Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Session Expiring?

  1. #1
    mjfleck2000 is offline Senior Member
    Join Date
    Oct 2005
    Location
    Coeur d'Alene, ID
    Posts
    59
    Rep Power
    9

    Default Session Expiring?

    I and a few of my test users are having problems with Zimbra returning us to the Zimbra login page. After being logged in for about 2 minutes, the Zimbra login appears and we must log in again.
    This did not occur until I changed the default session time limits as admin. I think the default was 2 days! (yes, days!!). I change it to 12 hours. I started having this logout problem so I set it back to 2 days. The problem remains. I tried changin it to 24 hours with no luck.
    I did not find anything obviouse to me in /var/log/zimbra.log or /opt/zimbra/tomcat/log/catalina.out.

    Perhaps you could suggest a better path for me to explore.

    I am running Debian Sarge. Otherwise most things are working well... as well as when I was running FC3. BTW, Thank you again for the Debian version. I MUCH prefer Debian on my servers. (There is a new message quirk that I will post as a seperate message).

    Mike

  2. #2
    KevinH's Avatar
    KevinH is offline Expert Member
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Are you restarting tomcat after the change? We do cache LDAP entries so it may just be cached and the new value is not taking effect.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  3. #3
    mjfleck2000 is offline Senior Member
    Join Date
    Oct 2005
    Location
    Coeur d'Alene, ID
    Posts
    59
    Rep Power
    9

    Default Session Expiring

    >Are you restarting tomcat after the change? We do cache LDAP entries so it >may just be cached and the new value is not taking effect.

    I did (as root) /etc/init.d/zimbra restart. The problem remained, so, I went ahead a rebooted.

    The problem remains. Zimbra is running on Debian. I tried using Firefox 1.5 from Ubuntu and the session expires after about 2 minutes of inactivity. I tried it from WinXP using Firefox 1.5 and IE, and the session expires after about 2 minutes of inactivity.

    If there a conf file I can verify the session time limit, or, is it perhaps kept in mysql, if so, which table/field?

    Mike

  4. #4
    KevinH's Avatar
    KevinH is offline Expert Member
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    It's in LDAP one of the COS attributes. What does the admin UI show for that user?
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  5. #5
    mjfleck2000 is offline Senior Member
    Join Date
    Oct 2005
    Location
    Coeur d'Alene, ID
    Posts
    59
    Rep Power
    9

    Default

    I have tried changing the timeout values to various combos of numbers and hours/days in the Admin UI with no change in behaviour. If I am active in Zimbra, all is well. If I am inactive, after about 2 minutes, the user is returned to the log in screen. Note that this behaviour only happens to users, logging in to the Admin screen and leaving it idle does NOT result in an expired session.


    >It's in LDAP one of the COS attributes. What does the admin UI show for that user?

    As Admin UI, Configuration ->Class of Service ->default ->Advanced :
    Auth token lifetime 20 hours
    Session idle timeout 20 hours


    zimbra.ldif in /opt/zimbra/openldap/etc/openldap shows:

    zimbraMailIdleSessionTimeout: 0
    zimbraMailTrashLifetime: 30d
    zimbraMailSpamLifetime: 30d
    zimbraMailMessageLifetime: 0
    zimbraContactMaxNumEntries: 0
    zimbraAuthTokenLifetime: 2d
    zimbraAdminAuthTokenLifetime: 12h
    zimbraMailMinPollingInterval: 2m
    zimbraPrefMailPollingInterval: 5m
    zimbraMailQuota: 0
    zimbraPasswordEnforceHistory: 0
    ZimbraPasswordMinAge: 0
    zimbraPasswordMaxAge: 0
    zimbraPasswordMinLength: 6
    zimbraPasswordMaxLength: 64
    zimbraPasswordLocked: FALSE
    zimbraPop3Enabled: TRUE
    zimbraPrefTimeZoneId: (GMT-08.00) Pacific Time (US & Canada) / Tijuana

    As a test, I backed-up zimbra.ldif, chmod 644 zimbra.ldif, and changed zimbraAuthTokeLifetime to 12h, chmod 444 zimbra.ldif,tomcat restart.

    I still get the session kicked out after about 2 minutes of inactivity. Just to be sure it wasn't a cache problem, I rebooted the Zimbra server. No luck.


    Mike

  6. #6
    mjfleck2000 is offline Senior Member
    Join Date
    Oct 2005
    Location
    Coeur d'Alene, ID
    Posts
    59
    Rep Power
    9

    Default

    Is there a way for me to set it to NOT expire at all? (Zero or -1)

    You may notice from my previous post that the Admim UI and zimbra.ldif Token times do not match up. Did I perhaps, not look in the correct file?

    Mike

  7. #7
    KevinH's Avatar
    KevinH is offline Expert Member
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    I don't think so, that would be a problem as you don't want all auth tokens to last forever. What does a zmprov gaa <user account> show? Can you also dump the attributes for that user's COS?
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  8. #8
    mjfleck2000 is offline Senior Member
    Join Date
    Oct 2005
    Location
    Coeur d'Alene, ID
    Posts
    59
    Rep Power
    9

    Default

    Quote Originally Posted by KevinH
    I don't think so, that would be a problem as you don't want all auth tokens to last forever. What does a zmprov gaa <user account> show? Can you also dump the attributes for that user's COS?
    The problem with session expiration happens with all users. I used gq (and ldap viewer) to show the zimbraAuthTokenLifeTime attribute. For all users it was 12h.

    The command (as zimbra) zmprov gaa whitel@niei.icehouse.net returned:

    zimbra@niei:~/openldap$ zmprov gaa whitel@niei.icehouse.net
    ERROR: account.NO_SUCH_DOMAIN (no such domain: whitel@niei.icehouse.net)

    Other users tired gave the same result.

    Using zmprov gaa without a user name gave me a list of all the known users. Putting in any of those recognized users names gave me the above ERROR message.

    As a reminder, this is a Debian system. I still have the apt-get pkg system error message. If I apt-get install anything I get :
    After unpacking 0B of additional disk space will be used.
    Setting up zimbra-store (3.0.0_M4_62.DEBIAN3.1) ...
    java.io.FileNotFoundException: ../service.war (No such file or directory)
    at java.io.FileInputStream.open(Native Method)
    at java.io.FileInputStream.<init>(FileInputStream.jav a:106)
    at java.io.FileInputStream.<init>(FileInputStream.jav a:66)
    at sun.tools.jar.Main.run(Main.java:184)
    at sun.tools.jar.Main.main(Main.java:903)
    java.io.FileNotFoundException: ../zimbra.war (No such file or directory)
    at java.io.FileInputStream.open(Native Method)
    at java.io.FileInputStream.<init>(FileInputStream.jav a:106)
    at java.io.FileInputStream.<init>(FileInputStream.jav a:66)
    at sun.tools.jar.Main.run(Main.java:184)
    at sun.tools.jar.Main.main(Main.java:903)
    dpkg: error processing zimbra-store (--configure):
    subprocess post-installation script returned error exit status 1
    Errors were encountered while processing:
    zimbra-store
    E: Sub-process /usr/bin/dpkg returned an error code (1)


    I dont' know if this is related but I am suspicous that something was not set up correctly and that this may be related to the session problems I am having.

    Is anyone else have session expiration problems, especiall anyone trying the Debian package? Do you get the dpkg error?



    Mike

  9. #9
    bobby is offline Zimbra Employee
    Join Date
    Nov 2005
    Posts
    518
    Rep Power
    10

    Default

    fwiw that should be zmprov ga whitel@niei.icehouse.net

    just one 'a'. this will get the COS kevin wants:
    zmprov ga whitel@niei.icehouse.net | grep COS | awk {'print $2'} | xargs zmprov gc

  10. #10
    mjfleck2000 is offline Senior Member
    Join Date
    Oct 2005
    Location
    Coeur d'Alene, ID
    Posts
    59
    Rep Power
    9

    Default

    Quote Originally Posted by bobby
    fwiw that should be zmprov ga whitel@niei.icehouse.net

    just one 'a'. this will get the COS kevin wants:
    zmprov ga whitel@niei.icehouse.net | grep COS | awk {'print $2'} | xargs zmprov gc

    Thank you!

    The output for each user shows the same thing for Token lifetime:

    zmprov ga whitel@niei.icehouse.net | grep AuthToken

    zimbraAdminAuthTokenLifetime: 12h
    zimbraAuthTokenLifetime: 12h

    Mike

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Can't start Zimbra!
    By zibra in forum Administrators
    Replies: 5
    Last Post: 03-22-2007, 11:34 AM
  2. zimbra suddently refused to get mail
    By nosiath in forum Installation
    Replies: 2
    Last Post: 02-21-2007, 08:06 AM
  3. Services stopped working
    By lilwong in forum Administrators
    Replies: 4
    Last Post: 08-15-2006, 09:19 AM
  4. Zimbra server crashed
    By goetzi in forum Administrators
    Replies: 6
    Last Post: 03-25-2006, 01:00 PM
  5. The mailbox and mta dies in FC4 GA version
    By meikka in forum Installation
    Replies: 72
    Last Post: 03-16-2006, 05:30 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •