Uploaded image for project: 'jboss.org'
  1. jboss.org
  2. ORG-2197

Log in to community.jboss.org is lost despite still being logged in to sso.jboss.org

XMLWordPrintable

    • Hide

      1: Logout of sso.jboss.org totally
      2: Log in to community.jboss.org, and tick the remember me button
      3: Verify you are logged in to community.jboss.org
      4: Leave that browser alone until the next day
      5: Visit community.jboss.org, and notice that you are not logged in
      6: Hit login
      7: You are now logged in to community.jboss.org

      Show
      1: Logout of sso.jboss.org totally 2: Log in to community.jboss.org, and tick the remember me button 3: Verify you are logged in to community.jboss.org 4: Leave that browser alone until the next day 5: Visit community.jboss.org, and notice that you are not logged in 6: Hit login 7: You are now logged in to community.jboss.org

      You can still be logged in to sso.jboss.org but not logged in to community.jboss.org. This produces a very odd user experience, where you can be logged in to some systems, but not others. This is especially apparent with REST calls to community.jboss.org, as the REST call to sso.jboss.org tells us that the user is logged in (so we show the user is logged in), but the REST call to community.jboss.org returns a 403. It's very counterintuitive to realise you have to then visit community.jboss.org to get your login restored.

      I guess that the login check on jive relies on some session, and doesn't check sso.jboss.org to gain the authoritative state of login.

              Unassigned Unassigned
              pmuiratbleepbleep Pete Muir (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: