Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By onetoomany on
Each time I log into my website, I receive an "Access Denied, you are not authorized to view this page" error. I then log in again with exactly the same credentials, and am authorised.
When I look in the logs, I get "Session opened for user.name" for both attempts.
In the drupal.sessions table, I have two entries:
- First entry has SID populated
- Second entry has SID and SSID populated with the same value
I am running on HTTPS and am using the Secure Pages (with the intent that every page is HTTPS).
Cookie domain is ".mywebsite.com"
Same behaviour on IE and Chrome.
Comments
This looks like a secure
This looks like a secure pages bug. You could look around the issue queue. Maybe this one is relevant https://www.drupal.org/node/1545970. Unfortunately the module has no stable release and no recent release, so you are probably going to have to patch it.
OK. I cannot imagine why anyone would want to do that, rather than simply setting up an https virtual host and redirecting all traffic to it. but surely you have your reasons.
Digit Professionals specialising in Drupal, WordPress & CiviCRM support for publishers in non-profit and related sectors