Login authentication failed loop (HTML backend)

[helenvarley]

two workshop participants had the login authentication failure loop after trying to log in & making mistakes in the password or username. i think they were both using firefox on mac. they tried clearing the cache, restarting the browser, restarting the computer. in the end one used a different browser, & for another one, i changed her password, checked that it worked on my computer, & then suddenly she found she was already logged in on her computer when she went back to the home page to try to log in again (this was quite strange!).

[foobarlab]

In general clearing the session information (cached cookies and authentication) should have fixed this issue. For some unknown reason the session is not recognized during login. Maybe this is related especially to the infrastructure where this bug appeared as it uses a reverse-proxy technique to put off load from upstage itself and being able to deliver media files faster.

It would be useful to have exact information how to repeatedly reproduce this issue, otherwise it will put in a "invalid" or "wontfix" state.

[helenvarley]

i just tried, using firefox on mac, putting in the wrong password (3 times) & the wrong username (once) - & never got stuck in the loop. could it have been something to do with the network in graz? (but only 2 people got stuck in the loop, & i think at least ale also once had a problem with the wrong password when logging in & did not get the loop).

[foobarlab]

AFAIK clearing the browser cache fixed the problem.

[foobarlab]

I will examine the way cookies are handled by the reverse-proxy cache. I highly think therefore it is not related to programming but setting up and installing UpStage.

[helenvarley]

they did try clearing the browser cache, that was the first thing i suggested; then restarting the browser, then restarting the computer. dani ended up using a different browser (safari) & what fixed it for bernadette was very strange: i logged in as bernadette from my laptop, in order to make sure that the log in & password was working. then i logged out, she reopened her browser & went to go to the log-in page, & discovered that she was already logged in ...

[foobarlab]

obviously it is not sufficient to clear the browser cache only partly. some browsers like firefox offer an option to clear the entire cache (and not only the "last hour"). it worked when i did an entire clearing of the browser cache on ale's machine.

[helenvarley]

i am not sure what kind of clearing they did. i guess we wait until it happens again & then try the full clearing.

[foobarlab]

Obviously at least ale did not - it was me clearing the entire cache and it worked as i said. Clearing the cache has to include cookies and authentication cache data.

[foobarlab]

This issue is not related to programming therefore it is closed. The only current related issue could be #50 and prior to investigating more time into this issue ticket #50 should be solved beforehand.

[helenvarley]

could we write into the authentication failed text an instruction to clear the browser cache if having problems logging in? :) (i don't think i can do that from the edit pages)

[foobarlab]

Clearing the browser cache does not solve the problem in general. It was a special case related to the installation using a reverse-proxy where this method had specifically a positive effect. So any instructions rather should go to an installation manual than directly into the login failed page. It may not solve any login problems automatically. The authentication is anyway broken and handled by #50 and #41. Also #82 could be a cause for such a loop. In general the woven.guard authentication is outdated (see #74). As long as this specific ticket is not a reproducable bug and does not happen again it remains in a closed state and no further action is taken.

[foobarlab]

Please create a new ticket for new issues, e.g. "Changing login failure text" or similiar if you insist on adding more text to the login failed page. This ticket was about the issue with the login loop, which is not the same. For clarity we have to separate the concerns quite strictly. Thanks!

[helenvarley]

ok, as you suggest it is probably something that should be flagged in an installation manual ...

[foobarlab]

Even when mentioned in an installation manual it is rather a very rare case having a reverse-proxy installed...