Upgrading to Lucee 6 prevents logging in to admin area of websites

Very strange issue after upgrading from Lucee 5.4.4.38 to 6.0.1.83.

We have a few Lucee servers with roughly 100 websites on each. Everything is happy on Lucee 5.4.4.38 but after upgrading via the GUI to 6.0.1.83 logging in to each of the hosted sites (the website’s admin area not Lucee’s ‘web’ admin) results in an infinite redirect. Weirdly, the first login on the server to a website is successful but any subsequent attempts to login to a different website fails with the redirect loop.

By default Lucee 6 is in single mode, which is where the issue seems to be. Switching to multi mode clears the infinite redirect and all the websites can login fine. I also tested all other Lucee 6 stable versions and had the same issue.

I’ve tried deleting all the Lucee contexts, cleared cookies, tried every different browser but nothing works. We have no need for multi-mode Lucee admins and want to get single-mode working.

Does anyone have any suggestions?

Thanks,
Jeff

OS: Ubuntu 20.04 LTS
Java Version: 11.0.22
Tomcat Version: 9.0.87
Lucee Version: 6.0.1.83

Alright, guys, we worked this one out.

So our /admin/Application.cfc extends ApplicationProxy, which is in the webroot. In Lucee single-mode, it appears as though that logic is incorrectly extending ANY ApplicationProxy instead of the correct file, so /admin/ requests appeared to be coming from whichever ApplicationProxy was currently loaded (i.e. whichever application had someone log in first).

The fix is to extend “…/ApplicationProxy” in the /admin/Application.cfc files. This makes the admin requests correctly inherit the intended application.

Problem solved. All logins working correctly across all sites on the server in single-mode. Hopefully this helps someone else if they have a similar issue.