Joomla! Issue Tracker - CMS

Download
Launch
Feeling Lucky

[#38678] - 4.2.2 Multi-Factor Authentication Not Loading on Upgraded Sites with Rocket Theme

No Code Attached Yet
avatar SpyderZ
SpyderZ
3 Sep 2022

Steps to reproduce the issue

• Cleared Two-Factor settings and cache, then upgraded Rocket Themed (Denali) Joomla 4.1.5 to 4.2.2
• Enabled Multi-Factor Auth, using Multi-factor Authentication - Verification Code
• Enrolled Super User account and confirmed backend functionality MFA.
• Attempted to log in to the front end of the website with MFA.

Expected result

• Expected the MFA screen at /component/users/captive?Itemid=101, where the six-digit code can be entered and authenticated to load the registered landing login page.

Actual result

• MFA redirects to the home page with the URL https://stage.website.com**/component/users/captive?Itemid=101** where no other links work until cookies are cleared, and no MFA fields are presented to authenticate with the code.

System information (as much as possible)

Apache 2.4.6-97
PHP 8.0.22 FPM application served by Apache
Maria DB 10.4.26
NGINX Proxy Mode
NGINX Smart static files processing
NGINX Serve static files directly
Cloudflare DNS/CDN/WAF (Same settings for all sites described here.)

Additional comments

Originally the trouble came with the Community Builder Login Module. I worked with them, and they corrected it with the latest build. However, it only partially fixed our issue. I completely removed CB and used Joomla's Login module in testing with the same problem.

• On the upgraded website, when setting the home page template to Cassiopeia, MFA works; the field is presented and authenticates, forwarding to the login page that is Rocket Themed.

• Setting up a brand new Joomla 4.2.2 instance and installing the Rocket Theme w/ Gantry 5, works fine with MFA on the front and backends.

• I've uninstalled all third-party plugins from the upgraded site, testing the front-end MFA each time to isolate a possible incompatibility and to match the brand new instance. The result was the same when having a mirrored extension list.

It seems that the MFA has a routing problem on upgraded sites during the redirect. Something important isn't getting appropriately upgraded and is breaking MFA.

Is this a Joomla or Rocket Theme bug?

I'm available to screen share if required for more information.

Votes

# of Users Experiencing Issue
1/1
Average Importance Score
4.00
avatar SpyderZ SpyderZ - open - 3 Sep 2022
avatar SpyderZ SpyderZ - change - 3 Sep 2022
Labels Removed: ?
avatar joomla-cms-bot joomla-cms-bot - change - 3 Sep 2022
Labels Added: No Code Attached Yet
avatar joomla-cms-bot joomla-cms-bot - labeled - 3 Sep 2022
avatar SpyderZ
SpyderZ - comment - 16 Sep 2022

Bug reported to Gantry 5, framework for Rocket Themes.
the gantry/gantry5#3078

This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/38678.

avatar brianteeman
brianteeman - comment - 19 Sep 2022

Is there a reason that this is still open? There is nothing that core can do to address the issue in gantry.

avatar alikon alikon - change - 19 Sep 2022
Status New Closed
Closed_Date 0000-00-00 00:00:00 2022-09-19 14:59:37
Closed_By alikon
avatar alikon alikon - close - 19 Sep 2022

Add a Comment

Login with GitHub to post a comment