I am having af problem on some of our Umbraco 4 solutions. Suddently I can't login to the backend, if I use Chrome og IE (8). There is no problems with Firefox. I don't get an error, I just get redirected to "umbraco/login.aspx?redir=/umbraco/umbraco.aspx"
I am sure I use the correct username/password. If I try using a incorrect username/password, I do get the "wrong user/pass" indication from Umbraco.
Even stranger is that an old Umbraco 3 solution we have, also makes the same error. I haven't changed any thing in that solution for months, but tried to login yesterday (via Chrome) and got the same error. I normally use Chrome.
The error doesn't happen on all of our solutions tough. It seems kind of random :S
Any ideas? (No.. just switching to FF won't be enough o_O )
I have experienced the exact same thing you describe - but have not found any pattern in what triggers it either. I have also experienced it in a wide variety of Umbraco versions. So it must be fairly common, although it happens rarely enough to not be a.
Weird thing is that atm. I am able to login to Umbraco, trough chrome. Earlier today I couldn't. And it's not because I have changed PC. Yesterday I couldn't login at this PC either.
If it's any help, the problem is on Win XP, Vista and Win 7. And I have tried the previous version of Chrome and also the new version of Chrome. It still seems pretty random when the error occurres. Earlier today I managed to login to the website, but Umbraco failed to load any content, and when I tried loggin in again, the error occurred.
I had the same problem and found that deleting my cookies and restarting the browser solved the issue. It looks like an error related to the timeout mechanism in umbraco.BasePages.BasePage.validateUser() that causes a redirect to logout.aspx, which then redirects back to login.aspx, leaving the user without any clue...
Alternatively, check the table umbracoUserLogin. There is a timeout value (ticks) specified for the contextid named as value in the UserContext cookie which must have a value higher than the webserver's current time (ticks).
The solution Bart van der Werf posted did do the trick for some time, but the error is happening again. Even tough I delete the cookies again, the error returns every time I try to login.Can it be a problem associated with the server time, or something like that?
I got this info from our server host:
windows 2008, 64bit, IIs7, Danish locale,
Timezone CET/copenhagen and the server uses NNTP.
I have noticed that the problem doesn't occure on a similar website, which is hosted on another server. Actually the website which the problem is occuring on, is a copy of the website on the older server (which is working fine).
I had the same issue these couple days. I fixed it by go to the physical files of cookies (in IE, under general tab in internet option, select settings under browsing history section. Once the pop up window came up, select view files). I just delete the cookie of the website and anything with the website url in the internet address column. Hope this help!
I have this same issue on 4 recently created sites. Odd thing is that they are identical (in so far as I can tell) as many others we have.
Problem Description: Login with IE 7, 8 or 9 fails. Backend login in FF, Opera, Chrome all works fine. In reviewing the base code (v4.0.2.1) I can verify that "doLogin" is being completed and the log files show that a valid login did actually occur. umbracoUserLogins table gets a new row as per BasePage.doLogin(). I use a rebranded umbraco.aspx and umbracoPath so I naturally assumed that may be part of the issue. Nope. It does the same thing with the standard umbraco.aspx.
Things I have tried:
Clearing/deleting cookies (no change) Deleting all rows in umbracoUserLogins table (no change) Check server vs. client times (mine are on same network and exactly match to the second) Recycled everything in "site" Removed all markup from the umbraco.aspx page
This has been going on for a bit so any thoughts, ideas or hacks would be appreciated.
UPDATE: I am now running the same exact site on a new web server (and new domain name) and the same exact thing happens (IE #fail, FF #success). It has to be something in the database (same SQL server db) that only affects IE. I know!...that is counter-intuitive but the new site was never hit before and failed the first time into new domain on new server with same exact DB in place.
> No javascript errors. No umbracoLog table errors, in fact says login happened validly. No EventLog errors. Even after apppool recycle and clearing umbracoUserLogins table....#fail.
> I've cleared cookies, the running process (session state) and the database. What else might be involved???
UPDATE2: Here is what I found...totally not an Umbraco issue.
Apparently, RFC 592 says that we are not allowed to use underscores (_) in host names (what IIS calls host headers, not the same as domain name rules). In this case, our WMI scripting allowed us to create a site and slap a host header on it that contained an underscore. BTW, this is something you canNOT do manually in the IIS admin. This is where the issue began.
RFC 592 states 1. A "name" (Net, Host, Gateway, or Domain name) is a text string up to 24 characters drawn from the alphabet (A-Z), digits (0-9), minus sign (-), and period (.). Note that periods are only allowed when they serve to delimit components of "domain style names".
Bottom Line: Apparently IE expects standards to be obeyed (imagine that) and does not allow this invalid host name to be written into a cookie (Cookie: jhildeman@sparta_www.mytestsite.com). Thus, Umbraco says we successfully logged in (according to the umbracoLog table and the umbracoUserLogins table) but because the cookie never got dropped (even when I put it in allowed sites and lowered my security). Result: we get bounced right back to the login page as if nothing happened (but ONLY IN IE).
Yes, it's hard to believe, but if you change the name of host from "sparta_www.mytestsite.com" to "spartawww.mytestsite.com" then everything is fine.
Apparently, I need to read more RFC's before going to sleep each night...
Chrome and IE login bug
Hi
I am having af problem on some of our Umbraco 4 solutions. Suddently I can't login to the backend, if I use Chrome og IE (8). There is no problems with Firefox. I don't get an error, I just get redirected to "umbraco/login.aspx?redir=/umbraco/umbraco.aspx"
I am sure I use the correct username/password. If I try using a incorrect username/password, I do get the "wrong user/pass" indication from Umbraco.
Even stranger is that an old Umbraco 3 solution we have, also makes the same error. I haven't changed any thing in that solution for months, but tried to login yesterday (via Chrome) and got the same error. I normally use Chrome.
The error doesn't happen on all of our solutions tough. It seems kind of random :S
Any ideas? (No.. just switching to FF won't be enough o_O )
I have experienced the exact same thing you describe - but have not found any pattern in what triggers it either. I have also experienced it in a wide variety of Umbraco versions. So it must be fairly common, although it happens rarely enough to not be a.
I've experienced it more and more the last month or so.
what happens if go directly to yoursite.com/umbraco/umbraco.aspx does it allow you to login?
no the error happens if I use either methode.
yoursite.com/umbraco/umbraco.aspx or yoursite.com/umbraco
The login form is like this by default:
<form method="post" action="/umbraco/login.aspx?redir=%2fumbraco%2fumbraco.aspx" id="aspnetForm">
I am having the exact same problem on two of my sites
Weird thing is that atm. I am able to login to Umbraco, trough chrome. Earlier today I couldn't. And it's not because I have changed PC. Yesterday I couldn't login at this PC either.
If it's any help, the problem is on Win XP, Vista and Win 7. And I have tried the previous version of Chrome and also the new version of Chrome. It still seems pretty random when the error occurres. Earlier today I managed to login to the website, but Umbraco failed to load any content, and when I tried loggin in again, the error occurred.
I had the same problem and found that deleting my cookies and restarting the browser solved the issue. It looks like an error related to the timeout mechanism in umbraco.BasePages.BasePage.validateUser() that causes a redirect to logout.aspx, which then redirects back to login.aspx, leaving the user without any clue...
Alternatively, check the table umbracoUserLogin. There is a timeout value (ticks) specified for the contextid named as value in the UserContext cookie which must have a value higher than the webserver's current time (ticks).
That solved the problem! Thanks :)
Thanks Bart van der Werf, deleting my cookies solved the problem for me.
Hi again
The solution Bart van der Werf posted did do the trick for some time, but the error is happening again. Even tough I delete the cookies again, the error returns every time I try to login. Can it be a problem associated with the server time, or something like that?
I got this info from our server host:
windows 2008, 64bit, IIs7, Danish locale, Timezone CET/copenhagen and the server uses NNTP.
I have noticed that the problem doesn't occure on a similar website, which is hosted on another server. Actually the website which the problem is occuring on, is a copy of the website on the older server (which is working fine).
Any ideas?
I had the same issue these couple days. I fixed it by go to the physical files of cookies (in IE, under general tab in internet option, select settings under browsing history section. Once the pop up window came up, select view files). I just delete the cookie of the website and anything with the website url in the internet address column. Hope this help!
Kevin
I had the same problem and in my case the server time was set 24 hours wrong. Fixing the server time fixed the login problem.
I have this same issue on 4 recently created sites. Odd thing is that they are identical (in so far as I can tell) as many others we have.
Problem Description: Login with IE 7, 8 or 9 fails. Backend login in FF, Opera, Chrome all works fine. In reviewing the base code (v4.0.2.1) I can verify that "doLogin" is being completed and the log files show that a valid login did actually occur. umbracoUserLogins table gets a new row as per BasePage.doLogin(). I use a rebranded umbraco.aspx and umbracoPath so I naturally assumed that may be part of the issue. Nope. It does the same thing with the standard umbraco.aspx.
Things I have tried:
This has been going on for a bit so any thoughts, ideas or hacks would be appreciated.
UPDATE: I am now running the same exact site on a new web server (and new domain name) and the same exact thing happens (IE #fail, FF #success). It has to be something in the database (same SQL server db) that only affects IE. I know!...that is counter-intuitive but the new site was never hit before and failed the first time into new domain on new server with same exact DB in place.
> No javascript errors. No umbracoLog table errors, in fact says login happened validly. No EventLog errors. Even after apppool recycle and clearing umbracoUserLogins table....#fail.
> I've cleared cookies, the running process (session state) and the database. What else might be involved???
UPDATE2: Here is what I found...totally not an Umbraco issue.
Apparently, RFC 592 says that we are not allowed to use underscores (_) in host names (what IIS calls host headers, not the same as domain name rules). In this case, our WMI scripting allowed us to create a site and slap a host header on it that contained an underscore. BTW, this is something you canNOT do manually in the IIS admin. This is where the issue began.
RFC 592 states 1. A "name" (Net, Host, Gateway, or Domain name) is a text string up to 24 characters drawn from the alphabet (A-Z), digits (0-9), minus sign (-), and period (.). Note that periods are only allowed when they serve to delimit components of "domain style names".
Bottom Line: Apparently IE expects standards to be obeyed (imagine that) and does not allow this invalid host name to be written into a cookie (Cookie: jhildeman@sparta_www.mytestsite.com). Thus, Umbraco says we successfully logged in (according to the umbracoLog table and the umbracoUserLogins table) but because the cookie never got dropped (even when I put it in allowed sites and lowered my security). Result: we get bounced right back to the login page as if nothing happened (but ONLY IN IE).
Yes, it's hard to believe, but if you change the name of host from "sparta_www.mytestsite.com" to "spartawww.mytestsite.com" then everything is fine.
Apparently, I need to read more RFC's before going to sleep each night...
You probably meant RFC 952.
Ahh, you would be correct. Thanks for the correction.
is working on a reply...