Login Problems with Magento and Varnish

When you have a Magento website configured to use Varnish as a caching frontend, there are certain scenarios where you may have some problems logging-in to the frontend of the website. It poses some unique problems that are not frequently seen on a typical website. This issue typically manifests itself to the end user by visiting the login page, entering the correct credential, submitting the form, and then the page reloads the login page again instead of redirecting to the My Account page or whatever page is specified in the configuration.

Diagnosing the issue

So, it is quite interesting to see this happen as the user will still get notified that they are using the wrong username/password combination, but are unable to successfully authenticate with the website. In order for this issue to crop up, you have to have your site setup to use a particular domain, say www.example.com and have a redirect setup so that example.com redirects to www.example.com . Once the user experiences this issue, when you go into the developer tools in the browser, and investigate the cookies in place, you will notice that there are two cookies named “frontend”. However, these cookies have two different paths for them. One will be for example.com and the other will be for www.example.com .

Recreating the issue

It seems difficult to recreate this issue up until the point that you actually do it, and then it becomes trivial. First, go to www.example.com and try to login to the site. Next, logout of the site. After that, visit example.com and try to login to the site. When you submit the login form, it will just refresh the login page without showing any error on the site.

Resolving the Login Problems

This issue asserts itself when you utilize the Turpentine plugin from Nexcess to enable the proper caching configurations due to Magento’s reliance upon cookies being sent with every request. In the configuration of Turpentine, there is a special setting that allows Varnish to normalize the hostname that it requests from the server. Effectively what this will do for you is to take any request that hits Varnish, and translate it to whatever is specified, in this case, www.example.com . In most cases, this works great, and it fixes the login issues described in this article. However, it can create some other issues, specifically with 301 redirects . Overall, once both fixes are in place, everything should work beautifully, and much faster than it did previously.

Tags:
comments powered by Disqus

Related Posts

301 Redirecting in Varnish

In Magento, you can set your secure and non-secure URLs explicitly. This works as expected in most cases, but can cause some issues when you have to specify full URLs or need to make any AJAX requests. When using the Nexcess Turpentine extension to enable Magento and Varnish to work together and you wish to only support traffic at www.example.com and not example.com, you would need to enable the setting in the Turpentine module to normalize the host.

Read More

Magento Cache with Cache Disabled

One of the things that I find quite annoying with a web platform is when you configure it to do one thing, and it does something different. Magento is an eCommerce software platform that many of the leading eCommerce websites use for their web stores. Magento Magento comes in two different flavors, a paid enterprise edition as well as a open-source community edition. The enterprise edition allows you to utilize the built-in full-page caching mechanism, while the community edition does not include a full-page caching solution.

Read More

Launching a Redesign of a Website

Over the last few months, I have been working on a major redesign of an existing Magento website. One of the major goals of the redesign was to take a legacy desktop-only website and upgrade it to take full advantage of Responsive Web Design so that customers could equally utilize mobile and desktop devices to browse and purchase products. For a site that had seen only minor updates over the last 5 years, this redesign represented a major change visually and navigationally from the previous site.

Read More