?
avatar vovkss
vovkss
11 Sep 2018

I've installed Joomla and started configuring the site.
After changing the Administrator user's name (not login name!) I could no longer login into the site's backend (domain.name/administrator).

Entering correct credentials just lead to the login page again.
However, Joomla reacted to incorrect credentials - in this case, a message was displayed: "Username and password do not match or you do not have an account yet."

I've searched the internet for this problem and found many different reasons, double-checked all suggestions and nothing helped. In particular, the required modules were enabled, tried disabling .htaccess, etc.

In a HTTP debugger I've noticed that there were multiple session cookie names at the same time.

After some digging, I've found the file libraries/src/Session/Session.php and line 920:

		$this->_handler->setName(md5($options['name']));

The debugger showed that $options['name'] is already an md5-hash calculated elsewhere (CMSApplication.php, line 738: 'name' => \JApplicationHelper::getHash($this->get('session_name', get_class($this)))).

I removed md5 and everything works fine now, i.e. changed libraries/src/Session/Session.php, line 920 to:

		$this->_handler->setName($options['name']);
avatar vovkss vovkss - open - 11 Sep 2018
avatar joomla-cms-bot joomla-cms-bot - change - 11 Sep 2018
Labels Added: ?
avatar joomla-cms-bot joomla-cms-bot - labeled - 11 Sep 2018
avatar mbabker
mbabker - comment - 11 Sep 2018

While inefficient, double md5 hashing would not be creating your particular issue. I honestly feel like your change is more of a coincidence that things "work fine now" than actually fixing a bug, and if there were a bug related to that operation it would be something that could be consistently reproduced (and have been reported before now).

avatar franz-wohlkoenig franz-wohlkoenig - change - 11 Sep 2018
Status New Information Required
avatar franz-wohlkoenig franz-wohlkoenig - change - 11 Sep 2018
Category Authentication
avatar PhilETaylor
PhilETaylor - comment - 15 Sep 2018

more like the cookie_* vars in the /configuration.php file had been incorrectly set and not left as blank strings. 99% of the time this login loop with no error message is due to that.

avatar joomla-cms-bot joomla-cms-bot - change - 13 Oct 2018
Closed_By Quy joomla-cms-bot
avatar joomla-cms-bot joomla-cms-bot - close - 13 Oct 2018
avatar Quy Quy - change - 13 Oct 2018
Status Information Required Closed
Closed_Date 0000-00-00 00:00:00 2018-10-13 00:13:38
Closed_By Quy
avatar joomla-cms-bot
joomla-cms-bot - comment - 13 Oct 2018

Set to "closed" on behalf of @Quy by The JTracker Application at issues.joomla.org/joomla-cms/22128

avatar Quy
Quy - comment - 13 Oct 2018

Closing for now. If this is still an issue, please advise.


This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/22128.

Add a Comment

Login with GitHub to post a comment