Detect multiple auto-login attempts and ask the user if they want to continue
Bug #449522 reported by
Stuart Metcalfe
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Canonical SSO provider |
Confirmed
|
Wishlist
|
Unassigned | ||
Bug Description
We use auto-continue for a number of trusted sites (and it would be nice to enable users to add their own sites they want to do this for too) but there is the possibility with this feature that the user will get stuck in a loop - if, for instance, a relying site redirects logged out users to a login page which is automatically attempting to log the user in again. We should disable this behaviour and notify the user if we detect X auto-login attempts for them to the same trust root in Y seconds/minutes.
To post a comment you must log in.
