autologout_ahah_logout does not have permission

Im having the same issue but my seams to be limited to only Firefox users. Also I have set the popup timer to 0 to remove the pop up but still get it with this error.

I've had this problem in chrome. Subscribing.

Same issue here. Subscribing.

Forgot to say that I'm on 6.x-4.0, not the dev version.

Just to double-check, you commented out this line?

  // @todo: this message is not being displayed once logged out
  drupal_set_message(t('You have been logged out due to inactivity.'));

It seems strange that commenting out the message and replacing it with drupal_goto() would help!

Thanks.

This may be tied to the module attempting to redirect the user back from whence they came, and if the logged out user is no longer allowed to access the page it throws an error in the log and in the JS.

When that page is returned as access denied and erroneousness value is also passed to the JS file which degrades with an error log.

The "drupal_get_destination" on line 107 seems to be the key mater here.

Two routes I see to handle
1) use a more intelligent method of preventing an error in the drupal log
2) work around the JS error by simply re-routing access denied or erroneous inquiries to the login page without a fancy redirect.

I've noticed that, after removing the drupal_set_message, it now works....except when on https pages. For some reason, if I'm on an https page it still gives the error message. I've tried adding my logout page to Secure Pages to make it always https. I've also tried adding it to the Secure Pages ignore list (and I've also tried adding it to both, just to see what happens). None of those settings made it work.

Do you have any idea why running it from an https page would cause the error (i.e. why it wouldn't be able to access the logout page)?

Thanks.

I installed 6.x-4.x-dev today and had the same problem mentioned above. I looked at the other fixes in this but none of them seemed to make sense (or work). The problem is that we're getting an access denied at /autologout_ahah_logout. The access callback for autologout_ahah_logout is _autologout_access_ahah. _autologout_access_ahah is checking for $user->uid, but it is being called after the user is logged out, so no $user->uid. I did:

function _autologout_access_ahah() {
  //global $user;
  return /* $user->uid && */ user_access('access content');
}

Everything seems to be working now, with no more errors.

My fix above gets rid of the error messages, but doesn't solve the bug. The problem is that the module is logging out the user twice: once with the code between lines 102 and 112 (the fallback code if js is disabled) and once with the js. It needs proper checking to see if js is enabled, and only run the fallback code in that situation.

I am having the same issue. #10 seems to remove the error in the db log, however the browser popup error remains. I also then applied #4 and it seems to be working now.

6.x-4.0 - Same issue here. Subscribing.

Try adding the following line to the ignore pages section #9

*/autologout.js/*

get rid of the fallback code.

Same problem here. In my case, too, it seems to be connected to SSL. At least the problem doesn't occur in my local backup of the site.

As said above this error comes because each page tries to logout after timeout.

I overcome this issue by using a cookie to store the last access time, whenever a page exceeds the time limit it will check the cookie value , if it exceeds the time that you have set user will be logged out. Before logging out the cookie will be cleared, so that when another page gets timed out it will check the cookie value, It will be empty and it won't try to log out ( since you are already logged out ) instead it will just reload the page.

By doing this way I solved another issue that I had, i.e by default autologout will log you out even if any of the pages exceeds the time limit, I didn't like this because you may be active in another page but still you will be logged out if one of the pages that you opened exceeded the time limit. By using cookie to store last access time this won't happen.

I think this can be fixed via preventing autologout_init code firing on an ajax callback by just checking the path first rather than cookies.

The following patch fixes this and other issues for the 7.x-4.x branch. If it gets OK'd we can write the 6.x-4.x backport.

http://drupal.org/node/1989798

Applied fixes for this to the 7.x-4.x and 6.x-4.x branches. Patch that was applied to 6.x-4.x branch is attached.