[#31206] - [4.0] Cassiopeia: Login - 2FA - Not found error When login with Username + PW only
- Closed
- 24 Oct 2020
- Medium
- Build: 4.0beta5
- # 31206
Testing 2FA-Authentication of Joomla 4 beta 5 on a new created site http://blubb.joomla.com via launch.joomla.com .
With nothing changed, except Enabling 2FA-Plugin, setting active for both Front- and Backend and enabled 2-FA Authentication for
User (Super Users role).
Tried to login via Frontend with Username and Password and 2FA-Auth code (worked)
Tried then to login with Username and password but 2FA-Code empty. (Failed, Not found Error)
Tried then to login with Username and password but invalid 2FA-Code. (Failed, Not found Error)
There is definatly something wrong in the login module.
Steps to reproduce the issue
- Setup a default / new Joomla 4.0 beta 5 Installation
- Enable 2FA-Plugin
- Set to "Both" (Frontend/ Backend)
- Enable 2FA-Authentication for User
- Logout
- Try to login with correct username and PW but without 2FA-Code --> Not found - Error
- Try to login with correct username and PW but with incorrect 2FA-Code --> Not found - Error
Expected result
- System Message: [Warning] Two Faktor Authentication is invalid.
- Focus on 2FA-Code Field
- 2FA-Field set to required and bordercolor is set to validation-failed color
Actual result
Not Found
The requested URL /component/users/login.html was not found on this server.
System information (as much as possible)
Joomla! Version Joomla! 4.0.0-beta5-dev Development [ MaƱana ] 15-September-2020 19:15 GMT
User Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.111 Safari/537.36
Additional comments
When the 2FA-Code is entered and correct, Login is possible into Frontend
joomla-cms-bot
- | Title |
|
||||||
As I said, standard installation via launch.joomla.com.
I did not enable URL rewriting, which should be disabled by default AFAIK.
And the behaviour of the login module is different to the backend module, which shows a System Message after reloading the login page. -> #31204
I cant recheck if URL rewriting is enabled, because my test site dont show up anymore in the ccp.cloudaccess.net for some reason.
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/31206.
Ok Renew was set to one day... my fault
Tested with a new created site there and yes, URL rewriting is enabled on standard installation.
A) either that is a problem in the beta installation package
or
B) for some reason created by the setup-system without activating the .htaccess
For someone who want to try out Joomla beta 5 and 2FA neither good.
Also the different behaviour compared to the Backend-Login.
Fourther checking: htaccess.txt still there.
Renaming it to .htaccess fixed the Issue and login module showed the same behaviour as in #31204
I think this is something to be checked that the Installer do not activate all SEO settings by default.
If it's not an Installer issue, the staff for launch.joomla.org / cloudaccess.net should be informed and SEO should be deactivated for a new site.
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/31206.
| Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2020-10-24 13:32:06 |
| Closed_By | ⇒ | jiweigert |
thanks for the info, gostn.
So for testers / bug finders not recommended, basically.
As they turned SEO full on but leave it to the user to find out to rename htaccess.txt this it not something I expected... both of it,
because total different to a regular 3.9 site setup.
Ok. will close this bug here. as it is not Joomla related.
Looks like URL rewriting is enabled but
.htaccessis missing.