Drupal 7 Access Denied user/1 after correct login

try this
http://drupal.org/node/68286

D7: I had this problem, and I knew it would be simple to fix. And it was, once I wrapped my mind around it.

I'm using ckfinder and I have to define a cookie path. I had defined it locally but not for the new hosted domain. I updated that and boom! I'm in.

Thanks to this simple reminder here: http://nice3z.myfinejob.com/unable-login-drupal-access-denied

The author mentions base_url, but that triggered my recollection of updated paths in my settings file. (Interestingly, this error will not throw an error to the log, since, nothing's wrong, really)

Kyle Skrinak's suggestion solved the problem for me.
Awesome, thank you!!!

I have a fresh install of Drupal 6 on a new machine. I can install a site, but can not make changes or make content. When I look at the database there are no changes. I can change the database from phpmyadmin. Also, tried root db user in settings.php.
PHP 5.5, MySQL 5.3, IIS7, server 2008

The cache on the website, in the performance setting had a hiccup. Since I set the maximum page age to the oldest: one day, I had to wait one day to log in again since my last successful attempt. That did the trick. Nothing drastic necessary.

I may consider shortening the maximum page age to something a little shorter if this happens again.

Suggestion to Drupal Developers: make sure the maximum cache age isn't too long so problems like these have a solution. If it were unlimited or several weeks, it would be a disaster.

This happened to me. After copying a live site to my local environment, I couldn't login with the #1 account with what I knew to be the right password. The login would appear to work, redirecting me to the right page, but showing an access denied error. The solution was to comment out the line in the localhost's version of settings.php that started with $cookie_domain = since it was set to be tied to the domain it was originally on. I also commented out the line starting with $base_url = for good measure.

Our server went down, had to reboot. After reboot, no user could login. Always received "access denied" message.

Solution was to truncate the sessions table.

Login to MySQL or use PHPMyAdmin.
truncate drupal_sessions;"

(or whatever your prefix is)

HTH

Thank you very much! At first I thought I has something to do with my .htaccess file. I once had it to setup the inclusion of 'www' for my domain. I log out to my site not knowing in the end that I will have the difficulty to enter my site! I am entering the correct credentials but it always give the access denied label under /users/myname. The same when I try to request reset password.

Thanks again, your a life saver :)

Tried all of the above (and more, such as OpenID). Nothing works, I can't log in to my dev site. It's a recent upgrade to D7 from a D6 site.

Thanks to donquixote I tried giving some more permissions to the anonymous role. And it works. Like that I have access to the admin part of the site again. Will need something better in the long run so I'll keep this updated. Of course you should only try this at home, never ever do this if your site is accessible to random people on the internet.

I had this problem after copying a site from a live db to a local one.

I found running the update.php file solved the problem for me. No updates were done, but after running, my site started working again.

I'm running into this same problem now. This is the first time I've tried accessing my admin account (user/1) from a different computer and I get access denied every time I try to log in. The only way I can successfully log in is if I reset my password every time. I can log in no problem with other accounts.

I've cleared my browser's cookies, I've cleared all caches, I've even manually set a password through MySQL. Nothing seems to be working. I'm currently trying to login while I'm on vacation in the U.S. when I originally created the account in Vancouver, Canada. I can't imagine that it would have an issue with attempting to log in from a different region.

Once I login after a password reset, I change the password, save everything, and then I log out, attempt to log back in and it fails. This is all happening on a live site, not a local installation. I've never encountered this problem before, so I can only assume it's a problem with logging in from a different machine and in a different region. Anyone have any other solutions to this issue?

Merci pour la réponse. j'avais le même problème et en suivant votre solution sa fonctionné.

similar problem, on several pages access denied for user no. 1. went to admin/people/permissions checked all permissions for administrator (create content, delete content, etc. were unchecked), saved permissions and all admin links reappeard on head of page (administration_menu).

regards from vienna forest
karl

Repairing a broken sessions table fixed this problem for me.

Taken from this post :
http://drupal.org/node/1023428

Execute the following commands from the command line, in the Drupal root directory:

./scripts/password-hash.sh newpwd

or for Windows:

php .\scripts\password-hash.sh newpwd

Of course, change "newpwd" to the desired password. If the password contains special characters such as a space, * or ? you must escape them, or wrap the password in quotes appropriate for the shell used.

The script will output a password hash that is valid for the site. Copy this to the clipboard or write it down somewhere; you'll need it for the next step. Be careful not to include more or less characters as the hash. These hashes look somewhat like $S$CTo9G7Lx28rzCfpn4WB2hUlknDKv6QTqHaf82WLbhPT2K5TzKzML

Then execute the following query on the Drupal database:

UPDATE users SET pass ='thepasswordhash' WHERE uid = 1;

To execute this query it will be necessary to login to the database. This is typically done through the command line or through a GUI interface such as phpMyAdmin.

This issue was stumping me for an hour or so today. Turned out the cookie domain was being defined in the settings.php file, so while login authenticated successfully, cookies being set were set for the wrong domain so access would always be denied.

I was certainly scratching my head for a while there as to why password resetting wasn't working either via the UI or with drush.

I was having the same problem so stupidly I went into my phpmyAdmin and tried to make a new user with the same privelages, and after that didn't work i clicked "no password" and now when i go to the page to log in i find a message saying

"PDOException: SQLSTATE[28000] [1045] Access denied for user 'Drupal New'@'localhost' (using password: YES) in db_table_exists() (line 2761 of /Applications/MAMP/htdocs/Drupal New/includes/database/database.inc)."

What do I do??? Please someone help me.

I have changed the default front page via dashboard -> Configuration -> System -> Site information
and now i can no longer access the login page.
At first, the default front page field contained mysite/node. This works fine and is what i need, but i changed it to mysite/user/login. The reason for this change was because no matter if a person is logged in or out www.mysite.com does not redirect them to the login page. So, being new to drupal, I decided if I set the default front page to mysite/user/login then they would be forced to see the login page.
The problem I am now facing is that i cannot log in to the site to make any changes.

I have tried several different url paths such as:
mysite/user
mysite/user/login
I have also tried the unclean url versions. If i try mysite/admin I get an access denied message.

So my question is, where is the change i made stored in drupal 7's database? I would like to just edit the field that stores this change back to what it was to "unbreak" the site.

I was having this trouble also. After reading through a lot of the comments and attempting various fixes with no success, I decided to try something and it seems to have resolved the issue. Not exactly sure why, maybe someone else will have that insight...

All I did was change the password in settings.php to something invalid, causing the site would crash.
Then I changed it back to the correct password again.
Refresh and use password recovery.
Success, the link from the recovery email successfully brought me to my edit user page.

Drupal 7.22

**** Update ***
Issue is randomly back, and my previous fix has proven to be a coincidence I guess.

*** Update ***
Alright so the following finally worked for me.
As Noted in settings.php "Make sure to always start the $cookie_domain with a leading dot, as per RFC 2109."

$cookie_domain = '.MySubDom.MyDom.com';
$conf['https'] = FALSE;

Specifying the $cookie_domain in any other way was not working for me.
Hopefully this fix sticks.

*** Another Update ***
Issue still exists in Safari, only Safari... Any Ideas?

One way to quickly reset your password if you have drush is to run the following command:

drush @site-alias ev "require_once DRUPAL_ROOT . '/includes/password.inc'; print user_hash_password('newpassword') . \"\r\n\";"

(Where @site-alias is a drush site alias, and newpassword is the new password you want to use).

Then take the output that you get, and insert it as the new 'pass' value for your user account (in this case, user 1) in the users table. You can do this via drush as well:

drush @site-alias sqlq "UPDATE users SET pass = outputfromearlier WHERE uid = 1;"

(Where outputfromearlier is the output of the earlier drush command).

I had a similar trouble.
The trouble was in call "drupal_settings_initialize" in a template file :)
P/S do not call this function manualy !!!

Well, I had the same issue, and after a couple days trying to fix it... finally I found that the problem is not cache , cookies or domain_cookie.... the problem i found in my case is the PHP version at the hosting. please be sure the version is 5.3 not 5.4///
so is really annoying issue, simple to fix it... but not easy to find it... all the post about it, did not mention something about PHP version... so hopefully this solve your problem..

Before you do anything complicated - just clear the cookies for the website!

Something like this makes it easy:

http://www.editthiscookie.com/

strangely this resolved for me by setting temp path - drush vset file_temporary_path 'someexistingpath'

Within 60 drupal sites that we did, for just one of them we had to officially set $cookie_domain in settings.php.

For other 59 sites, this setting wasnt necessary unless we wanted to share cookies across domain and subdomains.

So if you have problems logging in, you can try setting your $cookie_domain.

The problem occured for us at Rackspace Cloud Sites hosting.

I faced the same issue in my fresh install of drupal7 on localhost. What I did is just un-commented the line
#$cookie_domain = '.example.com';
to
$cookie_domain = 'localhost';

It solved this issue.

i have the same problem, ich changed the chmod of the update.php file to 777 and that worked fine

I have face same problem on chrome, I have clear all the cache of browser from beginning and problem is solved.

I just run "sudo a2enmod rewrite". It work for me.

You may want to try the drush uli command.

I had the same issue and i solve it by:
1- Base url if it's on your local env "can solve the issue of login access denied + ajax issues"
2- Drush cc all (would show you if there is a problem with a module especially with your rebuild registry) "mine was the feature module trying to rebuild old feature"
**- Try to take off the $cookies_domain on your local env because it's holding your right results to show up and keep showing what's wrong instead

hope this help because it helped me to solve mine