Shared session 'off'
Login to the backend as SU.
Login to the frontend as a different (registered) user.
Should work fine.
My sites goes in een loop (ERR_TOO_MANY_REDIRECTS) because of how my template is set up for public / registered users.
Joomla 5.1.4 | 8.3.11
Website with frontend login for registered users
I am sure this did not happen before, but not 100% sure at what time this started. If I needed to guess I would say after the last Joomla update.
Anyone else experiencing issues with the Shared session setting?
Labels |
Added:
No Code Attached Yet
|
Today I also noticed, when I am logged in in the backend. article sin the frontend have an 'edit' button. This did not happen before. So this is also a sign that something is off with the session. Not sure if this is only happening with the Super User account.
In Akeeba Admin Tools there is an option to disable frontend login for Super Users. We alway have this set to Yes. Maybe this has a relation to this issue? Maybe it''s not working OK? But I do think it's something else...
I can confirm now that this shared session issue is not only related to Super Users. It does not seem to work for other usergroups as well. Can anyone confirm this is an issue / bug?
can not confirm
Can not conform either. Could you disable or remove Admin Tools and check again?
Can not conform either. Could you disable or remove Admin Tools and check again?
Did that and did not change the issue.
For my understanding: When 'shared sessions' is OFF and I log into the backend and also open a browser tab in the frontend, should I see the 'edit' buttons on articles (when the backend user has edit rights of course) or should those not appear? Also when I get the user ID on the frontend, this should be a 0. Correct? Not the ID of the user logged in at the backend?
Correct. Did you save the global configuration in the backend?
If you are are active in backend but shared session is "off", you are only in the backend and don't see any edit buttons in frontend. BUT it could be that you are still logged in in frontend from a former session or in another browser.
Did you save the global configuration in the backend?
Yes ;-)
I checked the session cookie on the frontend and the backend and they appear to be the same.
it could be that you are still logged in in frontend from a former session or in another browser.
I don't think so. I cleared all cookies in my browder and the issue remains.
I will try to do a clean J5 install and check for this issue.
I did hear of this once before about a year ago but that was solved by opening and saving global config
Ah, this pointed me to a solution. I did re-save the config a couple of times, but then I turned the shared session ON and saved. I then needed to login again. And after setting the Shared Session back to No it fixed the issue!
Weird. But I am glad we got this figured out. Not sure what might be causing this but for me this 'fix' worked for now. Thanks for your help!
I do seem to remember a different issue that also involved resaving the global config... This was after some changes to Joomla. Not sure what. But apparently this is something that happens from time to time....
Status | New | ⇒ | Closed |
Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2024-09-16 10:21:52 |
Closed_By | ⇒ | Hackwar |
Since it seems to be solved, I'm closing this issue.
Well. I do think there is something causing this... Although there is a fix / workaround, maybe the reason why a re-save is needed should be addressed?
Since it seems to have been solved, I'm closing this one.
I think the issue is that - when logged in to the backend (SU) the frontend seems to find an id when I use Factory::getUser(); in the frontend. I think it should not find a user id in the frontend when the shared session is turned off. Correct?
When I am not logged in as SU the frontend user ID is 0. When I do login as admin the user ID in the frontend shows the backend user ID. So that is causing issues with a redirect I created for loggedin users.
I thinks the option Shared session should prevent this from happening? Am I correct?