mod_usertrack CookiesExpire set but serving session cookies

[turtles]

I want to track individual users, so have turned on mod_usertrack, and given the following instructions:

<IfModule mod_usertrack.c>

CookieTracking on
CookieExpires "3 months"

CookieStyle RFC2109
CookieName fmav

</IfModule>

It all works fine, but the cookies are session cookies which expire when the browser closes, and not of the type that I would like to last for 3 months. What have I missed or not understood?

TIA

 

[turtles]

For anyone with a similar problem, here's how I sorted it. As any fool (except me) knows, IE6 downgrades cookies to session cookies if there is no compact privacy policy in the header. You have to implement a p3p privacy policy - go to

http://www.p3ptoolbox.com/

to find out how. There is a tool for making the files at

http://www.alphaworks.ibm.com/tech/p3peditor.

Validator is at

http://www.w3.org/P3P/validator.html.

You get into a cycle of testing etc with the validator until you have everything in the right place. To add the p3p: header, you turn on mod_headers and something like

<IfModule mod_headers.c>

Header append P3P: 'CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI CO
M NAV INT", policyref="/w3c/p3p.xml"'

</IfModule>

to an .htaccess or your virtual server config. NB the policyref= has to be at /w3c/p3p.xml. The CP= bit comes from the compact policy that you can save as a text file.

Once you have made a policy that is compliant, you need to check whether it is compliant with what ie6 needs to allow cookies. A good tool is privacy bird (

http://www.privacybird.com).

You tell it your settings (which should be medium). It twitters if all is ok and complains if not.

Whew.