Sessions are handled by the Symfony2 framework, specifically API= and underlying session handlers provided by HTTP Fundation compo= nent[1][2], this is further enhanced in eZ Publish with support for Si= teAccess aware sessio= n cookie configuration.
Use of Memcached (or experimentally using PDO) as session handler is= a requirement in Cluster setup, for details see below, for an overview of = clustering feature see Clustering.
In Symfony, session handler is configured using framework.session.=
handler_id. Symfony can be configured to use custom handlers[2], or just fallback to=
what is configured in PHP by setting it to null (~).
Before 5.4 eZ Publish uses default Framework Bundle configuration, which on Symfony 2.3 implies&=
nbsp;Symfony's NativeFileSession=
Handler[3] (session.handler.native_file service). Th=
is handler forces PHP's builtin "files" session save handler, and spec=
ifically configures it to use sessi=
on.save_path set to ezp=
ublish/sessions by default (=
ezpublish/cache/<env>/sessions before 5.3).
framework:
session:
save_path: "%kernel.root_dir%/sessions"
# The session name defined here will be overridden by the one defin=
ed in your ezpublish.yml, for your SiteAccess.
# Default session name is "eZSESSID{siteaccess_hash}" (unique sessi=
on name per SiteAccess).
# See ezpublish.yml.example for an example on how to configure this=
.=20
Session Garbage collection on Debian & Ubuntu
Debian based Linux distros disables=
session.gc_pro=
bability by default and uses cronjob instead to clear sessions files. A=
s we use custom save_path for sessions here that would normally be a proble=
m, however default Symfony configuration makes sure to re enable this in
Uses same default configuration as recent versions of Symfony standard d= istribution, this makes sure you can configure sessions purely in php by de= fault, and allows Debian/Ubuntu session file cleanup cronjob to work as int= ended.
framework:
session:
# handler_id set to null will use default session handler from php.=
ini
handler_id: ~=20
For single server, default handler should be preferred.
For Cluster setup we need to con= figure Sessions to use a backend that is shared between web servers, and su= pports locking. Only options out of the box supporting this in Symfony is n= ative PHP memcached session save handler provided by php-memcached&n= bsp;extension, and Symfony session handler for PDO (database).
For setting up eZ Publish using this memcached you'll need to configure = the session save handler settings in php.ini as documented here, optionally tweak php= -memcached session settings, and use default configuration as of eZ Pub= lish 5.4 / 2014.11 documented above.
While not currently our recommendation from performance perspective, for=
setups where Database is preferred for storing Sessions, you may use Symfo=
ny's PdoSessionHandler.
Below is an configuration example for eZ Publish=
, but please refer to documented in Symfony Cookbook documentation for full document=
ation.
framework:
session:
# ...
handler_id: session.handler.pdo
parameters:
pdo.db_options:
db_table: session
db_id_col: session_id
db_data_col: session_value
db_time_col: session_time
services:
pdo:
class: PDO
arguments:
dsn: "mysql:dbname=3D<mysql_database>"
user: <mysql_user>
password: <mysql_password>
session.handler.pdo:
class: Symfony\Component\HttpFoundation\Session\Storage\Handler=
\PdoSessionHandler
arguments: ["@pdo", "%pdo.db_options%"]=20
session.handler.pdo service