This has been something ongoing with our Sugar install, and I imagine it's a server setting that I'm just ignorant of. Basically, after not using Sugar for a short period of time (about 15 minutes), I'm logged out automatically and need to log in again to do anything. I use Sugar all day but not consistently, and I'd love a way to stop these constant log out/log ins. Suggestions?

Hi danad, we use Sugar all day long and there is no auto-logout. I don't know off the top of there is a such a setting on config.php and manipulated thru Admin->Settings.

But ... if you IP changes, you'll be forced to log in again. Are you seeing this?

Andy

I checked Admin > Settings, and there isn't anything there. Our IP doesn't change with our new internet provider, and it changed now and again with the old one, but the behaviour was the same either way.

Did anyone find a way to adjust this setting... I looked through the config.php file and I don't see anything. This auto log out feature is driving me nuts.

Are you logged out without any user action preceding it? Or are you brought back to the login page after you are idle for some time and then you click on something?

In the case of the latter, it may be a session timeout issue.

webworx, see the "Validate IP address" setting in Admin -> System Settings. Change this setting and let us know if it changes.

Andy

This has been something ongoing with our Sugar install, and I imagine it's a server setting that I'm just ignorant of. Basically, after not using Sugar for a short period of time (about 15 minutes), I'm logged out automatically and need to log in again to do anything. I use Sugar all day but not consistently, and I'd love a way to stop these constant log out/log ins. Suggestions?


Have you tried changing the time out for the session in IIS or you webserver? I did not see an environment list, so I am not sure what you are running in.

For IIS I went to the website properties and then the configure button for the application settings on the virtual directory tab and then the options tab. My default timeout was 20 mins. I bumped that up to 500 min and it seems to have fixed it, but I have only talked to one user so far.

Good Luck,

It has been suggested to me that we can manage this using .htaccess files in the root directory of the server (as we do not have access to the php config file, denied by our provider).

However while we have the .htaccess file configured correctly this has not altered the time that sugar will allow you to be log in with no activity.

I too would love an answer for this.

Matthew Meath

Have you tried changing the time out for the session in IIS or you webserver? I did not see an environment list, so I am not sure what you are running in.

For IIS I went to the website properties and then the configure button for the application settings on the virtual directory tab and then the options tab. My default timeout was 20 mins. I bumped that up to 500 min and it seems to have fixed it, but I have only talked to one user so far.

Good Luck,
I also had to do this...
The default was 1440 seconds/24 minutes, I just set the cookie to expire when they close their browser.

Not sure how to go about it in apache though.

Has anyone figured out a method for Apache? I really need to stay logged for longer than 24 minutes.

TIA,
Don

The default session lifetime (garbage collection) in PHP is 24 minutes. See http://us2.php.net/manual/en/session.configuration.php

You can find the setting for your server in your PHP configuration file. e.g.
grep -i session.gc_maxlifetime /etc/php5/apache2/php.ini

Either change this setting for your server or manipulate it through .htaccess for your application.

Changing the value to 28800 would make it 8 hours. e.g.
(in php.ini)
; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxlifetime = 28800

(restart apache to reload the php.ini)
sudo apache2ctl configtest
sudo apache2ctl graceful

hello sir,, can you help me with my problem regards to
web to lead form???
when submitting my form on web it direct always to login page of my sugar crm... cant find a way
whats wrong ...
using webtoleadCapture.php and it came to log out not a thank you page...
what suppose to be a problem???
sorry im a new here in sugar and i want to learn it.. thanks in advance..

Hi danad, we use Sugar all day long and there is no auto-logout. I don't know off the top of there is a such a setting on config.php and manipulated thru Admin->Settings.

But ... if you IP changes, you'll be forced to log in again. Are you seeing this?

Andy

Here's something else that might be valuable to someone out there. Some Linux flavors handle garbage collection differently than others. I tried freephile's instructions and verified them with phpinfo(), but they did not fix my problems. On Mandriva and possibly other flavors of Linux garbage collection is done through cron.

Here's the history starting with freephiles valuable advice:

The default session lifetime (garbage collection) in PHP is 24 minutes. See http://us2.php.net/manual/en/session.configuration.php

You can find the setting for your server in your PHP configuration file. e.g.
grep -i session.gc_maxlifetime /etc/php5/apache2/php.ini

Either change this setting for your server or manipulate it through .htaccess for your application.

Changing the value to 28800 would make it 8 hours. e.g.
(in php.ini)
; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxlifetime = 28800

(restart apache to reload the php.ini)
sudo apache2ctl configtest
sudo apache2ctl graceful

I was still getting session timeouts in some inconsistent range.

After intermittent research over a long period of time, I discovered that my system handles garbage collection differently and I followed some clues to find and resolve it.

In php.ini on my Mandriva Linux 2008 system I discovered the following comment:

; This is disabled in the Mandriva Linux packages, due to the strict permissions
; on /var/lib/php. Instead of setting this here, see the cronjob at
; /etc/cron.d/php, which uses the session.gc_maxlifetime setting below


I followed the path given and the crontab line in that file was:

09,39 * * * * root [ -d /var/lib/php ] && find /var/lib/php/ -type f -mmin +$(/
usr/lib/php/maxlifetime) -print0 | xargs -r -0 rm

So my Mandriva system is doing garbage collection at 9 minutes after the hour and 39 minutes after the hour every hour of every day. But it is referencing maxlifetime, so the settings given by freephile should still be used. But following the path given, I found that the executable file maxlifetime did not simply extract the gc_maxlifetime setting from php.ini - it also enforced a maximum value of 1440.

Here's that script. Note the max=1440 line.

#!/bin/bash -e

max=1440

cur=$(sed -n -e 's/^[[:space:]]*session.gc_maxlifetime[[:space:]]*=[[:space:]]*\([0-9]\+\).*$/\1/p' /etc/php.d/*_session.ini 2>/dev/null || true);
[ -z "$cur" ] && cur=0
[ "$cur" -gt "$max" ] && max=$cur

echo $(($max/60))

exit 0


To verify that this was what was happening, I opened a session at 12 and left it idle until 12:39 when garbage collection was scheduled. At 12:40, I clicked a link in Sugar and was taken to the login page.

So that appeared to verify that this was causing the early timeout.

I changed the line to:

max=86400

(24 hours)

Now with freephile's changes, the garbage collcetion no longer terminated the session.

Phil