By codemann on

For a customer I moved his drupal from one server to another, and now he can't seem to login anymore.

When he tries to login he gets : Access denied, You are not authorized to access this page.

We tried requesting the password again, and when we click on the link provided in the email after that we get logged in, but after logging out again we are again unable to login.

Anyone has an idea what I should check? I've been over the configuration several times, I can't seem to figure out what is wrong.

Categories: Drupal 5.x

Comments

jbrauer’s picture

jbrauer commented

It would help to know more about your setup and the setup you moved from. Was the databse moved or are you accessing the same database?

It sounds like a problem that happens when $base_url or the cookie_domain isn't right.

You can look at the watchdog table directly and will likely see that "Anonymous" is trying to access the user information as well as a bunch of user logged in but then they're not logged in. It's also worth looking at your PHPSESSIONID on your browser and follow it through the sessions table.

-----------------------------------------
Blog: Adding Understanding
Web Services: Brauer Ranch

--

codemann’s picture

codemann
Primary language Dutch
commented

It happened a while ago, and the customer just noticed it. So I'm not sure if the database also moved, but the website moved from linux (apache) to windows (iis).

I checked the config file for $base_url, it was commented (#), so I enabled it, but that didn't change anything.
In the watchdog table I see the message "session opened for myuser", and I get a access denied type immediately after that.

jbrauer’s picture

jbrauer commented

You might look for something like this in your settings.php:

/**
 * We try to set the correct cookie domain. If you are experiencing problems
 * try commenting out the code below or specifying the cookie domain by hand.
 */
if (isset($_SERVER['HTTP_HOST'])) {
  $domain = '.'. preg_replace('`^www.`', '', $_SERVER['HTTP_HOST']);
  // Per RFC 2109, cookie domains must contain at least one dot other than the
  // first. For hosts such as 'localhost', we don't set a cookie domain.
  if (count(explode('.', $domain)) > 2) {
    ini_set('session.cookie_domain', $domain);
  }
}

The quick way to see if this is the trouble area is to comment this and add a line like the following to your settings.php... at least on Apache... I'm not familiar with how IIS deals with this.

    ini_set('session.cookie_domain', 'example.com');

-----------------------------------------
Blog: Adding Understanding
Web Services: Brauer Ranch

--

codemann’s picture

codemann
Primary language Dutch
commented

Yeah I've been searching and reading throughout the forum yesterday evening and I tried that, but it doesn't change a thing.
What can this be...

xamount’s picture

xamount
Primary language English
commented

I just wanted to say this fixed my problem.

I transferred a site from one server to another server. Both servers are the same except one site is accessed by a domain name and one site is access by an IP address in the URL bar.

I wish I had come across your post sooner, it would have saved me many hours of work!

Chris Horn’s picture

Chris Horn commented

I had a $cookie_domain set and setting to the new domain and after migration fixed the problem for me. Thanks for the tips above.

grahamgilchrist’s picture

grahamgilchrist commented

Any luck with this? I have just had the exact same problem and can't figure it out. Did mysql dump from old database to new database. Checked in phpmyadmin and it all seems ok. Copied exact same set of files to new server.

Checked file permissions.
Wiped session table.
Checked rewrite rules are correct.
Tried other suggestions in this thread.

Nothing seems to work.
The watchdog table says the user tried to login but every time an "Access denied. You are not authorized to access this page" message appears.

*update 15/10/07*
I put more detail in a new post here: http://drupal.org/node/192151
It seems my problem is to do with the incorrect PHP session state being returned

Kobus’s picture

Kobus commented

My problem is not exactly the same as the rest, but has the same symptoms - unable to log in.

What I don't understand, is that the login form displays an error message that the username is unknown, even though that information is in the database, and also, that the password is correct. I can also not use the forgot password functionality.

I am stumped.

-- Kobus