I'm running into an issue where clients often have to log in twice in order to fully navigate a fully protected website. This seems to only happen with the Azure production environment. The issue does not present when developing locally or on a standalone Windows server.
The general flow when the issue presents is a user logs in and lands on the Home page then upon trying to navigate to any other page they're redirected to the login page again. After the second login the issue is no longer present and the site can be navigated normally.
This is a hit or miss issue across all users. For example, I could visit the site, login and immediately start navigating all pages of the site, however, I could test again shortly after and have to login twice.
My best guess is it's something specific with Azure that's perhaps not documented along with the other Umbraco configuration on Azure.
Any help or thoughts or past experience with this issue would be immensely appreciated.
Your suggestions led me to a solution for this issue by digging in to the domain cookies a bit more.
As is often the case, the issue ended up being quite simple to resolve. If a user came in to the site via the non-www root domain and logged in then those cookies would have a domain of site.com, however, the links throughout the site use the www.site.com root domain which creates cookies with the www.site.com domain.
Members Have to Login Twice
Hello All,
I'm running into an issue where clients often have to log in twice in order to fully navigate a fully protected website. This seems to only happen with the Azure production environment. The issue does not present when developing locally or on a standalone Windows server.
The general flow when the issue presents is a user logs in and lands on the Home page then upon trying to navigate to any other page they're redirected to the login page again. After the second login the issue is no longer present and the site can be navigated normally.
This is a hit or miss issue across all users. For example, I could visit the site, login and immediately start navigating all pages of the site, however, I could test again shortly after and have to login twice.
My best guess is it's something specific with Azure that's perhaps not documented along with the other Umbraco configuration on Azure.
Any help or thoughts or past experience with this issue would be immensely appreciated.
--Brian
Just bumping this to see if anyone's had this issue too.
It's rather pressing that this gets resolved and I'm out of ideas.
Thanks!
One last bump. Any help is appreciated.
Is the production site on Azure load-balanced?
If so, the issue could potentially be related to the affinity cookie not being set: https://learn.microsoft.com/en-us/azure/application-gateway/configuration-http-settings#cookie-based-affinity
If not, is there anything in the Umbraco logs? Also, when you encounter a false login, does the member auth cookie get set in the browser?
Thank you for your thoughts on this, Owain.
Your suggestions led me to a solution for this issue by digging in to the domain cookies a bit more.
As is often the case, the issue ended up being quite simple to resolve. If a user came in to the site via the non-www root domain and logged in then those cookies would have a domain of site.com, however, the links throughout the site use the www.site.com root domain which creates cookies with the www.site.com domain.
Simple fix, add a www -> non-www redirect since that's the preferred domain; https://site.com and not https://www.site.com.
I greatly appreciate your thinking on this as it ultimately led me to the root issue and a proper fix.
Take care!
--Brian
is working on a reply...