During the last two days I had two applications (one of them Magento) which required authentication via web-browser. After a successful authentication session cookies are sent to the browser.
The login works normally in FireFox, Opera, Safari, Chrome. But there is one special “friend” that is not working: Microsoft Internet Explorer (6/7). The credentials provided were correct, no error message… So there must be another issue.
Time is the enemy
Server: 11:48 (GMT +1) Client: 14:12 (GMT +1)
It seems there is a bug (feature?!) inside the calculation of expiration for session cookies in Internet Explorer. If the server-time is behind client-time the session-cookies expire (depending on your session-timeout) and the session becomes invalid!
“I love IE!”
It is very important to synchronize your servers via ntp (or whatever tool you are using for that)! And if logging into one of your applications with Internet Explorer is impossible, check your server-times…