[MEDIUM:TRACKER 6765:1.0.9>] Login form problem

user deleted

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by user deleted » Tue Oct 10, 2006 9:43 am

Hi,

@ TheWagner, the developers are investigating this problem and have partially confirmed the problem. So hopefully the problem will be solved in the next release. We are doing out best to accomplish this and are aware of the problems it's causing.

Regards Robin

Ak5intoe
Joomla! Apprentice
Joomla! Apprentice
Posts: 29
Joined: Thu Oct 05, 2006 3:58 am

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by Ak5intoe » Wed Oct 11, 2006 1:55 am

Please move this thread to the sticky area of the category to give it more visibility.

I've been fighthing this issue for 4 days and just found this thread.

domihal
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Tue Sep 12, 2006 9:50 pm

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by domihal » Wed Oct 11, 2006 2:26 am

Hi,

i´m having the same problem on my site (after login, user menu does not show, but user is logged in. hope you´re still talking about that ^^). But my local installation works perfectly, so i think the problem is the redirecting proxy server we use. My guess would be, after the login, the proxy gets the login page from its cache and doesn´t update it.

Hope this helps

SergyDev
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Thu Oct 12, 2006 11:01 am

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by SergyDev » Thu Oct 12, 2006 11:14 am

Hi, guys.

I'm having same issue with a Remeber me check box that leads to pop up You are not authorized window when checked.
I read all posts on 3 topics but found nothing that could really help.

Otherwise I noticed that I had this issue only for site that were deployed in a non root directory.

Can it cause a problem?

Nig
Joomla! Intern
Joomla! Intern
Posts: 62
Joined: Tue Dec 06, 2005 11:21 pm

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by Nig » Thu Oct 19, 2006 9:59 pm

This is not just a problem on my own sites, but with others I visit. For example, iJoomla.com. This is really going to start hurting some sites if it isn't dealt with. I mean, who's going to bother revisiting a place which can't apparently work properly?

For me, I've got round it by clicking the Remember Me button, but that doesn't seem to be a standard solution at all. I can login using my wife's computer but not mine. I can't isolate what it is that's the problem, and that's just frustrating.

I really REALLY hope that it can be dealt with soon.

Nig

friesengeist
Joomla! Guru
Joomla! Guru
Posts: 842
Joined: Sat Sep 10, 2005 10:31 pm

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by friesengeist » Sat Oct 21, 2006 10:30 pm

We may not be able to control the wind, but we can always adjust our sails

Nig
Joomla! Intern
Joomla! Intern
Posts: 62
Joined: Tue Dec 06, 2005 11:21 pm

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by Nig » Sun Oct 22, 2006 3:24 am

Thanks for the heads up. I'll wait a bit to see if other problems are found before I use it on my live sites.

Nig

User avatar
sosokeys
Joomla! Apprentice
Joomla! Apprentice
Posts: 8
Joined: Mon Oct 02, 2006 4:24 pm

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by sosokeys » Sun Oct 22, 2006 2:21 pm

God bless you Ford,

mlines
Joomla! Apprentice
Joomla! Apprentice
Posts: 28
Joined: Mon Sep 11, 2006 11:15 am

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by mlines » Fri Nov 03, 2006 8:21 pm

As my site is fully live I cannot try the suggested changes.

My site - http://www.tv4x4.co.uk - redirects to http://www.lines-associates.com/NewHome

IE6.0  7.0 and Firefox 1.X and 2.0 users can login fine.

AOL users get "you are not authorized to view this resource" when clicking on login.

Just wanted to post to register my interest in the issue.

PHP built On:  Linux infong 2.4 #1 SMP Thu Jan 13 08:59:31 CET 2005 i686 unknown 
Database Version:  5.0.26-standard-log 
PHP Version:  4.4.4 
Web Server:  Apache/1.3.33 (Unix) 
WebServer to PHP interface:  cgi 
Joomla! Version:  Joomla! 1.0.11 Stable [ Sunbow ] 28 August 2006 20:00 UTC 
User Agent:  Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; WOW64; .NET CLR 1.1.4322) 

user deleted

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by user deleted » Fri Nov 03, 2006 8:24 pm

Hi
AOL users get "you are not authorized to view this resource" when clicking on login.
There is a security setting (level) in Global configuration that can be changed so AOL users do not experience login problems. You might want to try that.

mlines
Joomla! Apprentice
Joomla! Apprentice
Posts: 28
Joined: Mon Sep 11, 2006 11:15 am

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by mlines » Fri Nov 03, 2006 8:33 pm

Thanks for the prompt reply.

I should have mentioned that I have set the security to level 2 (I try to search the archives before rasing problems  :) ) - which is recommended for AOL login - the users are still having problems (although if it is an associated cache/proxy problem it has been less that an hour since I made the change and it is possible that something has not flushed from the AOL system I suppose)

ets_tempest
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Tue Oct 11, 2005 5:31 am

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by ets_tempest » Tue Nov 07, 2006 4:41 am

I may have a useful fix for sites that need to support AOL users.
After referencing some great AOL browser debug information here.
I modified index.php's handling of cache headers:

Code: Select all

<?php 
if( strpos($_SERVER['HTTP_USER_AGENT'], 'AOL') !== false ) { //this is an aol user
	header("Cache-Control: no-store, private, must-revalidate, proxy-revalidate, post-check=0, pre-check=0, max-age=0, s-maxage=0");	
}else{
	header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' );
	header( 'Cache-Control: no-store, no-cache, must-revalidate' );
	header( 'Cache-Control: post-check=0, pre-check=0', false );
	header( 'Pragma: no-cache' );	
}
header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
?>
WFM. Buyer beware. Your mileage may vary.
Last edited by ets_tempest on Wed Nov 08, 2006 3:38 pm, edited 1 time in total.

mlines
Joomla! Apprentice
Joomla! Apprentice
Posts: 28
Joined: Mon Sep 11, 2006 11:15 am

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by mlines » Tue Nov 07, 2006 8:11 am

Thanks,

I have popped the mod onto my site and asked the AOL users to look at it (I cannot be bothered to set up an AOL browser system myself!)

mlines
Joomla! Apprentice
Joomla! Apprentice
Posts: 28
Joined: Mon Sep 11, 2006 11:15 am

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by mlines » Tue Nov 07, 2006 8:23 pm

I am not sure that I put it in the correct place as I could not find exactly the code line in Index.php

This is where I put it (with a few lines of surrounding code to show where it fitted)


ob_end_clean();

initGzip();

if( strpos($_SERVER['HTTP_USER_AGENT'], 'AOL') !== false ) { //this is an aol user
header("Cache-Control: no-store, private, must-revalidate, proxy-revalidate, post-check=0, pre-check=0, max-age=0, s-maxage=0");
}else{


header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' );
header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
header( 'Cache-Control: no-store, no-cache, must-revalidate' );
header( 'Cache-Control: post-check=0, pre-check=0', false );
header( 'Pragma: no-cache' );
}

// display the offline alert if an admin is logged in
if (defined( '_ADMIN_OFFLINE' )) {
include( $mosConfig_absolute_path .'/offlinebar.php' );
}



The new effect is that AOL users cannot logon at all (before this it was intermittent)

Martin.

ets_tempest
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Tue Oct 11, 2005 5:31 am

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by ets_tempest » Wed Nov 08, 2006 1:14 am

That's certainly an interesting effect.
I'm not certain how this change to cache headers would block your AOL users unless it actually enables the caching of your site (the exact opposite of the intent) on the AOL servers and thereby delivers a copy of an unauthenticated page to every user.

mlines
Joomla! Apprentice
Joomla! Apprentice
Posts: 28
Joined: Mon Sep 11, 2006 11:15 am

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by mlines » Wed Nov 08, 2006 9:18 am

There is another issue in that I cannot see the problem myself as I do not have AOL. However, I will build a fresh partition on my machine this weekend and will create an AOL presence in the hope that I can see better what is being reported by the users.

At the moment I have persuaded the AOL users to download Firefox which is working well (of course!). If you have AOL access then feel free to create an account on http://www.tv4x4.co.uk and look at the problem directly.

ets_tempest
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Tue Oct 11, 2005 5:31 am

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by ets_tempest » Wed Nov 08, 2006 4:12 pm

mlines wrote: At the moment I have persuaded the AOL users to download Firefox which is working well (of course!). If you have AOL access then feel free to create an account on http://www.tv4x4.co.uk and look at the problem directly.
Note that I made a mod to my original code in the post above and moved the Last-Modified header outside the conditional so that it is set for all users including AOL users.

Since Firefox resolves the users' issues, it would seem that your pages are not being cached by AOL servers and that this is instead an IE specific issue. According to Microsoft, IE refreshes pages where the Expires header is set to -1. So, I further tweaked the cache settings:

Code: Select all

<?php 
if( strpos($_SERVER['HTTP_USER_AGENT'], 'AOL') !== false ) { //this is an aol user
	header("Cache-Control: no-store, private, must-revalidate, proxy-revalidate, post-check=0, pre-check=0, max-age=0, s-maxage=0");	
	if( strstr($_SERVER['HTTP_USER_AGENT'],'MSIE') ) { //AOL users with IE only
		header("Expires: -1");		
	}	 		
}else{
	header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' );
	header( 'Cache-Control: no-store, no-cache, must-revalidate' );
	header( 'Cache-Control: post-check=0, pre-check=0', false );
	header( 'Pragma: no-cache' );	
}
header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
?>

user deleted

Re: [MEDIUM:UNDER REVIEW:1.0.9>] Login form problem

Post by user deleted » Wed Nov 15, 2006 7:18 am

Q&T Note; we have seen enough report on this issue  ;) It's now logged on the trakcer to get sorted if possible.

Tracker link; http://forge.joomla.org/sf/go/artf6765?nav=1

I'd like to ask users not to add unnecessary replies, or off topic replies so we can keep this one clear for analysys. Thanks!

User avatar
toasted
Joomla! Intern
Joomla! Intern
Posts: 83
Joined: Wed Sep 27, 2006 12:53 pm

Re: [MEDIUM:TRACKER 6765:1.0.9>] Login form problem

Post by toasted » Wed Nov 15, 2006 8:22 pm

Here's what I did, maybe it will help. Joomla 1.011 and CB. I removed the username and password fields from the CB login module and added a .jpg image called "login". This image is linked to "index.php?option=com_login&Itemid=88888888" which takes you to a login module that works the first time.

It's a work around yea but maybe someone could take a good look at why com_login works and the stock login modules do not.

Even with this module, my text boxes are not auto-populated unless there is no www in the url.

User avatar
toasted
Joomla! Intern
Joomla! Intern
Posts: 83
Joined: Wed Sep 27, 2006 12:53 pm

Re: [MEDIUM:TRACKER 6765:1.0.9>] Login form problem

Post by toasted » Tue Nov 21, 2006 1:34 pm

Just so you know, when I visit my site in Linux with Firefox I am still logged in. No need to log in at all. This is the only combination that this has ever happened on for me with Joomla!. All Windows browsers do not work this way and I think they should. I always have to log in when using Windows and as you know sometimes more than once. Thought it might help, and please do not break Linux while fixing Windows!!

friesengeist
Joomla! Guru
Joomla! Guru
Posts: 842
Joined: Sat Sep 10, 2005 10:31 pm

Re: [MEDIUM:TRACKER 6765:1.0.9>] Login form problem

Post by friesengeist » Tue Nov 21, 2006 1:49 pm

toasted wrote: It's a work around yea but maybe someone could take a good look at why com_login works and the stock login modules do not.
It's because you are already on the correct site after you clicked on the link leading you to the login component. This way, you will always send a valid cookie to the server, while this is not done when visiting http://www.domain.xyz first, while the livesite is set to domain.xyz.
toasted wrote: Just so you know, when I visit my site in Linux with Firefox I am still logged in. No need to log in at all. This is the only combination that this has ever happened on for me with Joomla!. All Windows browsers do not work this way and I think they should. I always have to log in when using Windows and as you know sometimes more than once. Thought it might help, and please do not break Linux while fixing Windows!!
I guess you have the Remember-Me option activated when logging in on the linux box? Otherwise, there is no way you can be logged in without entering a PW. If you click "Logout" once on that box, you will notice that you are not automatically logged in next time.

To enable the Remember-Me function, I had to allow Firefox to store cookies from my site permanently! If this is not enabled, Firefoy will delete the cookie when it gets closed. That's probably what happens to you an Windows.
We may not be able to control the wind, but we can always adjust our sails

User avatar
toasted
Joomla! Intern
Joomla! Intern
Posts: 83
Joined: Wed Sep 27, 2006 12:53 pm

Re: [MEDIUM:TRACKER 6765:1.0.9>] Login form problem

Post by toasted » Tue Nov 21, 2006 1:56 pm

I have tried the remember me option in Windows too.. FF, IE, Opera, etc... they are all the same in Windows in that the feature does not work. All 3 installs of mine are the same. I'm thinking of the average user that visits my site, just like this forum and many others. I don't want to have to give them instructions on how to use my site. Change this, do this, go here and there... nope that is definately not a good situation.  When I arrive at a site I like to be logged in automatically and not have to do it each time. That is what happens to me in Linux, it just works.
Last edited by toasted on Tue Nov 21, 2006 2:01 pm, edited 1 time in total.

friesengeist
Joomla! Guru
Joomla! Guru
Posts: 842
Joined: Sat Sep 10, 2005 10:31 pm

Re: [MEDIUM:TRACKER 6765:1.0.9>] Login form problem

Post by friesengeist » Tue Nov 21, 2006 2:01 pm

toasted wrote: I have tried the remember me option in Windows too.. FF, IE, Opera, etc... they are all the same in Windows in that the feature does not work. All 3 installs of mine are the same. I'm thinking of the average user that visits my site, just like this forum and many others. I don't want to have to give them instructions on how to use my site. Change this, do this, go here and there... nope that is definately not a good situation.  When I arrive at a site I like to be logged in automatically and not have to do it each time. That is what happens to me in Linux, it just works.
There is nothing we can do about the security configuration of a user's browser. If your users want to stay logged in, they need to adjust their local broser configuration, so that they keep cookies (at least for your site) even when the browser gets closed.
We may not be able to control the wind, but we can always adjust our sails

User avatar
toasted
Joomla! Intern
Joomla! Intern
Posts: 83
Joined: Wed Sep 27, 2006 12:53 pm

Re: [MEDIUM:TRACKER 6765:1.0.9>] Login form problem

Post by toasted » Tue Nov 21, 2006 2:03 pm

My browser is stock... no changes. When I visit this forum I am automatically logged in. Nothing to do. When I go to my Joomla installs, I have to log in.

So its not the browser.

friesengeist
Joomla! Guru
Joomla! Guru
Posts: 842
Joined: Sat Sep 10, 2005 10:31 pm

Re: [MEDIUM:TRACKER 6765:1.0.9>] Login form problem

Post by friesengeist » Tue Nov 21, 2006 2:06 pm

toasted wrote: My browser is stock... no changes. When I visit this forum I am automatically logged in. Nothing to do. When I go to my Joomla installs, I have to log in.

So its not the browser.
Okay, do you have an URL (post here or send by PM) where I can check this? (With my browser ;))
We may not be able to control the wind, but we can always adjust our sails

User avatar
toasted
Joomla! Intern
Joomla! Intern
Posts: 83
Joined: Wed Sep 27, 2006 12:53 pm

Re: [MEDIUM:TRACKER 6765:1.0.9>] Login form problem

Post by toasted » Tue Nov 21, 2006 2:13 pm

Sure:
deleted
Its a test install
Last edited by toasted on Tue Nov 21, 2006 2:25 pm, edited 1 time in total.

friesengeist
Joomla! Guru
Joomla! Guru
Posts: 842
Joined: Sat Sep 10, 2005 10:31 pm

Re: [MEDIUM:TRACKER 6765:1.0.9>] Login form problem

Post by friesengeist » Tue Nov 21, 2006 2:34 pm

No remember-me cookie gets set at all. Might be a Community Builder problem though, we'll need to check this out.
As it's a test site, could you maybe activate the default Joomla! login module, instead of the CB login module, for a short time?
We may not be able to control the wind, but we can always adjust our sails

User avatar
toasted
Joomla! Intern
Joomla! Intern
Posts: 83
Joined: Wed Sep 27, 2006 12:53 pm

Re: [MEDIUM:TRACKER 6765:1.0.9>] Login form problem

Post by toasted » Tue Nov 21, 2006 2:37 pm

Sure and I will make you an admin too, have fun  :)

User avatar
toasted
Joomla! Intern
Joomla! Intern
Posts: 83
Joined: Wed Sep 27, 2006 12:53 pm

Re: [MEDIUM:TRACKER 6765:1.0.9>] Login form problem

Post by toasted » Tue Nov 21, 2006 2:39 pm

done, and dont worry, you can make any changes you want

friesengeist
Joomla! Guru
Joomla! Guru
Posts: 842
Joined: Sat Sep 10, 2005 10:31 pm

Re: [MEDIUM:TRACKER 6765:1.0.9>] Login form problem

Post by friesengeist » Tue Nov 21, 2006 5:33 pm

Okay, thanks a lot, toasted! This is just another login issue, which is new to me. It's a bug in IIS 5.0 (as far as I know only when running in CGI mode).

If a script wants to do a header redirect, like it is done in Joomla! after login and logout, all cookies and all other header data gets discarded. That's why you never received cookies upon login, if Remember-Me was set. More about this bug can be found here: http://bugs.php.net/bug.php?id=14636

Joomla! can't do much about it, except for avoiding header redirects, and switching to JavaScript or HTML-Metadata redirects. As a proof of concept, I've done that at your site, using a mambot. (You will probably find a few older versions as well in /mambots/system, they didn't uninstall properly due to file permissions). Now this mambot can only be seen as a proof of concept. I doubt it that we will try to circumvent this IIS Bug in Joomla! 1.0.12. Changes would (in my opinion) be a little bit too big, and might cause issues with other servers. I'll ask on the dev list about this though.

The mambot will not work for Community Builder, as it only hooks up on the normal Joomla! login process. But at least one more mystery about failed logins is solved now!
We may not be able to control the wind, but we can always adjust our sails


Locked

Return to “Q&T 1.0.x Resolved - Archived”