Session timeout issue

ℹ️ Support
1

Nextcloud version : 15.0.5.3
Operating system and version : CentOS 7 (7.6.1810)
Apache or nginx version : Apache 2.4.6
PHP version : 7.3

I want that inactive people connected on the web interface of the NC server are logged out after 10 minutes.
Following some thread and after reading the documentation, I’ve set the following variable.

‘session_lifefime’ => 600,
‘session_keepalive’ => false,
‘remember_login_cookie_lifetime’ => 660,

From my understanding :

  • The session_lifetime set to 600 allow that inactive session are logged out.
  • The session_keepalive set to false disable the heartbeat and allow the session to effectively time out.
  • The remember_login_cookie_lifetime set to 660 allow the cookie to invalidate the session after 660 seconds.

Steps to replicate it:

  1. Set the variable as mentionned above.
  2. Log in with a user on the web gui
  3. Wait without doing nothing on the nextcloud GUI
  4. The user should be logged out but the GUI stays connected.

The output of Nextcloud log in Admin > Logging:


https://pastebin.com/NLQXf4Nd

The output of config.php

<?php
$CONFIG = array (
  'instanceid' => '***REMOVED SENSITIVE VALUE***',
  'passwordsalt' => '***REMOVED SENSITIVE VALUE***',
  'secret' => '***REMOVED SENSITIVE VALUE***',
  'trusted_domains' =>
  array (
    0 => '***REMOVED SENSITIVE VALUE***',
  ),
  'datadirectory' => '***REMOVED SENSITIVE VALUE***',
  'dbtype' => 'mysql',
  'version' => '15.0.5.3',
  'overwrite.cli.url' => '***REMOVED SENSITIVE VALUE***',
  'dbname' => '***REMOVED SENSITIVE VALUE***',
  'dbhost' => '***REMOVED SENSITIVE VALUE***',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => '***REMOVED SENSITIVE VALUE***',
  'dbpassword' => '***REMOVED SENSITIVE VALUE***',
  'installed' => true,
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'redis' =>
  array (
    'host' => '***REMOVED SENSITIVE VALUE***',
    'port' => 6379,
  ),
  'htaccess.RewriteBase' => '/',
  'skeletondirectory' => '/var/www/html/nextcloud/core/skeleton-custom',
  'session_lifefime' => 600,
  'session_keepalive' => false,
  'remember_login_cookie_lifetime' => 660,
  'default_locale' => 'fr_FR',
  'defaultapp' => 'files',
  'logtimezone' => 'Europe/Paris',
  'ldapIgnoreNamingRules' => false,
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
  'mail_from_address' => '***REMOVED SENSITIVE VALUE***',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => '***REMOVED SENSITIVE VALUE***',
  'mail_smtphost' => '***REMOVED SENSITIVE VALUE***',
  'mail_smtpport' => '25',
);

Best Regards,

Christophe