Yesterday I logged in to Redmine on my notebook in the office using a local address. Today, when I went to our externally accessible address with my notebook, I was still logged in.
Does anyone think this is an issue? Is the login authentication stored in a cookie? Should the login expire after x (20-60) minutes without accessing Redmine? It is also troubling to me that I accessed it from two different places and did not have to login again.
RE: Log In - Added by Thomas Lecavelier over 9 years ago
This totally depend upon how you configured your redmine and your user account:
- if you're redmine is still alive since, and stored its session, it can be still valid cookies: you're session is still available
- if you set at logging "remember me" it could have (but not sure) recreate a session for you automagically.