repeat.
Basically your service thinks they aren't logged in, saml thinks they are; and they both keep passing the buck!
I've just run into a similar redirect issue. SimpleSAMLPHP would load fine but when trying to login as an admin it would go into an infinite loop loading the loginuserpass.php and as_login.php pages (redirected initially from /module.php/core/login-admin.php?ReturnTo=XXX).
After a lot of debugging I found that the problem was actually Varnish caching which was stopping the session state from being loaded. This happened no matter what session storage was selected (phpsession, memcache or sql).
Disabling varnish caching on the SimpleSAMLPHP paths fixed the issue for me.
Hope this helps anyone else with this issue.
And here is still another possible solution to try (worked for me after searching for hours, and after correcting the 'session.phpsession.savepath'): Go into the Firefox developer tools (or the browser of your choice) and in the "web storage" remove all cookies.
Close the connection when the page content ends.
In my case the culprit was a git/merge error in the session.phpsession.savepath ... fixing it solved the redirect issue
'session.phpsession.savepath' => "/path/to"
I need to increase the session time for logged in users on my project. This is the session info in core.php:
Configure::write('Session', array(
'defaults' => 'php',
'cookieTimeout' => 1440,
'autoRegenerate' => true,
'cookie' => 'SYNAPARTY'
));
This generates a cookie that expires in 24 hours. The problem is the user gets logged out after sometime of inactivity. How can I solve this?
Try changing it to:
Configure::write('Session', array(
'defaults' => 'php',
'cookieTimeout' => 1440,
'timeout' => 1440 //Or whatever amount of minutes you want
'autoRegenerate' => true,
'cookie' => 'SYNAPARTY'
));
I am trying to implement a "Single Sign On (SSO)" between my CakePHP script and my wordpress blog. I researched online for it and found some questions such as
Access cakephp session (auth) from outside cakephp
and
Accessing cakephp session variable from a php script?
To do a quick test I then created a test php file in my webroot directory of my CakePHP with below code
<?php
session_name('NMCORE');
session_start();
print_r($_SESSION);
?>
NMCORE is my session name. It's not the default CAKEPHP. I also confirmed it by putting debug(session_name()); in my controller. But the above code returns a blank array. I'm not sure why it's not working. I need your help to figure it out.
The configuration for my Session in my CakePHP's core.php file is
Configure::write('Session', array(
'defaults' => 'cake',
'cookie' => 'NMCORE',
'timeout' => 43200, //30 days
'autoRegenerate' => true,
'checkAgent' => true
));
Does anybody have an idea on why this is not working?
I figured that out. I'm using 'defaults' => 'cake' in my
Configure::write('Session', array(
'defaults' => 'cake',
'cookie' => 'NMCORE',
'timeout' => 43200, //30 days
'autoRegenerate' => true,
'checkAgent' => true
));
When I changed it to 'php' then it worked.
Configure::write('Session', array(
'defaults' => 'php',
'cookie' => 'NMCORE',
'timeout' => 43200, //30 days
'autoRegenerate' => true,
'checkAgent' => true
));
I want to get the kohana session data outside the kohana application. I mean to say that i want to get the session data in a static file which is not a kohana page.
I have tried many things and atlast i have found the answer,
In your controller class, get the native session id before kohana session instance and store it. Now close the native session and initiate kohana session by passing the session id as an argument.
session_start();
// Store session id and close the session
$sessionId = session_id();
session_write_close();
// Then we can restore the session by using the session id
// and the Session class from Kohana
Session::Instance(Session::$default, $sessionId);
Now you can access the session inside the kohana application.
session_name('kohana'); //Your session name
print_r($_SESSION);
You can apply configuration settings to each of the session adapters by creating a session config file at APPPATH/config/session.php. The following sample configuration file defines all the settings for each adapter:
[!!] As with cookies, a "lifetime" setting of "0" means that the session will expire when the browser is closed.
return array(
'native' => array(
'name' => 'session_name',
'lifetime' => 43200,
),
'cookie' => array(
'name' => 'cookie_name',
'encrypted' => TRUE,
'lifetime' => 43200,
),
'database' => array(
'name' => 'cookie_name',
'encrypted' => TRUE,
'lifetime' => 43200,
'group' => 'default',
'table' => 'table_name',
'columns' => array(
'session_id' => 'session_id',
'last_active' => 'last_active',
'contents' => 'contents'
),
'gc' => 500,
),
);