My favorites | Sign in
Project Home Downloads Wiki Issues Source
New issue   Search
for
  Advanced search   Search tips   Subscriptions
Issue 3725: cache web_sessions setting of maxAge=0 resulting in "cache.web_sessions.maxAge is set to 0 milliseconds" + users can't log in
2 people starred this issue and may be notified of changes. Back to list
Status:  New
Owner:  ----


Sign in to add a comment
 
Reported by mpro...@gmail.com, Dec 16, 2015
Affected Version: 2.11.5

What steps will reproduce the problem?

1) Use gerrit with a configuration like:

[ldap]
[...]
[cache "web_sessions"]
        maxAge = 0

What is the expected output? What do you see instead?

Expected behavior: stay logged in "forever", as documented at https://gerrit-documentation.storage.googleapis.com/Documentation/2.11.5/config-gerrit.html#cache which says that "If 0 is supplied, the maximum age is infinite and items are never purged except when the cache is full.".

Actual behavior instead is:

| [2015-12-10 11:12:13,642] WARN com.google.gerrit.httpd.WebSessionManager : cache.web_sessions.maxAge is set to 0 milliseconds; it should be at least 5 minutes.

and users aren't able to login as they get thrown out again immediately.
Dec 21, 2015
Project Member #1 david.pu...@sonymobile.com
The log message was added for  issue 1821 .

I'm not sure if the documentation ("if 0 is supplied, the maximum age is infinite") is relevant to the web_sessions cache.  I can't see anything in the implementation to suggest that the intention is to make it infinite.  It just sets:

  expiresAt = now + sessionMaxAgeMillis;

where sessionMaxAgeMillis is taken from the cache["web_sessions"].maxAge setting in the config.  So that would cause exactly the behaviour you're seeing.

Sign in to add a comment

Powered by Google Project Hosting