"Authentication failed. Please enable browser cookies and try again." error prevents login operation

Issue

When I try to log in, the message Authentication failed. Please enable browser cookies and try again. is displayed and the operation is not successful.

Environment

  • Liferay DXP 7.0 Fix Pack 102+
  • Liferay DXP 7.1 Fix Pack 26+
  • Liferay DXP 7.2 Fix Pack 15+
  • Liferay DXP 7.3 SP3, Update 4+
  • Liferay DXP 7.4

Resolution

Root cause

To fix issue LPS-75442 a new cookie validation was added on the front end and an existing one on the back end that was not working has been fixed.

Solution

To avoid the error message you should check the following points:

1. Check the front-end cookie validation:

To use Liferay DXP, the browser cookies must be enabled, if they are not enabled, the login operation won't work.

Check that your browser has the cookies enabled and that you didn't disable them for your site.

2. Check the back-end cookie validation:

Liferay sends to the browser a test cookie called COOKIE_SUPPORT to check the cookies are working correctly.

Liferay is usually configured behind a web server like Apache Httpd or Nginx where the traffic is converted from HTTPS to HTTP. After that, the requests are redirected to the Apache Tomcat HTTP port.

In this situation:

  1. Tomcat receives the request in the HTTP port and the COOKIE_SUPPORT can be sent without the "secure" flag.
  2. If the cookie doesn't have the "secure" flag, modern browsers using HTTPS will ignore this cookie depending on SameSite and other configurations.

To force the addition of the "secure" flag, you can configure the Tomcat application server to consider all incoming requests to be HTTPS.

Just add  secure=true parameter to the Connector configuration in server.xmlfile: <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" URIEncoding="UTF-8" secure="true" />

Workaround

If the described solution doesn't work, you can also try disabling this validation by adding session.test.cookie.support=false to the portal-ext.properties file.

Important: The cookie validation won't be triggered, but Liferay won't work correctly if the cookies are disabled.

Additional Information

Was this article helpful?
0 out of 0 found this helpful