I recently made a few server changes concerning and PHP-xml updates – unfortunately I can't really put my finger on what I exactly did.
After the changes we have not been able to log into the backend again. Only if we configure $TYPO3_CONF_VARS['BE']['loginSecurityLevel'] to be "normal" in the install tool.
If I try to login with the settings switch to "rsa", I get an error, that my password is wrong.
I cannot find any error logs referencing this problem in the php logs nor in the admin logs in the TYPO3 backend.
I already traced the network connection with the "rsa" setting. The browser makes a JavaScript request which does not fail and then sands a hash to the server in the HTTP header. I guess that procedure is working.
I guessed that it could be a malfunctioning OpenSSL configuration, but the install tool says: "PHP OpenSSL extension installed properly".
Server specifications:
Has anybody an idea, what could be wrong?
A friend of mine solved the issue. We had a vhost constellation with each web root folder belonging to a different system user. This resulted in an error on writing the php session (using a different system user on every project).
Set permission for the php session folder (only the folder not the files within!) to 777. The session folder belongs to a different non project specific system user (apache/www-data/whatever).
chmod 0777 /var/lib/php/session
Now every system user for every project has the rights to write a session. The session files itself get more restrictive rights anyway.