Closed Bug 1287070 Opened 8 years ago Closed 7 years ago

Okta SSO shouldn't require me to sign in once every browser session

Categories

(Infrastructure & Operations :: SSO: Issues, task)

Product:
Infrastructure & Operations
Component:
SSO: Issues
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: emorley, Assigned: jabba)

References

Details

STR:
1) Ensure Firefox's "remember open tabs" option is disabled
2) Visit https://sso.mozilla.com/ and complete the sign-in flow, including Duo 2FA
3) From the resultant page (https://mozilla.okta.com/app/UserHome) click the Gmail link
4) Read some emails
5) Close the browser
6) Immediately open the browser and re-visit GMail and/or https://mozilla.okta.com/app/UserHome

Expected:
I should not be prompted to log in again (for at least eg 24 hours).

Actual:
I have to log into Okta again, presumably because it's only setting session cookies.
(In reply to Ed Morley [:emorley] from comment #0)
> STR:
> 1) Ensure Firefox's "remember open tabs" option is disabled

Since this feature preserves even session cookies across browser restarts.
Is this intended behaviour, or a bug? If the latter, can we start a discussion about it, or if the former, can we file an upstream ticket?

Thanks :-)
Flags: needinfo?(jdow)
I did this test:

1)Logged into okta
2) closed browser
3) started firefox again
4) navigate to Okta, am asked to sign in
5) did not sign in, instead clicked back button
6) on about:home, I clicked "Restore Previous Session" button
7) it resumed my Okta session and did not have to log in again.

This seems to be expected behavior?
Flags: needinfo?(jdow)
Clicking "Restore Previous Session" restores the session cookie.

However:
* this is just a workaround for the SSO only lasting until end of session (I believe it should persist longer than that)
* Crucially it doesn't work on mobile, so I have to sign into web GMail ever single time I open Firefox for Android (I don't want to add my Google Apps Mozilla account to my phone's native sync, since I don't want work contacts on their, or notifications, calendar pollution etc)
We are finally off of Okta.
Assignee: infra → jdow
Status: NEW → RESOLVED
Closed: 7 years ago
QA Contact: jbryner
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.