Step 1: patch or reconfigure Plone
For plone 3.1.x users
The following patch should be applied by you to your Plone sources. Find your Plone's python library directory, and apply this patch to it:
diff -urN lib/python/plone/session/plugins/session.py lib/python/plone/session/plugins/session.py --- lib/python/plone/session/plugins/session.py 2009-01-28 12:55:40.000000000 -0500 +++ lib/python/plone/session/plugins/session.py 2009-01-28 12:57:36.000000000 -0500 @@ -7,6 +7,7 @@ from AccessControl.SecurityInfo import ClassSecurityInfo from plone.session.interfaces import ISessionPlugin, ISessionSource import binascii +import datetime,time try: from AccessControl.requestmethod import postonly @@ -85,7 +86,9 @@ cookie=self.source.createIdentifier(userid) cookie=binascii.b2a_base64(cookie).rstrip() - response.setCookie(self.cookie_name, cookie, path=self.path) + expires = datetime.datetime.now() + datetime.timedelta(365) + expires = time.strftime("%a, %d-%b-%Y %H:%M:%S GMT", expires.timetuple()) + response.setCookie(self.cookie_name, cookie, path=self.path, expires=expires) # IExtractionPlugin implementation
Once this patch is applied, the login cookie that Plone sets is going to last for a year, or until you log off explicitly (whichever happens first).
For plone 3.2.x users
- Open your ZMI interface
- In there, browse to your Plone site
- Browse into
- Click on the Properties tab
- Set the cookie lifetime in days to a number larger than 0. Only positive integers are accepted.
Step 2: make Plone sessions last longer
However, this patch alone still won't keep you logged on -- your session with Plone will expire, by default, after thirty minutes of inactivity. To change that, locate your Plone instance's
etc/zope.conf file, and open it in a text editor. Then look for the line that says
# Directive: session-timeout-minutes. You are going to add a new directive
session-timeout-minutes like this:
That makes Plone not expire its sessions in RAM for one week. Or until you restart the server. Your call.
And that's it! Now your users' sessions and yours will last for a week or until you log off. Just remember to explicitly log off whenever you're using a shared computer!