In our phpBB board, several users have been complaining to us for years that they were being logged out randomly. It turns out it was not random at all, this is how you can reproduce it in a clean installation (used last stable 3.0.12 for this test):
- Log in normally. Make sure you check the "Log me on automatically each visit". You can browse the board a bit to check that the session is working.
- Wait for the session to expire or simulate it with something like TRUNCATE phpbb_sessions (don't do that in production, heh)
- Open 5-10 pages from the board simultaneously. An easy way to do this is save some bookmarks in a folder in your browser and then right click it and use "Open all bookmarks". Your browser may be different. Just make sure you open a lot of pages .
- Some of the pages will load logged in, some won't. The ones which did will be logged out upon browsing any other link.
This is an artificial test but it represents at least these two very likely, day-to-day scenarios:
- Impatient users suffering long response times because of congestion on the user network (using a high latency network, like a mobile phone, or P2P hogging bandwidth) or on the server (high load, etc).
- Browsers remembering the tabs from the last session and opening all of them simultaneously upon starting the browser (Chrome at least, IIRC Firefox loads them only when activated).