Logged in as *another* user

Thanks for the video. In there, you mention a CDN. That shouldn't be a problem. All the traffic we send is marked as non-cacheable, so nothing should be caching authentication tokens and such.
You also mention that setting your site to force SSL causes problems. That means there's something wrong with your SSL certificate or server or CDN configuration. That's not a JFBConnect issue though and not something we'd be able to help with.
You also mention that you're using the Encrypt form setting. That setting is only when logging in with your Joomla credentials, not when logging in with a social network. The social network logins are *always* performed securely over an https connection to the social network, regardless of your setting in the SCLogin module. If you're SSL certificate isn't configured properly, I would expect issues with Joomla logins, but it should not affect social logins.

Now, as to your problem, I haven't heard of that before. We strenuously test our account mappings and have not had reports of being logged into the wrong account before. What I would recommend is:
* Checking the User Map area of JFBConnect. Search for your user and the 'other' user that your Twitter account is associated with. See which mapping exists there, or if somehow multiple mappings exist.
* If you migrated your site or did any database changes that may have affected the #__users table, our user_map table would need to be updated with the corresponding user IDs.
* If the user map area shows the right connection between your Twitter account and Joomla user, please disable any CDN, caching, or optimization extensions you may have in Joomla or your server and try again. We've never heard of that problem, so we'd need to narrow it down further.
* If the User Map area shows the wrong connection, you can try to click the "Delete" button and remove that connection. Then try to login again. If an improper mapping occurs, it means the user may be using the same email address as you and JFBConnect is automatically connecting the accounts.

I hope that helps explain, but if you need anything else, just let us know,
Alex

I can't login to the admin area. I enter the username/password and the page just refreshes. There's no message that the password is incorrect and I'm not logged in, which is odd. Usually, there's some message as to why.

As for your video, you're entering an email address and password in the login form and then clicking the Facebook button. That's not how you login with the social networks. The username/password fields are *only* for Joomla credentials. Entering them before clicking a social network button does nothing.

When you click any of the social network buttons, you should be prompted to login to that network (or, if already logged into the network, just the permissions prompt).

From what's happening in the admin area (not logging in and no message), I think there's something in general wrong with authentication on your site.


Can you answer any of the 4 questions I posted above about migrations and user mappings?

The other thing I'd recommend doing is disabling all caching on your site. Specifically, the Caching option in the Global Configuration area and the System - Cache plugin, if it's enabled. Disabling that and testing may help clear up some issues, which will help narrow down what to focus on.

Thanks,
Alex

Scott,
I'm very happy you figured out the issue. I'm not sure what was going on there either, but I can guarantee you that your issue was unique to your site and not something common with JFBConnect in general.

Things like WAFs can definitely cause issues as they can alter or drop information on requests, which could have caused some signals to get mixed. However, there are many WAFs that we know our users have enabled and work fine with, so that shouldn't mean you can't use any Joomla-based security.

Either way, I'm glad things are going for you. If you run into anything else, just let us know.

Thanks,
Alex