Shared Session Issue

7 months 4 days ago #334583 by ernienet
Shared Session Issue was created by ernienet
I've been upgrading my sites from Joomla 3 to Joomla 4.

A strange thing is happening that Joomla support has not been able to help with (forum.joomla.org/viewtopic.php?f=811&t=1002716&p=3697069#p3696457) - so I'm wondering if there is anything in Community Builder that might be causing this issue.

After upgrading, I cannot prevent Joomla from also logging me into the site when I log into the administrator. I have been working on the login/account creation features of my client's websites.

In Joomla 3, I could log in and out of the site while remaining logged into the administrator in another tab. This feature goes away after upgrading to Joomla 4. As you'll see in the Joomla Forum post, I've exhausted all the options they gave me, and no one has answered in a week.

The only other extension I use for logging in and out and account creation is Community Builder (a few sites also have Membership Pro, but the problem exists also for those which do not have Membership Pro).

Is anyone aware of any setting in CB that might be overriding the Joomla setting (shares sessions disabled)?

Thank you,
Ernie

Please Log in to join the conversation.

7 months 3 days ago #334586 by krileon
Replied by krileon on topic Shared Session Issue
CB has no control over the session. We leave that entirely up to Joomla. You should be able to turn shared sessions off though. The parameter in Joomla 4 is in System > Global Configuration > System > Session. You should see the "Shared Sessions" parameter there. I've been using Joomla 4 since its stable release and have no issues with backend/frontend login being exclusive and not shared.


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in to join the conversation.

7 months 3 days ago - 7 months 3 days ago #334587 by krileon
Replied by krileon on topic Shared Session Issue
We do have a plugin that can impact sessions at time of login. That's CB AntiSpam, but only if you have duplicate login protection enabled. It deletes duplicate sessions. This is default disabled though and impacts login not logout. Deleting a user within CB also of course deletes their sessions and setting a users account as blocked will also log them out. I'm not able to find any other sessions deletions throughout all of CB and our products.

My best guess is some sort of 3rd party plugin in System > Plugins that might be doing it? Something common between all your sites having this issue.


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in to join the conversation.

7 months 3 days ago #334591 by ernienet
Replied by ernienet on topic Shared Session Issue
There are a few things all the sites have in common: Community Builder, Gantry 5 framework, Akeeba Backup, and PWT ACL. I've been removing a few old extensions (Flickr Suite and DT Register) which are not supported in Joomla 4 or PHP 8, and replacing the sites that used those with Events Gallery and Membership Pro, respectively.

I have CB AntiSpam installed on almost all the sites. Because it supports reCAPTCHA v3, I've begun using it as the default Joomla CAPTCHA. I'm still struggling with the Google API console changes - what a PAIN!

Is this the setting you are referring to?
 

If so, and it's disabled by default, then it shouldn't be the cause unless it behaves differently in Joomla 4 than it did in Joomla 3. There seem to be a few places in CB AntiSpam were there is a "duplicate" setting. I don't see anything that directly indicates "duplicate login protection"

There's:
Login Duplicates
Login Sharing
Login Auto Block
Registration Duplicates
Registration Auto Block

All of them are already disabled.

I will continue to look elsewhere for an answer to this - since no one else in the Joomla forum or here has reported it, it must be something unique to one of the extensions I'm using.

Thank you,
Ernie
Attachments:

Please Log in to join the conversation.

7 months 3 days ago #334594 by krileon
Replied by krileon on topic Shared Session Issue
If the login protections are disabled in CB AntiSpam then they're not doing anything so it couldn't be them. Are you using file based or database based sessions? I recommend database based. For reference the below is our demo site settings, which this problem doesn't appear to affect.

Session Handler: Database
Session Lifetime (minutes): 1500
Shared Sessions: No
Track Session Metadata: Yes
Track Guest Session Metadata: Yes


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.

Please Log in to join the conversation.

7 months 3 days ago #334597 by ernienet
Replied by ernienet on topic Shared Session Issue
Two sites I've worked on recently - one a new site and the other an upgraded website - are both set the same:

Session Handler: Database
Session Lifetime (minutes): 60
Shared Sessions: No
Track Session Metadata: Yes
Track Guest Session Metadata: Yes.

So pretty much the same as yours. If those are the defaults, I'm sure all the other sites are the same.

Joomdonation (who makes Events Booking and Membership Pro) also says his extensions don't have anything to do with session sharing.

I just updated another site this morning and as soon as the update was complete, the Shared Session issue came up - before I upgraded, it was not doing that, just like all the others.

I will continue to troubleshoot.

Thank you,
Ernie

Please Log in to join the conversation.

Moderators: beatnantkrileon
Time to create page: 0.226 seconds

Facebook Twitter LinkedIn