MFA Issue

Have retested MFA with and without SEO. Seams to work perfectly fine in my tests. Strange that disabling CBs redirect behavior would resolve this for you as CB doesn't handle the MFA redirect. I believe MFA just uses whatever menu item is marked Home or at least it does in my tests. If it's trying to use a Joomla user component menu item that might explain the issue.

Is /members/login a Joomla login menu item or CB login menu item? You strictly should be using CB login menu items. CB won't attempt to redirect away from itself.

Krileon,

We don't use the Joomla login module; we rely on the CB Login module and, yes, the Login is an item in the Main menu. I left Redirect URLs and Rewrite URLs enabled in the System-Community Builder plugin. I disabled Verify Consent, however. The CB Login works fine now and automatically redirects to the user's Profile, as it should.

Between us, I've found some aspects of the Joomla MFA Tool Suite problematic. Despite the inclusion of custom CB privacy consent fields displayed in the CB Registration form,the user responses are not recognized as Consent Requests in Users/Privacy/Requests or /Consents. Activation of the Joomla Content-Confirm Consent and System-Privacy Consent plugins results in throwing a System Message advising a logged-in user to specify Privacy Consent but, even if the Joomla Privacy plugins are published and appropriately configured (per the Privacy Status Admin module, provides no additional means to satisfy that advisory. I created a separate Privacy item in the Main Menu for users to click "Yes" or "No" (in addition to what the user answered in the CB Signup form), but clicking that link failed to remove the warning and failed to show the actual Consent form that should have appeared when the link is clicked.

Oh, well.

Again, thanks very much, Kyle.

So the MFA is working fine now? Sorry, I'm confused here. Can you provide steps to reproduce your issue? I assume you simply attempted to login to CB and it sent you to the page to profile your email code. Did sending to that page fail or did it fail when you tried using the verify button? Did turning CBs verify consent off fix this for you is that what you're meaning?

Regarding privacy consent issues. CB doesn't need to handle that. You should be able to use Joomla's respective pages for that. I'm not sure what you mean regarding registration problems with it though. Could you clarify that further in a separate topic as if there's a bug there we certainly want that fixed. CBs verify consent in its system plugin is for using CBs terms and conditions fields so you don't need to turn that on if you're using Joomla's.

Kyle,
I'm confused. No matter what I do, it's in vain. I don't care whether this issue involves CB or Rockettheme or Joomla.

• When a website visitor visits the domain, the system displays a message warning the person to consent to the site's Privacy Policy.
  • The Privacy Consents plugin is configured to open the Privacy Policy article.
  • The Joomla Privacy Tool Suite doesn't link a JPTS module to allow the user to affirm consent and the JPTS does not integrate the CB Credentials field I created (and is displayed in the CB Registration form).
• When a registered user clicks the Login link on the front-end (Members | Login), the home page redirects to...the homepage.
• When the user logs in, the advisory message continues to display but the Profile is not displayed.
• When the logged-in user clicks the link to open her/his Profile (Members | Your Profile), the page is redirected to ... the homepage.
• When the  logged-in user clicks the link to Logout (Members | Logout), the page is redirected to the homepage and the user is not logged out.

When I disable all Consent plugins, the only difference is that the warning message is no longer displayed. For awhile, I considered myself a reasonably effective and successful designer of Joomla websites. Now, I know that I've been fooling myself and others and that I am just an 1D10T.

Other than this, everything is just ducky.

Ok, seams like something wonky is going on with the privacy consent plugin then. Do you want to use Joomla's privacy consent or are you ok with using CBs? It sounds like you might be trying to use both? It's basically a 1 or the other situation. Our privacy consent functionality existed before Joomla's so that's basically why there's 2.

To use CBs privacy consent simply configure terms and conditions fields in CB > Field Management. Next mark them as required and set to display on registration. Now in System > Plugins > Community Builder System plugin set "Verify Consent" to "Enabled". Note you need to be sure you've completely turned Joomla's privacy consent off.

To use Joomla's privacy consent simply unpublish all terms and conditions fields in CB > Field Management then ensure the params field is set to display on registration as that's where we'll output Joomla's terms and conditions and privacy policy fields. Next System > Plugins > Community Builder System plugin set "Verify Consent" to "Disabled". Joomla's should have full control at that point and you should see the privacy consent checkbox on your registration page.

The way the privacy consent redirect behavior works is it hijacks all navigation. It's supposed to send you to CB profile edit for them to consent and prevent all other navigation.

Aside from that I don't really know what else to suggest. If you PM backend super user login credentials and provide frontend steps to reproduce your issue I'll happily take a look and try to figure out what's going wrong.

Kyle,

I cannot thank you enough for your suggestions and insights. Unfortunately, I'm at the end of my last remaining wit. These are happening now:

• Login (using CB Login) logs the user into the website and is reflected in the Admin backend (Logged In Users module) but does not auto redirect on the front-end to the Profile. Instead, a Gantry error message is displayed there:
   
  
• Clicking the Logout link (CB Logout) does not log the user out.
• Clicking Logout by the User in the Logged In Users logs the user out of the Admin module.
• The User remains logged in on the front-end.
• Clicking the Login link on the front-end displays the username and a button to "Logout?"
• Clicking that button logs the user out of the front-end.

None of this is working anything like it's supposed to work.
I am in dire need of a very liberal and personal application of Glen Fiddich.