Frequent session timeouts when using External users (OC_User_IMAP) #101
Description
Steps to reproduce
- Enable External Users
- Set user backends
'user_backends' =>
array (
0 =>
array (
'class' => 'OC_User_IMAP',
'arguments' =>
array (
0 => '{:993/imap/ssl/novalidate-cert}',
),
),
), - Log in with an IMAP backed account, and even if you keep browsing the folders and files continuously, the session expires after 5 minutes.
- Use a non-IMAP user, do the same and the session does not expire after 5 minutes.
Expected behaviour
Session should not expire while user is active, regardless if user is backed by IMAP.
Actual behaviour
Session expires for IMAP users after 5 minutes, even if they are being active all the time.
Server configuration
Operating system: FreeBSD 11.2
Web server: Apache 2.4.34
Database: mysql 5.6.41
PHP version: 5.6.37
Nextcloud version: 13.0.6
Updated from an older Nextcloud/ownCloud or fresh install: Updated from 13.0.4 (freshly installed 13.0.4 had the same behaviour)
Where did you install Nextcloud from: Downloaded from nextcloud.com, updated with built-in updater.
Signing status:
Signing status
No errors have been found.
List of activated apps:
App list
The process control (PCNTL) extensions are required in case you want to interrupt long running commands - see http://php.net/manual/en/book.pcntl.php Enabled: - activity: 2.6.1 - calendar: 1.6.1 - comments: 1.3.0 - contacts: 2.1.5 - dav: 1.4.7 - federatedfilesharing: 1.3.1 - files: 1.8.0 - files_external: 1.4.1 - files_pdfviewer: 1.2.1 - files_sharing: 1.5.0 - files_texteditor: 2.5.1 - files_trashbin: 1.3.0 - files_versions: 1.6.0 - files_videoplayer: 1.2.0 - gallery: 18.0.0 - groupfolders: 1.3.3 - logreader: 2.0.0 - lookup_server_connector: 1.1.0 - nextcloud_announcements: 1.2.0 - notes: 2.4.1 - notifications: 2.1.2 - oauth2: 1.1.1 - password_policy: 1.3.0 - polls: 0.8.3 - provisioning_api: 1.3.0 - serverinfo: 1.3.0 - survey_client: 1.1.0 - systemtags: 1.3.0 - tasks: 0.9.7 - theming: 1.4.5 - twofactor_backupcodes: 1.2.3 - updatenotification: 1.3.0 - user_external: 0.4 - workflowengine: 1.3.0 Disabled: - admin_audit - bruteforcesettings - deck - encryption - federation - files_fulltextsearch - firstrunwizard - fulltextsearch - impersonate - mail - ojsxc - rainloop - ransomware_protection - sharebymail - spreed - unsplash - user_ldapNextcloud configuration:
Config report
The process control (PCNTL) extensions are required in case you want to interrupt long running commands - see http://php.net/manual/en/book.pcntl.php { "system": { "instanceid": "***REMOVED SENSITIVE VALUE***", "passwordsalt": "***REMOVED SENSITIVE VALUE***", "secret": "***REMOVED SENSITIVE VALUE***", "trusted_domains": [ "***REMOVED SENSITIVE VALUE***" ], "datadirectory": "***REMOVED SENSITIVE VALUE***", "overwrite.cli.url": "***REMOVED SENSITIVE VALUE***", "dbtype": "mysql", "version": "13.0.6.1", "dbname": "***REMOVED SENSITIVE VALUE***", "dbhost": "***REMOVED SENSITIVE VALUE***", "dbport": "", "dbtableprefix": "oc_", "dbuser": "***REMOVED SENSITIVE VALUE***", "dbpassword": "***REMOVED SENSITIVE VALUE***", "installed": true, "mail_from_address": "***REMOVED SENSITIVE VALUE***", "mail_smtpmode": "php", "mail_smtpauthtype": "LOGIN", "mail_domain": "***REMOVED SENSITIVE VALUE***", "theme": "", "loglevel": 0, "maintenance": false, "session_lifetime": 3600, "session_keepalive": true, "apps_paths": [ { "path": "\/usr\/local\/www\/nextcloud\/apps", "url": "\/apps", "writable": true }, { "path": "\/usr\/local\/www\/nextcloud\/apps-pkg", "url": "\/apps-pkg", "writable": false } ], "user_backends": [ { "class": "OC_User_IMAP", "arguments": [ "{server:993\/imap\/ssl\/novalidate-cert}" ] } ], "updater.secret": "***REMOVED SENSITIVE VALUE***" } }Are you using external storage, if yes which one: NONE
Are you using encryption: no
Are you using an external user-backend, if yes which one: OC_User_IMAP
Client configuration
Browser: Firefox, Chrome
Operating system: Linux, Windows
Logs
Web server error log
Web server error log
[Sat Sep 08 15:24:26.306389 2018] [authz_core:error] [pid 41778] [client CLIENT_IP:41192] AH01630: client denied by server configuration: /usr/local/www/nextcloud/data/.ocdata [Sat Sep 08 15:43:46.530126 2018] [authz_core:error] [pid 71617] [client CLIENT_IP:42956] AH01630: client denied by server configuration: /usr/local/www/nextcloud/data/.ocdataNextcloud log (data/nextcloud.log)
Nextcloud log
[nextcloud.log](https://github.com/nextcloud/server/files/2363378/nextcloud.log)Browser log
Browser log
Navigated to https://fqdn.net/nextcloud/index.php/login?redirect_url=/nextcloud/index.php/apps/files/%3Fdir%3D/Eln%25C3%25B6ks%25C3%25A9g/Ki%25C3%25A1ll%25C3%25ADt%25C3%25A1sok/2018%2520Orsz%25C3%25A1gos%2520Ki%25C3%25A1ll%25C3%25ADt%25C3%25A1s%26fileid%3D1705
Content Security Policy: Directive ‘child-src’ has been deprecated. Please use directive ‘worker-src’ to control workers, or directive ‘frame-src’ to control frames respectively.
JQMIGRATE: Migrate is installed, version 1.4.0 core.js:7:542
window.controllers/Controllers is deprecated. Do not use it for UA detection. merged.js:2171
Source map error: TypeError: NetworkError when attempting to fetch resource.
Resource URL: https://fqdn.net.hu/nextcloud/core/vendor/core.js?v=97481833-10
Source Map URL: purify.min.js.map[Learn More]
Shutting down notifications: [401] Unauthorized merged.js:285:5
_onFetchError
https://fqdn.net/nextcloud/index.php/js/notifications/merged.js:285:5
j
https://fqdn.net/nextcloud/core/vendor/core.js:2:26920
fireWith
https://fqdn.net/nextcloud/core/vendor/core.js:2:27738
x
https://fqdn.net/nextcloud/core/vendor/core.js:4:11276
b/<
https://fqdn.net/nextcloud/core/vendor/core.js:4:14765
Navigated to https://fqdn.net/nextcloud/index.php/apps/files/?dir=/Eln%C3%B6ks%C3%A9g/Ki%C3%A1ll%C3%ADt%C3%A1sok/2018%20Orsz%C3%A1gos%20Ki%C3%A1ll%C3%ADt%C3%A1s&fileid=1705