Odoo Help


Why there is not timeout period - session/connection to expire in OpenERP?

on 3/26/13, 10:02 AM 9,632 views

Hello, normally - in a big part of the websites where you have to log in,FOR SECURITY ,when you don't use your profile during some time , automatically your session will be expired and you will need to connect again . Why is not the same with OpenERP where I can stay for weeks without to be disconnected???anybody can touch in my database and do things inside. Isn't ? Can I (how) change that?

thank you in advance

You should not have access from internet to you OpenERP server...

Clément THOMAS
on 3/26/13, 10:41 AM

Development of the customer portal seems to contradict that you should not have internet access to your openERP server.

AJ Schrafel Paper Corp
on 3/26/13, 11:24 AM

What Clément is saying is that you should expose a proxy (nginx, apache, ...) and not OpenERP.

Davide Corio
on 3/26/13, 4:26 PM

Davide Corio

--Davide Corio--

| 5 4 7
Bricherasio, Italy
--Davide Corio--

Odoo Evangelist and Consultant

Davide Corio
On 3/26/13, 4:34 PM

A stand-alone instance isn't the suggested way to deploy OpenERP.

By using a front-end proxy like NGINX (reverse proxy or wsgi) you can still set the timeout limit.

Have a look at the openerp-wsgi.py config file inside the server folder for instance.

here you can find useful notes: http://thu.openerp.com/open-days-2012/gunicorn.html#(1))

Can you please explain howto setup a session timeout with NGINX?

Andreas Brueckl
on 3/26/13, 5:43 PM

correct params should be: client_header_timeout, client_body_timeout and send_timeout.

Davide Corio
on 3/26/13, 5:47 PM

You cannot control session timeout from an http proxy. A proxy server is supposed to be stateless, it has no knowledge of when the session cookie or session url variable has been used last time. The settings you mentioned is related to closing the tcp/http session between the proxy and a misbehaving or apparently disconnected client.

Mohammad Alhashash
on 4/3/13, 10:57 AM

you're probably right. you can set a session timeout in the wsgi openerp config file anyway

Davide Corio
on 4/4/13, 6:34 AM

Are you sure? I checked v7.0 and could find anything regarding expiration settings. I only found that sessions will be deleted after a fixed one week period in session_gc() at openerp-web/addons/web/http.py.

Mohammad Alhashash
on 4/4/13, 7:00 AM

Can anyone pls help me out on where I can find the openerp-wgsi.py file?

on 9/25/14, 5:10 AM

@Mohammad : it is at the root of the folder, alongside openerp-server. Check https://github.com/odoo/odoo . I also found this on another post : http://www.zbeanztech.com/blog/how-restrict-multiple-logins-user-openerp-0 .

Soriyath Straessle
on 11/12/14, 10:46 AM
On 3/27/13, 5:36 AM

Thank you very much,guys :)


on 9/25/14, 5:08 AM

About This Community

This platform is for beginners and experts willing to share their Odoo knowledge. It's not a forum to discuss ideas, but a knowledge base of questions and their answers.


Odoo Training Center

Access to our E-learning platform and experience all Odoo Apps through learning videos, exercises and Quizz.

Test it now

Question tools

1 follower(s)


Asked: 3/26/13, 10:02 AM
Seen: 9632 times
Last updated: 3/16/15, 8:10 AM