Users get logged out more frequently in v4.0 #3987
Assignees
Labels
kind/bug
This issue represents a verified problem we are committed to solving
Milestone
Comments
slewis74
added
the
kind/bug
slewis74
added a commit
to OctopusDeploy/DirectoryServicesAuthenticationProvider
that referenced
this issue
Nov 28, 2017
|
Release Note: Active Directory integrated authentication cookie timeout has been increased from 20min to 20days |
|
This thread has been automatically locked since there has not been any recent activity after it was closed. If you think you've found a related issue, please contact our support team so we can triage your issue, and make sure it's handled appropriately. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
As a side effect of changes made in 4.0, users who have
will get logged out if they leave the tab idle for greater than 20min.
The reason behind this is that the new portal stops polling the server once the tab is inactive, and restarts once it is activated again. If the tab has been inactive long enough for the session cookie to time out then the user will be logged out. The change in polling behavior was deliberate and in line with new measures to reduce resource drain on the machine coming from inactive tabs.
For forms based authentication, the user has opted to not be remembered so this behavior feels acceptable. For integrated AD login the user hasn't selected and we default to 20min, which feels like it should default to 20days like the OpenID Connect authentication.
The text was updated successfully, but these errors were encountered: