SSO users trying to interact with the Jira after session expiry presents a 401 page instead of redirecting users to a login page

XMLWordPrintable

    • 11
    • Severity 2 - Major

      Summary

      When a user with an expired session-cookie navigates to a Jira page (https://<hostname>/secure/Dashboard.jspa) instead of being redirected to login they are presented with a 401 error page.

      Steps to Reproduce

      1. Create an account that uses SSO.
      2. Login
      3. Manually edit the session-cookie to make it invalid(cloud.session.token).
      4. Reload the Jira hime page.

      Expected Results

      User is redirected to the login page.

      Actual Results

      User is taken to a 401 error page.

      Notes (Optional - If Necessary)

      This could possibly affect non-SSO users.

      Workaround

      Clear browser cache and cookies then reload the page, this will direct the user to the correct login page.

            Assignee:
            chavi (Inactive)
            Reporter:
            kohlerfc
            Votes:
            4 Vote for this issue
            Watchers:
            17 Start watching this issue

              Created:
              Updated:
              Resolved: