Unable to login neos backend on live system


i got a problem on our live server. if i want to login into backend, neos is redirecting to

  1. /neos/login = 303 (see other)
  2. /neos/ = 303 (see other)
  3. /neos/login = 401 (not authorized)

… whithout any message that credential where wrong.

While running on our developer server there where no problems to login.

I tried to debug a little bit, it seems like the LoginController is getting FALSE at: $this->authenticationManager->isAuthenticated() so the redirect is not called.

“typo3/neos”: “2.3.7”

If i give non existing credentials i got the normal error message “The entered username or password was wrong” and there was only one url called without any redirect:

/neos/login = 401 (not authorized)

Maybe varnish is a problem for the neos backend?

The /neos/ path is excluded by configuration so the response header age is allways 0.

Found some detailed information about varnish configuration for neos backend login: https://moc.net/om-moc/aktuelt/blogs/tech/understanding-varnish-hit-for-pass-and-why-its-important-for-your-typo3-site

The Varnish configuration needs to be adjusted to Neos.

We’ve added an example for the MOC.Varnish package, see https://github.com/mocdk/MOC.Varnish/blob/master/Documentation/Index.rst