After Upgrade, Can't Login

[miqrogroove]

I completed the schema migration for dev/php8 and got caUtils working. I even attempted a password reset and switching browsers.

Every login attempt forwards back to index.php and the login page again.

If I enter invalid credentials it will give me a "Login was invalid" banner.

When I use correct credentials it just sends me a new cookie and forwards back to the login page.

Possible clue in the app/log files. It shows a successful login immediately followed by a failed login under a different name.

Workaround:

I had to disable Auth Basic in the Apache site for now.

More info:

https://support.collectiveaccess.org/d/301733-providence-htpasswd

I don't know why Providence is reading Auth Basic credentials. This will break all of my sites.

Out of curiosity, I created Auth Basic credentials identical to the CA user. This caused a behavior change where Providence responds with an infinite redirect loop until the browser errors out. Yikes! 😧

[collectiveaccess]

We don't support basic auth. Sorry. If there's time we'll look into this at some point, but it's not a configuration we see used often (or ever to now).

[miqrogroove]

Could be a documentation issue then. Upgrading 1.7 to 2.0 would require disabling any site-level authentication.

[collectiveaccess]

Any support for it in previous versions was coincidental. If it's important to you we'll try to look into it.

[miqrogroove]

I suspect it's a conflict with some kind of vendor code in the new branch... something like a REST library that consumes authentication headers in inappropriate ways. Cloud server packages are known to do that as well. For Providence I can work around this. If I find the same problem in Pawtucket, it will be a major challenge because my archive isn't public and requires password login. I might have to set up a proxy server for the 2.0 branch.

[miqrogroove]

Here's a workaround specific to Apache and PHP-FPM:

https://webmasters.stackexchange.com/questions/145619/