Handling “Error when submitting credentials after staying too long in login page”

Hasintha Indrajee
2 min readNov 1, 2018

This is a rare case which might occur under certain circumstances. One of them is if you are not using temporary session data persistence. When you stay too long in the credential submit page on your browser and then you submit credentials you might see an error page saying an error occurred while authentication.

Error when submitting credentials after staying too long in login page

The proper or the recommended solution for this issue is to enable temporary session data persistence in identity server. You can enable it by following [1].

But in a case if you find temporary session data persistence is not possible, you can use this workaround. Again this is just a workaround :)

As the first step you need to follow [2]. After following [2], two problems addressed in that particular post will be solved. However the custom jsp page which you include (check_session.do) , servlet mappings and custom jar you add to dropins are required for this solution as well. Also you need to configure desired service provider page which you need to be redirected after failing. (login.jsp page change is not required for this even though it’s required for previous one.)

Once the [2] is done, as the second step all you have to do is to add the below script to basicauth.jsp which also resides in repository/deployment/server/webapps/authenticationendpoint

Also you need to change the button in a way it calls the function with an event. In order to do that remove the existing button and add the below button.

Important : If you see the checkSessionKey and checkSessionKeyBasic function of [2] and this post, there is a subtle difference. Please make sure that both functions are not the same name since basicauth.jsp will be included into login.jsp. Also you may add cache: false as we have added in [2] as an update. This avoids caching problems in certain browsers.

[1] https://docs.wso2.com/display/IS550/Authentication+Session+Persistence

[2] https://medium.com/@hasinthaindrajee/handle-browser-back-button-after-successful-authentication-wso2-identity-server-authentication-8687a681b59e