Login loops and doesn't enter site

I've been attempting to get Omeka working with 1and1.com hosting. I've had reasonable success and the system is installed. But...

When I try reach the 'admin' page I am bounced to the login page. After I enter my credentials I just get bounced back to the login page without any error messages.

After looking through the code and tinkering a little bit I see that in controllers/UserController.php there is a check for $_POST variables. I added some debugging messages and discovered there are never any POST variables passed into the login function.

Perhaps there's something getting in the way with 1and1 Hosting?

Or is there something else causing the trouble?


I am also having trouble logging in. I am running this on a server on which I have root, and I've made sure that logging is enabled (the log returns nothing).

Logging in kicks the user back to the login screen with no errors and no sign that login was incorrect. I let the application reset the password for the user (this is the initial admin user) twice to make sure I wasn't missing anything, and got the same results.

This is on a server running Fedora Core 6 with PHP 5.2.5 and mysql 5.0.51a.

Anyone have any ideas?

Well... it appears that the problem only appears when the host is serving omeka via ssl. I used a pretty generic vhost configuration that I use for my other ssl-ified web applications, but I get the above behavior only when the web server (apache 2.2.x in this case) is configured to use SSL with the Omeka app. When ssl is not enabled, site login works with apparently no issues.

Simply disabling ssl for the site logins is not an acceptable option per our security policies.

Any ideas?

drcoachchris, are you also on 1and1.com hosting, or did you just reply to this post b/c you were having login problems?

http is hard-coded as a web route in the current version, so the problems you're experiencing when switching to SSL is related to this. You can accommodate SSL in Omeka version 0.9.0 by modifying the paths.php file in the root of your application. Modify line 56 to read https instead of http -- I'll try to put a fix in the next version.

DaveLester, I am not on 1and1.com -- I work at a school, and we have our own network and server hardware. I was replying to this thread because I thought I was having a login problem similar to what awhs was experiencing.

Thanks very much for the tip.... I'll try that out, and look forward to the fix in the next version!

DaveLester, that definitely helps... login now works correctly on the SSL-ified app.

Is there any chance that you'll integrate external authentication sources (like LDAP) any time in the foreseeable future?

We don't have any plans to integrate LDAP at the moment, but that's a good idea for future versions. Ideally, plugins would be able to operate on the login process, which would make it easy to incorporate services like LDAP.

Sorry to reopen this can of worms, but I'm having the same problem on my new installation of version 1.0. (And I actually had the same problem with my .10b installation, but not quite this bad). Basically, anything I do sends me back to the login page. Then, maybe one or two attempts to log in won't work (just loops back) but the third one will - very inconsistent. If it never worked that would be one thing, but why does it let me in sometimes, and then only to see one page at a time before it loops back to the login again?

I'm trying to get a new test site up and running for the playdate on Friday, and I'm just getting frustrated! Thanks for your help.

I finally resolved this with my host a couple of weeks ago - they had to correct my session.save_path, and then the login problem was fixed

@arkirland What did you have to have your host check and modify on your session.save_path? I have been running into the same exact problem all afternoon, and have reinstalled the app twice.