ErrorException session_create_id(): Failed to create new ID when user doesn't log out for a while
158 views
Skip to first unread message
Thomas Schober
Oct 3, 2021, 12:51:27 PM10/3/21
to SimpleSAMLphp
Hello everyone!
Single-sign-out function works great, but I have experienced problem with session cookie when users logs in, but does not log out and try to log in again. Screenshots attached. It shows error:
ErrorException session_create_id(): Failed to create new ID
Illuminate\View\Engines\CompilerEngine::handleViewException
/var/www/html/simplesamlphp/lib/SimpleSAML/SessionHandlerPHP.php:173
public function newSessionId(){
$sessionId = false;
// generate new (secure) session id
if (function_exists('session_create_id')) {
$sid_length = (int) ini_get('session.sid_length');
$sid_bits_per_char = (int) ini_get('session.sid_bits_per_character');
if (($sid_length * $sid_bits_per_char) < 128) {
Logger::warning("Unsafe defaults used for sessionId generation!");
$sessionId = session_create_id();
}
My code:
session_start();
$auth = new SimpleSAML_Auth_Simple('mySP');
$auth->isAuthenticated(); // Replaces our session with the SimpleSAMLphp one
SimpleSAML_Session::getSessionFromRequest()->cleanup(); // Reverts to our PHP session
$auth->requireAuth();
$auth = new SimpleSAML_Auth_Simple('mySP');
$auth->isAuthenticated(); // Replaces our session with the SimpleSAMLphp one
SimpleSAML_Session::getSessionFromRequest()->cleanup(); // Reverts to our PHP session
$auth->requireAuth();
If I manually delete SimpleSAML session cookie than i can log in again. Has anyone encountered this problem?
Any help would be much appreciated.
Thanks in advance and kind regards!
Tim van Dijen
Oct 3, 2021, 3:06:39 PM10/3/21
to simple...@googlegroups.com
Hi Thomas,
This should be fixed in 1.19.2
- Tim
Op 3-10-2021 om 18:51 schreef Thomas
Schober:
--
This is a mailing list for users of SimpleSAMLphp, not a support service. If you are willing to buy commercial support, please take a look here:
https://simplesamlphp.org/support
Before sending your question, make sure it is related to SimpleSAMLphp, and not your web server's configuration or any other third-party software. This mailing list cannot help with software that uses SimpleSAMLphp, only regarding SimpleSAMLphp itself.
Make sure to read the documentation:
https://simplesamlphp.org/docs/stable/
If you have an issue with SimpleSAMLphp that you cannot resolve and reading the documentation doesn't help, you are more than welcome to ask here for help. Subscribe to the list and send an email with your question. However, you will be expected to comply with some minimum, common sense standards in your questions. Please read this carefully:
http://catb.org/~esr/faqs/smart-questions.html
---
You received this message because you are subscribed to the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlph...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/simplesamlphp/ad2fde2c-a2de-4fc0-be7a-f389c874eb18n%40googlegroups.com.
Message has been deleted
Thomas Schober
Oct 3, 2021, 3:16:26 PM10/3/21
to SimpleSAMLphp
Thank you very much Tim. Now i know I just have to wait for a fix in the next stable version.
Reply all
Reply to author
Forward
0 new messages