private Tender URLs show SSO-ignorant login form, even with SSO

Troy's Avatar

Troy

08 May, 2010 05:45 PM

I've been wondering why a bunch of our customers - who are mostly developers and relatively clued - keep ending up with 2 different accounts on Tender, and repeatably have a problem figuring out how to sign in. I think I figured it out. We use Tender's SSO and have it link back to our login URL. If an unauthenticated user hits our Tender site and clicks Login, they'll be redirected to our login URL and all will be well.

However, if they click a link to a private ticket (like from an email), they're presented with a login page that has a Tender login form and no warning that the login form is not related to their existing SSO Tender account. When they try to login with their service creds, it inexplicably fails.

Unless I'm missing something about the way this was intended to work, this is really nonintuitive. It means that clicking Login on Tender's login page has inexplicably different behavior from submitting the login form - one redirects, one uses Tender auth.

I think it's why a double-digit percent of our users have unintentionally created 2 Tender accounts: one linked from SSO and then one directly on Tender under a different email address ("WTF, I already have an account but can't use it!!").

I think the most obvious fix would be to make login pages for SSO-enabled Tenders show a fairly loud message instead of a login form. "Have an account on Service Name? Login here>>

Don't have an account? Login here>>"

The first "Login here" would redirect them to the service login URL, passing the private ticket URL so we redirect them back. The second "Login here" would display the existing Tender login form (because even with that message, if the login form is still shown by default, people will use it and ignore the message).

Let me know if I'm just missing something obvious. Hope this helps.

Showing page 2 out of 2. View the first page

  1. 31 Posted by Chris Marisic on 11 Jan, 2011 03:00 PM

    Chris Marisic's Avatar

    FWIW by 30 users those would be the support staff, our external users number in the thousands.

  2. 32 Posted by Troy on 11 Jan, 2011 04:01 PM

    Troy's Avatar

    Chris and others, this is already fixed IMO. You can see an example at http://help.papertrailapp.com/

    Note that the only login link in the upper right is "Log in to Papertrail" and it links to Papertrail's own login page. There's no longer a "or create an account" link on Tender that links to Tender's own new account page. It's also been removed from the page shown to anonymous users who are trying to view private tickets.

    This ticket was for a fairly small, simple change, and it's been implemented. A bunch of others added largely-unrelated (and in many cases, much much larger) requests, but as far as I'm concerned, the confusion is gone. It's been months since we had anyone create a duplicate account. Please consider the original request closed.

    Tender folks, feel free to resolve this ticket. I would myself but enough other folks have commented that I'll leave it to you. Thanks again for the support.

  3. 33 Posted by gary on 24 Jan, 2011 01:54 PM

    gary's Avatar

    I'm still seeing a Tender Login Form when my users click on the link to view/update their private discussion and have since been logged out.

    See here for example: http://blogpig.com/help/discussions/csvpig/324-test-8

    We have SSO fully enabled and there is no mention of it on this page apart from the small login link in the top right.

    Gary

  4. Troy closed this discussion on 17 Mar, 2012 08:17 PM.

Discussions are closed to public comments.
If you need help with Tender please start a new discussion.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac