Closed (fixed)
Project:
Nodeaccess
Version:
7.x-1.x-dev
Component:
User interface
Priority:
Major
Category:
Bug report
Assigned:
Unassigned
Reporter:
Created:
1 Feb 2012 at 23:50 UTC
Updated:
25 May 2013 at 23:51 UTC
I have a problem that I can see in my logs.
A user will log in successfully and then click a link to a page which will then display the access denied and ask them to log in again. If the user then logs in they will be able to see this page so I know it's not a permission issue.
Any ideas why the user has to log in twice?
Thanks
Comments
Comment #1
vlad.pavlovic commentedI am not able to reproduce this issue, can you give me a little more information? Do you have any other modules that may be conflicting with Nodeaccess? What version of Drupal are you running currently?
Comment #2
sphankin commentedHi,
I worked out why it was happening - I think it might be a bug but I'm not sure.
Say for example I have a secure page: www.website.com/securepage.
When I create an link to that page once a user is already logged in, and use the whole address (http://www.website.com/securepage) the user is logged out and is asked to log back in.
If I create an link to that page but only use part of the address (/securepage) the user will remain logged in and be diverted to the page.
I'm running a range of different modules on Drupal version 7.20.
I'm happy getting around it but wondered whether it was a bug? If you can't reproduce it - it might just be me so feel free to close the issue.
Comment #3
vlad.pavlovic commentedHmmm, I wonder if it's a cookie domain setting issue. Do you have any additional rewrite rules in apache that add or remove the www from your address?
Comment #4
sphankin commentedHi, you're right! I do use a rewrite rules to remove www from the web address. Do you reckon that might be why?
Comment #5
vlad.pavlovic commentedI believe that it is. When you link to http://www.website.com/securepage the domain changes which invalidates the cookie when you are taken back to http://website.com/securepage.
Let me know if changing the cookie domain and/or your rewrite rule fixes your issue (just so I can close the issue here).
Thanks,
Vlad
Comment #6
vlad.pavlovic commentedIf this is still an issue and you believe that it's caused by nodeaccess please reopen the issue.