Edit : OH RIGHT, I remember now. The remember_me_seconds is for the server but it's no good if the client deletes the cookie. You should used both the cookie_lifetime and the remember option set to appropriate values. Try the following.
session' => array(
'cookie_lifetime' => 2419200, //SEE ME
'remember_me_seconds' => 2419200, //SEE ME
'use_cookies' => true,
'cookie_httponly' => true,
),
Let me know if it works.
Disregard the following.
I don't think the remember_me option works. I took a look at the ZF2 code and here is some indication that it is useless. Look for the //SEE ME
comment.
public function setStorageOption($storageName, $storageValue)
{
$key = false;
switch ($storageName) {
// SEE ME
case 'remember_me_seconds':
// do nothing; not an INI option
return;
case 'url_rewriter_tags':
$key = 'url_rewriter.tags';
break;
default:
$key = 'session.' . $storageName;
break;
}
$result = ini_set($key, $storageValue);
if (FALSE === $result) {
throw new \InvalidArgumentException("'" . $key .
"' is not a valid sessions-related ini setting.");
}
return $this;
}
/**
* Retrieve a storage option from a backend configuration store
*
* Used to retrieve default values from a backend configuration store.
*
* @param string $storageOption
* @return mixed
*/
public function getStorageOption($storageOption)
{
switch ($storageOption) {
// SEE ME
case 'remember_me_seconds':
// No remote storage option; just return the current value
return $this->rememberMeSeconds;
case 'url_rewriter_tags':
return ini_get('url_rewriter.tags');
// The following all need a transformation on the retrieved value;
// however they use the same key naming scheme
case 'use_cookies':
case 'use_only_cookies':
case 'use_trans_sid':
case 'cookie_httponly':
return (bool) ini_get('session.' . $storageOption);
default:
return ini_get('session.' . $storageOption);
}
}