Odoo Help

Welcome!

This community is for beginners and experts willing to share their Odoo knowledge. It's not a forum to discuss ideas, but a knowledge base of questions and their answers.

3

Why there is not timeout period - session/connection to expire in OpenERP?

By
radi
on 3/26/13, 10:02 AM 7,096 views

Hello, normally - in a big part of the websites where you have to log in,FOR SECURITY ,when you don't use your profile during some time , automatically your session will be expired and you will need to connect again . Why is not the same with OpenERP where I can stay for weeks without to be disconnected???anybody can touch in my database and do things inside. Isn't ? Can I (how) change that?

thank you in advance

You should not have access from internet to you OpenERP server...

Clément THOMAS
on 3/26/13, 10:41 AM

Development of the customer portal seems to contradict that you should not have internet access to your openERP server.

AJ Schrafel Paper Corp
on 3/26/13, 11:24 AM

What Clément is saying is that you should expose a proxy (nginx, apache, ...) and not OpenERP.

Davide Corio
on 3/26/13, 4:26 PM
2

Davide Corio

--Davide Corio--
1822
| 4 3 7
Bricherasio, Italy
--Davide Corio--

Odoo Evangelist and Consultant

Davide Corio
On 3/26/13, 4:34 PM

A stand-alone instance isn't the suggested way to deploy OpenERP.

By using a front-end proxy like NGINX (reverse proxy or wsgi) you can still set the timeout limit.

Have a look at the openerp-wsgi.py config file inside the server folder for instance.

here you can find useful notes: http://thu.openerp.com/open-days-2012/gunicorn.html#(1))

Can you please explain howto setup a session timeout with NGINX?

Andreas Brueckl
on 3/26/13, 5:43 PM

correct params should be: client_header_timeout, client_body_timeout and send_timeout.

Davide Corio
on 3/26/13, 5:47 PM

You cannot control session timeout from an http proxy. A proxy server is supposed to be stateless, it has no knowledge of when the session cookie or session url variable has been used last time. The settings you mentioned is related to closing the tcp/http session between the proxy and a misbehaving or apparently disconnected client.

Mohammad Alhashash
on 4/3/13, 10:57 AM

you're probably right. you can set a session timeout in the wsgi openerp config file anyway

Davide Corio
on 4/4/13, 6:34 AM

Are you sure? I checked v7.0 and could find anything regarding expiration settings. I only found that sessions will be deleted after a fixed one week period in session_gc() at openerp-web/addons/web/http.py.

Mohammad Alhashash
on 4/4/13, 7:00 AM

Can anyone pls help me out on where I can find the openerp-wgsi.py file?

yasin
on 9/25/14, 5:10 AM

@Mohammad : it is at the root of the folder, alongside openerp-server. Check https://github.com/odoo/odoo . I also found this on another post : http://www.zbeanztech.com/blog/how-restrict-multiple-logins-user-openerp-0 .

Soriyath Straessle
on 11/12/14, 10:46 AM
0
radi
On 3/27/13, 5:36 AM

Thank you very much,guys :)

sadasd

yasin
on 9/25/14, 5:08 AM

Your Answer

Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!

About This Community

This community is for professionals and enthusiasts of our products and services. Read Guidelines

Question tools

1 follower(s)

Stats

Asked: 3/26/13, 10:02 AM
Seen: 7096 times
Last updated: 3/16/15, 8:10 AM