Users are able to log in and change their own passwords successfully, and when a password is requested to be reset the email and one-time login link arrive correctly. However, once a user has clicked the log-in button (on the one-time login page) they are redirected to the login page where it says Access Denied.
In the logs there are no problems, it only shows the session opening for the username and (weirdly) a timezone change for the user.
This occurs on Firefox, Chrome, and Safari and on (from what I've tested) all user accounts. I've disabled all login/password/user modules (not using many, using some Rules for logging in redirection that I tried deleteing and the Change Password Module) but no solution.
Thanks!
Read »
