I use the javascript adapter for my SPA, it works fine until user opens multiple tabs and a SSO Idle Timeout occurs.
Let's assume user has opened two tabs and is idle such that a SSO timeout occurs. Now the following happens:
check-sso+check-login-iframe:
- Click in tab #1 -> user redirected to login page
- User logs in -> tab #1 fine
- Click in tab #2 -> user redirected to login page
- User logs in -> tab #2 fine
- User clicks in tab #1 -> user redirected to login page
- now again tab #2 is broken
And so on, you never get back to a state where both tabs are authenticated
login-required+check-login-iframe:
- Click in tab #1 -> user redirected to login page on both tab #1 and #2
- User logs in tab #1 -> Error Message "Your login attempt timed out. Login will start from the beginning."
- Retry login tab #1 -> tab #1 fine
- User logs in tab #2 -> Error Message "You are already logged in"
- Click "Back to the application" in tab #2 -> tab #2 fine but user will not return to the dialog he started from
Now both tabs are fine but is there a way to prevent the error messages?
login-required/check-sso+check-login-iframe=false:
- Two tabs open
- SSO timeout
- Click in tab #1 -> user redirected to login page
- User logs in tab #1 -> tab #1 fine
- Click in tab #2 -> fine until access token expires, once the token needs to be refreshed user is redirected to login page
- Now tab #1 is "broken", i.e. once the token needs to be refreshed user is redirected to login
And so on, you never get back to a state where both tabs are authenticated