Upgrading to Symfony 2.8.31 (security version) breaks the login to the admin ui over https. Login over http is still possible.
Maybe this issue "[Security] Validate redirect targets using the session cookie domain" (https://github.com/symfony/symfony/pull/24995) is the reason why.
Downgrade to symfony 2.8.30 will temporary solve the problem.
Added by Support Team
When trying to log in to the Platform UI, POST request to https://your-site.dev/api/ezp/v2/user/sessions/xxx/refresh results in 404 error.
Steps to reproduce
- Create new eZ Platform install and access it via https.
- Go to /ez.
- Try to log in using the default login and password. After clicking the "Login" button, the form will be cleared and you won't be logged in. The browser console will have the following error: