[#10974] - Plugin "System - Page Cache" cuprit of login and logout issues - Invalid Security Token
- Closed
- 30 Jun 2016
- Medium
- Build: master
- # 10974
Steps to reproduce the issue
Enable the "System - Page Cache" plugin and turn on caching with the default settings in the Global Configs.
Log in to the front end
Log out of the front end
Log back in to the front end
Expected result
To be logged into the front end of my site.
Actual result
White page with the following error message:
"The most recent request was denied because it contained an invalid security token. Please refresh the page and try again."
System information (as much as possible)
System Information
php: Linux serv01.m60.siteground.biz 3.12.18-clouder0 #13 SMP Tue Mar 15 13:23:00 EET 2016 x86_64
dbversion: 5.6.28-76.1-log
dbcollation: utf8_general_ci
dbconnectioncollation: utf8mb4_general_ci
phpversion: 5.5.36
server: Apache
sapi_name: cgi-fcgi
version: Joomla! 3.5.1 Stable [ Unicorn ] 05-April-2016 22:45 GMT
platform: Joomla Platform 13.1.0 Stable [ Curiosity ] 24-Apr-2013 00:00 GMT
useragent: Mozilla/5.0 (iPad; CPU OS 9_3_2 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13F69 Safari/601.1
Additional comments
If you clear the system cache, you will be able to log in and out - ONCE. If you try to log in again, you'll get the error message.
If your disable the "System - Page Cache" plug in, and you disable the caching in the Global Configs, and you clear the system cache, you can login and logout of the front end over and over again.
While the "System - Page Cache" plugin does have an option to ignore menu items, not all developers may be implementing logging in and out of the site this way (i.e. by creating a menu item). For instance, they may load the login module from a popup window instantiated by clicking a button - as in my case.
Also also of note, I have caching set to "No Caching" within the "Login" module's advanced settings. It would stand to reason that this is not working, given what was described above.
Can we implement an update that truly disabled caching for anything having to do with logging in and out (i.e. force Joomla caching to ignore the "System - Page Cache" plugin, period?
Otherwse, I can't use caching on my site since I have employees/customers who are going to need to log in to the front end of the site. :-\
Hmmm... I read your reply, and I read the thread at the link you sent me. Honestly, it seems like you're right. I mean, I never saw it documented anywhere that you weren't supposed to use both caching mechanisms togther. In fact, somehow I got the impression as I was Googling it that the plugin had to be enabled for the caching to work when you enabled it in the Global Configs. But, I guess that's not the case.
Still, you would think that whoever developed the plugin gave some thought to login/logout...
I appreciate your time, and your response. And, I'll just disable the plugin - that makes it all work.
It just buggged me that it didn't work with the plugin enabled. I guess I thought it had to be, and that once it was, the site would be running faster.
That's what I get for being obsessive!
the token is replaced on cache library. see https://github.com/joomla/joomla-cms/blob/staging/libraries/joomla/cache/cache.php#L531-L540
Closed
| Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2016-06-30 08:52:58 |
| Closed_By | ⇒ | brianteeman |
| Labels |
Added:
?
|
||
I think it is expected behavior. Because "System - Page Cache" cache a whole page.
Should be enabled only one at once , see http://joomla.stackexchange.com/a/318/87
It is two different caching mechanism, do not related with each other.
If you need to be able login, then use cache in "Global configuration", and disable caching for the login module (module advanced params).