At my company we’ve recently moved from PHP 5.2 to PHP 7.1 and for the most part it went perfectly, but recently we’ve found an issue that the login for our backoffice is doing a number of redirects to the login page. After a bit of digging we noticed that by using the $this->Auth->setUser($user) it will renew the session by using the ( Function renew in the Session class ).
So for PHP 7 there’s reported issue with the session_regenerate_id (https://bugs.php.net/bug.php?id=70871).
What I get while debugging is this:
session_regenerate_id(): Failed to create(read) session ID: user (path: /var/lib/php/mod_php/session) [CORE/src/Network/Session.php, line 576]
session_regenerate_id - [internal], line ??
Cake\Network\Session::renew() - CORE/src/Network/Session.php, line 576
Cake\Controller\Component\AuthComponent::setUser() - CORE/src/Controller/Component/AuthComponent.php, line 613
Not sure if relevant but we are using database sessions.
What I think it’s happening is that after the user gets identified and set it’s not really as it redirects back to the login page but I was wondering if you had any idea how to workaround this issue?