Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Upgrading SilverStripe /

Ask questions about upgrading SilverStripe to the latest version.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

SOLVED - BUT SEO PROBLEM - Random: "Passed invalid authentication method" at login


Reply


8 Posts   2789 Views

Avatar
Double-A-Ron

Community Member, 604 Posts

3 September 2009 at 10:31am

Edited: 03/09/2009 12:10pm

OK, so this 2.3.2 site has been live and working for months. Not even touched. But all of a sudden it decides to throw this error up:

[User Error] Passed invalid authentication method
GET /Security/LoginForm/

Line 215 in /home/skitravl/public_html/sapphire/security/Security.php
Source

206       if(isset($this->requestParams['AuthenticationMethod'])) {
207          $authenticator = trim($_REQUEST['AuthenticationMethod']);
208
209          $authenticators = Authenticator::get_authenticators();
210          if(in_array($authenticator, $authenticators)) {
211             return call_user_func(array($authenticator, 'get_login_form'), $this);
212          }
213       }
214
215       user_error('Passed invalid authentication method', E_USER_ERROR);
216    }
217
218
219 /**
220     * Get the login forms for all available authentication methods
221     *

Trace

* Passed invalid authentication method
Line 215 of Security.php
* Security->LoginForm(HTTPRequest)
Line 162 of Controller.php
* Controller->handleAction(HTTPRequest)
Line 129 of RequestHandler.php
* RequestHandler->handleRequest(HTTPRequest)
Line 122 of Controller.php
* Controller->handleRequest(HTTPRequest)
Line 277 of Director.php
* Director::handleRequest(HTTPRequest,Session)
Line 121 of Director.php
* Director::direct(/Security/LoginForm/)
Line 118 of main.php

I see a few posts on this, done a dev/build and flush. Nada.

Any ideas?

Cheers
Aaron

Avatar
Double-A-Ron

Community Member, 604 Posts

3 September 2009 at 10:54am

Further to this, I have gone into /sapphire/security/MemberLoginForm.php and outputed $_POST on line 206. The array is empty so for some very strange reason, the site has suddenly decided to stop sending the vars from the login form.

Avatar
baba-papa

Community Member, 279 Posts

3 September 2009 at 11:04am

Hello Aaron,

if you haven´t changed any of your project files I would suggest a server error. Did you or your host change the apache configuration?

Avatar
Double-A-Ron

Community Member, 604 Posts

3 September 2009 at 11:32am

Yes, we have changed servers, but it has been working fine on this box for 2 weeks without this error.

We also have another dozen SS sites, some of which are also 2.3.2, on the same box that don't have a problem with login.

The other forms on this particular site (based on userforms) are not posting either. Even with all required fields entered, they always come back with errors, and empty fields.

I have created a new PHP only form and plonked it in the docroot and tested it. Works fine.

I seriously doubt the issue is with the server in that case.

Cheers
Aaron

Avatar
Double-A-Ron

Community Member, 604 Posts

3 September 2009 at 12:10pm

Found the problem:

We were worried about SEO with SS over any page working with or without the trailing slash.

e.g. www.domain.co.nz/mypage and www.domain.co.nz/mypage/ both worked. We would also get a ton of "Page not found" errors in our logs for Silverstripe sites becuase of this. Any url without the trailing slash would throw an error, despite nothing wrong happening on the site. (This is the same for all our silverstripe sites). Once we enforced trailing slashes, these errors went away.

So we used this snippet in this site's .htaccess file to enforce the trailing slash.

#-- Redirect root to /home to avoid duplicate content --#
#-- REPLACE 'domain' WITH CLIENT DOMAIN NAME --#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !(\.[a-zA-Z0-9]{1,5}|/)$
RewriteRule (.*)$ http://www.domain.co.nz/$1/ [R=301,L]

Having a look at the form sources, the actions always omit the trailing slash, and I guess this rewrite was messing with the form posting. After commenting out the above lines, all is well again.

Still, there seems to be an SEO deficiency in Silverstripe that can't really be worked around due to the architecture.

Cheers
Aaron

Avatar
Arun

Community Member, 8 Posts

28 July 2010 at 5:28pm

Hi Aaron,

I have a problem, That is, to add the trailing slash to the url for avoiding the duplicate url. And i have given the code that you have given in the above thread. But i am facing a big problem while login in to the Admin section.

That is, once i have given the username an password, it will redirected in to http://www.mydomain.com/Security/LoginForm/ and showing the "Website Error" page.

Below showing then exact .htaccess file content that i have used. Please have a look at the below .htaccess file content. And also i have put your code in between the content you can find that also.

How can we solve the admin login issue(that was a big problem for me to solve). Any help would be Much Appreciated.

Thanks and Regards,
Arun.

<Files *.ss>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Files>

<IfModule mod_rewrite.c>
RewriteEngine On

ErrorDocument 404 /page-not-found
RewriteBase /
RewriteRule ^rss/category rss/write.xml
RewriteCond %{REQUEST_URI} !(\.gif)|(\.jpg)|(\.png)|(\.css)|(\.js)|(\.php)$

RewriteCond %{http_host} ^mydomain.com
RewriteRule ^(.*) http://www.mydomain.com/$1 [R=301,L]

#below is Aaron's code to put the trailing slashe.

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !(\.[a-zA-Z0-9]{1,5}|/)$
RewriteRule (.*)$ http://www.mydomain.com/$1/ [R=301,L]

#end of Aaron's code

RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]

</IfModule>

Avatar
Double-A-Ron

Community Member, 604 Posts

2 August 2010 at 1:09pm

Edited: 02/08/2010 1:12pm

Hi mate,

This is pretty old and alot has happened since last year. I think I remember seeing what you are talking about however and removed my code from the .htaccess.

I have just done an SEO campaign on a 2.4.1 upgraded site and actually ended up removing the trailing slash instead of forcing it. (so the opposite to my code above. This is also better for SEO, as Google especially counts the number of slashes in a URL. So:

www.mysite.com/products/my-seo-product-keyphrase is seen as a second level URL
www.mysite.com/products/my-seo-product-keyphrase/ is seen as a third level URL (defaulting to index.php/aspx/html)

SERPs put more weight on key phrases located at lower levels in the URL. Which is why domains that contain the phrases are easy to get to the top.

So here is my revised SEO code to deal with the slashes. Note that the URL work is done AFTER the rewrite engine is turned on, but BEFORE Sapphire's routing. This is important.

### SILVERSTRIPE START ###
RewriteEngine On
RewriteBase /

### Allow www Only ###
RewriteCond %{HTTP_HOST} ^domain.com [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R=301]
### Allow www Only ###

### Remove Trailing Slashes ###
RewriteRule ^(.+)/$ /$1 [R=301,L]
### Remove Trailing Slashes ###

### Avoid duplicates on the home page ###
RewriteRule ^http://www.domain.com/$ http://www.domain.com/home [L]
### Avoid duplicates on the home page ###

RewriteCond %{REQUEST_URI} !(\.gif)|(\.jpg)|(\.png)|(\.css)|(\.js)|(\.php)$

RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
### SILVERSTRIPE END ###

Avatar
Kalileo

Community Member, 127 Posts

23 August 2010 at 2:59pm

Hi Aaron,

this is good stuff, thanks, your .htaccess rule to remove the trailing slash works fine, and I agree, it makes sense.

However, in your menus, the SS generated links to the pages, do they still have the trailing slash, or did you patch the code to remove it?

Regards,
Kalileo