Session or Cookies

7 months 19 hours ago #334661 by krileon
Replied by krileon on topic Session or Cookies
Then I assume something else on your install is breaking sessions. Sorry, I don't know what more to suggest. We're entirely using Joomla's form tokens for awhile now and don't create or validate the tokens and simply call Joomla's API to do so. I've confirmed that Joomla's keepalive js is loaded as well. I can try taking a look if you PM backend super user login credentials (see link in signature).


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in to join the conversation.

6 months 4 weeks ago #334682 by krileon
Replied by krileon on topic Session or Cookies
Have reviewed your install and it's entirely a caching problem. I checked the token before login. Saved it. Logged in. Logged out. Checked token again. The tokens are the same. This means the module or the entire page were cached. When the login fails you're sent to the failed login page. On that page the login works, because the token is now different and not cached.

Within Joomla global configuration you've global caching enabled. Followed by having "System - Page Cache" published. This means you've turned on Joomla page caching.

You cannot use full page caching anywhere that a form token exists. Tokens must change on every request. Tokens are meant to avoid people slamming your site with thousands of fake form posts. They're mandatory and they do not work with caching.

Your options are to turn off page caching or be sure within System > Plugin > System - Page Cache that you have excluded every URL that has a form token on it. You can exclude URLs specifically under Advanced and menu items specifically with "Exclude Menu Items".

Joomla page caching is primarily meant for static sites. Not dynamic sites. So blogs, brochure sites, etc.. it works wonderfully. It does not work well in dynamic environments. This is noted in Joomla's cache documentation. CB attempts to apply "cache busting" to prevent this from happening, but it can only do so on CB pages so for example your home page it won't be able to apply our workaround.

My recommendation is set global caching to "ON - Conservative caching" so things can cache on a per-capable basis then turn off page caching (publish "System - Page Cache") or you need to be absolutely sure you've set page caching to ignore every URL with a form.


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
The following user(s) said Thank You: XBOOMX

Please Log in to join the conversation.

6 months 3 weeks ago #334692 by XBOOMX
Replied by XBOOMX on topic Session or Cookies
Thanks for the tip, now everything is ok again. Disabled system page cache and set system cache to normal.
Thank you again for your effort. A big thank you for your support.
Thomas
The following user(s) said Thank You: krileon

Please Log in to join the conversation.

Moderators: beatnantkrileon
Time to create page: 0.262 seconds