Login issue with WP3.0.1 on Windows XP

  • Hello everyone! I’m the administrator of a WP-based school district site that just upgraded from WPMU 2.9.1.1 to WP 3.0.1 last week. The upgrade went pretty smoothly, but now we’re getting reports from some users having difficulty logging in. They enter their username and password correctly, but when they click “Log In”, it just brings them back to wp-login.php, without an error. It happens in both IE8 and Firefox in Windows XP, and I suspect that it happens on machines that have had some sort of spyware infestation before.

    To complicate matters slightly, we use the Simple LDAP plugin, and I’ve modified the wp-login.php file slightly so that the form action points to /wp-login.php. This makes it possible to keep all the users in the main blog’s user table so the LDAP plugin will work from there without having to replicate the users table to every blog. Either way, it worked with WPMU 2.9.1.1.

    Here’s some stuff I’ve figured out from testing so far:

    1. On the machines that can’t log in, no accounts work, including the local admin account and others that are known good.
    2. The users who can’t log in on the “bad” computers can successfully log in on “good” computers in both IE8 and FF.
    3. Deactivating plugins has no effect – it’s still not possible to log in on “bad” computers, even under ‘admin’.
    4. Clearing the cookies and cache has no effect.
    5. Adding our domain to the Trusted Sites and decreasing the security parameters has no effect.
    6. Users can log in to other sites that require cookies (webmail, etc.) on the “bad” computers.
    7. Upgrading to the latest versions of IE8 and FF has no effect.

    Here’s a log snippet of a user trying to log in to our ‘sms’ blog:

    10.16.26.38 - - [20/Aug/2010:10:26:31 -0400] "POST /wp-login.php HTTP/1.1" 302 128 "https://www.kentschools.net/sms/wp-login.php" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6; .NET CLR 1.1.4322; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 2.0.50727; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
10.16.26.38 - - [20/Aug/2010:10:26:31 -0400] "GET /sms/wp-admin/ HTTP/1.1" 302 - "https://www.kentschools.net/sms/wp-login.php" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6; .NET CLR 1.1.4322; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 2.0.50727; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
10.16.26.38 - - [20/Aug/2010:10:26:32 -0400] "GET /sms/wp-login.php?redirect_to=http%3A%2F%2Fwww.kentschools.net%2Fsms%2Fwp-admin%2F&reauth=1 HTTP/1.1" 200 2196 "https://www.kentschools.net/sms/wp-login.php" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6; .NET CLR 1.1.4322; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 2.0.50727; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"

    While we can wipe and reinstall Windows XP on the “bad” PCs in our district, we can’t do that with home computers that belong to teachers and staff who want to login from home. Here’s what I was hoping someone here could help me with:
    – walk back whatever changes were put into the WP3 login process so that it acts more like WP2.9, or:
    – recommend a free Windows program that will clean up and restore the Internet settings on a “bad” computer so that it can access our site.

    Thanks in advance!

Viewing 1 replies (of 1 total)
  • Thread Starter chriscarman

    (@chriscarman)

    New information: I tried replacing the 3.0.1 wp-login.php file with the 2.9.1.1-mu wp-login.php file, and while “good” computers can still log in, “bad” computers cannot. This suggests to me that there’s something going on with the way the cookie is set in 3.0.1. Anyone know how WP 3 sets the login cookie(s) vs. how it was done in 2.9? Thanks!

Viewing 1 replies (of 1 total)
  • The topic ‘Login issue with WP3.0.1 on Windows XP’ is closed to new replies.