Submit Feedback
Legacy Knowledge Base
Published Jun. 30, 2025

"Authentication failed. Please enable browser cookies and try again." error prevents login operation

Written By

Jorge Diaz

How To articles are not official guidelines or officially supporteddocumentation. They are community-contributed content and may not alwaysreflect the latest updates to Liferay DXP. We welcome your feedback toimprove How to articles!

While we make every effort to ensure this Knowledge Base is accurate, itmay not always reflect the most recent updates or official guidelines.We appreciate your understanding and encourage you to reach out with anyfeedback or concerns.

Legacy Article

You are viewing an article from our legacy "FastTrack"publication program, made available for informational purposes. Articlesin this program were published without a requirement for independentediting or verification and are provided "as is" withoutguarantee.

Before using any information from this article, independently verify itssuitability for your situation and project.

Issue

When I try to log in, the message Authentication failed. Please enable browser cookies and try again. is displayed and the operation is not successful.

Environment

  • Liferay DXP 7.0 Fix Pack 102+
  • Liferay DXP 7.1 Fix Pack 26+
  • Liferay DXP 7.2 Fix Pack 15+
  • Liferay DXP 7.3 SP3, Update 4+
  • Liferay DXP 7.4

Resolution

Root cause

To fix issue LPS-75442 a new cookie validation was added on the front end and an existing one on the back end that was not working has been fixed.

Solution

To avoid the error message you should check the following points:

1. Check the front-end cookie validation:

To use Liferay DXP, the browser cookies must be enabled, if they are not enabled, the login operation won't work.

Check that your browser has the cookies enabled and that you didn't disable them for your site.

2. Check the back-end cookie validation:

Liferay sends to the browser a test cookie called COOKIE_SUPPORT to check the cookies are working correctly.

Liferay is usually configured behind a web server like Apache Httpd or Nginx where the traffic is converted from HTTPS to HTTP. After that, the requests are redirected to the Apache Tomcat HTTP port.

In this situation:

  1. Tomcat receives the request in the HTTP port and the COOKIE_SUPPORT can be sent without the "secure" flag.
  2. If the cookie doesn't have the "secure" flag, modern browsers using HTTPS will ignore this cookie depending on SameSite and other configurations.

To force the addition of the "secure" flag, you can configure the Tomcat application server to consider all incoming requests to be HTTPS.

Just add  secure=true parameter to the Connector configuration in server.xmlfile: <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" URIEncoding="UTF-8" secure="true" />

Workaround

If the described solution doesn't work, you can also try disabling this validation by adding session.test.cookie.support=false to the portal-ext.properties file.

Important: The cookie validation won't be triggered, but Liferay won't work correctly if the cookies are disabled.

Additional Information

Did this article resolve your issue ?
Legacy Knowledge Base
Did this article resolve your issue ?