Hi all,

For one of our clients we recently activated the Joomla! page caching plugin ("System - Cache") for the purpose of speed optimization on their website.

Consequence of this was that users who want to login frequently received the error message "Invalid token". The cause of this problem was logical: because the (HTML) output of every page is saved/cached and at each subsequent visit is being used, there was never a new "token" (hidden inputfield in the loginform) generated, which is used during login. Therefor there where many login session with the same token, which causes the error "Invalid token".

We solved this by made a custom page caching plugin (derived from the default Joomla! caching plugin) in which code we entrapped store caching from the page "/login". Therefor that page is generated each page visit again whereby there is always an unique token for the login session.

Is this problem known by other Joomla! developers? And do you maybe have other (better) solutions for solving this problem? I think it's just strange that two parts of the Joomla! core conflicts like this and it is nog being entrapped.