The problem we are seeing “sessions log out” - that is, a logged in user is performing continually performing operations/actions and at certain times, something occurs and the user is thrown back to the login page, effectively being logged out. The time between requests is typically 1 to 3 minutes and the user is still “logged out”.
At the moment the user is “logged out”, either a 401 or a 302 response is observed in the apache web server logs. The problem may occur in various places (eg.UpdateForm, AssignReq, …) either in a server action or a regular php page that was requested.
It should also be noted that the 401 (or 302) occurs on a request that was previously successful for the same user within the same session. (The user after logging in can process from 1 to 20+ forms before the problem appears)
We have also tried to use the developer mode on the browser + DebugMode in the server action set within the Wappler. No obvious problems are seen and there is no XDR data when this occurs.
Typically the 401 is observed on a POST type request, and the 302 is on a GET type request.
Examples of
“POST /dmxConnect/api/Form/F02/UpdateForm.php HTTP/1.1” 401 7144 “https://www.x.y/webReq/F02.php?op=2&idf=301”
“GET /webRequests/F02.php?op=2&idf=272 HTTP/1.1” 302 7102 “https://www.x.y/webReq/requests.php?offset=0”
Some Details about the environment:
load balanced/proxied -> apache2.4/php-fpm/php 7.3 servers -> aws RDS mysql backend
Apache server will handle only https for https://x.y and https://www.x.y domains. Port 80 requests are redirected to https://www.x.y
php session storage is memcached + mysql server
Client Browsers: Chrome, FireFox, IE/Edge
php.ini values defined for php-fpm:
session.cookie_lifetime = 0
session.gc_probability = 0
session.gc_divisor = 1000
session.gc_maxlifetime = 1440
session.cache_limiter = nocache
session.cache_expire = 180
No Errors have been thrown into the server error logs (httpd or php-fpm) - LogLevel Debug
Any insights would be appreciated.
Last updated: