Single Sign On, coming soon (or now) to a Second Life web page near you!

[Keira Linden]

We have been taking steps to implement a Single Sign On process across all of Second Life’s web pages.  I wanted to make sure you were all aware of this so that if you get logged out of a web page and wonder why, this may be the culprit.  In the past, it has been possible to be logged into one page with one account and logged into another page with a different account.  Going forward, you will only need to log in one time to access all web pages with one account at a time.  

If you have any difficulty logging in or making changes to your account, a quick clearing of your browser cookies and/or cache should resolve any issues.  Please contact our fabulous Support team if need additional assistance after taking those steps. 

[Anastasia Horngold]

Does this mean that changing accounts on, say, Marketplace, will log us out of viewer Search, and out of our Dashboard?

[Alwin Alcott]

let's see.. but i don't think it's quite usefull for me, i have a seperate inworld presence than on the forum. When the other needs to be on MP or the accountpage .. the forum will also switch to this account.

[Fritigern Gothly]

27 minutes ago, Alwin Alcott said:

let's see.. but i don't think it's quite usefull for me, i have a seperate inworld presence than on the forum. When the other needs to be on MP or the accountpage .. the forum will also switch to this account.

Worst case scenario, you could install a different web browser for different roles. I have done that in the past 🙂

[bigmoe Whitfield]

Hi keira is this going to be any part of a 2fa solution?  or is this just for web services? 

[Keira Linden]

1 hour ago, bigmoe Whitfield said:

Hi keira is this going to be any part of a 2fa solution?  or is this just for web services? 

Just for the web services.  2fa is still on our roadmap, though.

[bigmoe Whitfield]

1 hour ago, Keira Linden said:

Just for the web services.  2fa is still on our roadmap, though.

I would like to use a usb key to do the single sign on, I know that's asking lots, but something along those lines too,   I've got a few accounts and swapping around will be interesting.

[Nika Talaj]

I actually find it handy to be able to be logged into different pages with different accounts, mostly for the scenario mentioned above.  One avatar for the forums, while another is purchasing something on the marketplace.  Maybe a third is using the LH land page.  So it kinda sounds like SSO is going to be a PIA, if it truly will log all other pages out when a different avatar logs into anything on SL's website.

Now, if LL wanted to do SSO for the TYPIST, and have the ability to switch different pages easily between alts, THAT would be useful.  At least to me.  Think of a pulldown at the top of the marketplace to specify the avatar one is purchasing for.  Ah well.

 

[animats]

Will SL be an authentication provider, so that an SL login can be safely used as a login on other sites? That would be useful.

(It would also help if the outgoing HTTP proxies used when LSL makes an HTTP connection offered a client-side SSL certificate, so sites could tell that a connection was coming from SL. Then external sites could trust the headers that give the location and username of the SL user that caused the connection.)

[Wulfie Reanimator]

7 hours ago, animats said:

Will SL be an authentication provider, so that an SL login can be safely used as a login on other sites? That would be useful.

That doesn't seem to be the case. They probably just cleaned some things up on the backend to properly unify their own systems.

[Caren Jewell]

I ask myself .. why and for what? Why can not all be like before as it runs good? Changing Things here and there and People go on and have problems. For what? This Auto-Log Off is very frustrated! Was it such a problem to let it how it was?

[Alwin Alcott]

6 hours ago, Caren Jewell said:

I ask myself .. why and for what? Why can not all be like before as it runs good? Changing Things here and there and People go on and have problems. For what? This Auto-Log Off is very frustrated! Was it such a problem to let it how it was?

and we know how changes mostly end.... make something/break something... reputation isn't that well in that matter.

[Arwen Serpente]

On 2/4/2021 at 10:12 AM, Keira Linden said:

We have been taking steps to implement a Single Sign On process across all of Second Life’s web pages.  I wanted to make sure you were all aware of this so that if you get logged out of a web page and wonder why, this may be the culprit.  In the past, it has been possible to be logged into one page with one account and logged into another page with a different account.  Going forward, you will only need to log in one time to access all web pages with one account at a time.  

If you have any difficulty logging in or making changes to your account, a quick clearing of your browser cookies and/or cache should resolve any issues.  Please contact our fabulous Support team if need additional assistance after taking those steps. 

Keira, it is now March 23 - over 6 weeks from your post.  This change has not and is not working at all. The system randomly logs people out multiple times a day.  It needs to be fixed or rolled back.  Please see this thread for more feedback:

 

[bigmoe Whitfield]

8 hours ago, Arwen Serpente said:

Keira, it is now March 23 - over 6 weeks from your post.  This change has not and is not working at all. The system randomly logs people out multiple times a day.  It needs to be fixed or rolled back.  Please see this thread for more feedback:

 

"auto logoff" yeah, I think it's the cookie expiring to quickly and not sso.

[LittleMe Jewell]

16 hours ago, bigmoe Whitfield said:

"auto logoff" yeah, I think it's the cookie expiring to quickly and not sso.

But only sometimes.  I did some testing yesterday and did not get logged out after roughly 35 minutes, but then later did get logged out after 1.5 hours.  That sort of all made sense -- a cookie expiring.  However, I then actually closed out the Dashboard and MP tabs, but left the browser running idle, and I went and watched TV.  Came back 2-3 hours later and was still logged in when I opened a new tab to my Dashboard -- ditto when I checked MP.

This morning, I logged on to the work computer, which had been in 'sleep' mode since yesterday afternoon, opened the browser and went to my Dashboard - and found that I was still logged in.  Check the MP and I was still logged in there also.

I'm pretty sure - though not positive - that the cookie settings are the same between the two computers.  Will check that when I log out of work today.

[Arwen Serpente]

On 2/4/2021 at 10:12 AM, Keira Linden said:

We have been taking steps to implement a Single Sign On process across all of Second Life’s web pages.  I wanted to make sure you were all aware of this so that if you get logged out of a web page and wonder why, this may be the culprit.  In the past, it has been possible to be logged into one page with one account and logged into another page with a different account.  Going forward, you will only need to log in one time to access all web pages with one account at a time.  

If you have any difficulty logging in or making changes to your account, a quick clearing of your browser cookies and/or cache should resolve any issues.  Please contact our fabulous Support team if need additional assistance after taking those steps. 

Keira, as discussed in the MP auto-log off thread, this single sign on is not working as intended.  Support is unable to solve it through resync'ing an individual MP account. It is not an individual's (just one person) problem. I filed a JIRA because it needs a fix. Thanks!

https://jira.secondlife.com/browse/BUG-230479

[mikka Luik]

Oh I see. OAuth login ("commonly used as a way for Internet users to grant websites or applications access to their information on other websites" - but not asking them if they wants) now on Jira etc with 'please enable cookies' required. Oh look MP auto login.

Hmm

Shields up

[Fritigern Gothly]

3 minutes ago, mikka Luik said:

Oh I see. OAuth login ("commonly used as a way for Internet users to grant websites or applications access to their information on other websites" - but not asking them if they wants) now on Jira etc with 'please enable cookies' required. Oh look MP auto login.

Hmm

Shields up

LOL! SL has used Oauth for ages. Take those shields down already.

[Wulfie Reanimator]

9 hours ago, mikka Luik said:

Oh I see. OAuth login ("commonly used as a way for Internet users to grant websites or applications access to their information on other websites" - but not asking them if they wants) now on Jira etc with 'please enable cookies' required. Oh look MP auto login.

Hmm

Shields up

OAuth doesn't share any of "your information" with whatever third party your web service is using it for... That's the opposite of what it does.

[bigmoe Whitfield]

20 hours ago, mikka Luik said:

Oh I see. OAuth login ("commonly used as a way for Internet users to grant websites or applications access to their information on other websites" - but not asking them if they wants) now on Jira etc with 'please enable cookies' required. Oh look MP auto login.

Hmm

Shields up

don't do that,  Oauth is safe.

[Eva Nova]

Ahh, so now I know why I log in, accept cookies and then immediately get logged back off again on MP. I can log straight back in again sure but it was rather irritating. Good to know its not me, it's you 😄

[LittleMe Jewell]

On 2/4/2021 at 8:12 AM, Keira Linden said:

We have been taking steps to implement a Single Sign On process across all of Second Life’s web pages.  I wanted to make sure you were all aware of this so that if you get logged out of a web page and wonder why, this may be the culprit.  In the past, it has been possible to be logged into one page with one account and logged into another page with a different account.  Going forward, you will only need to log in one time to access all web pages with one account at a time.  

If you have any difficulty logging in or making changes to your account, a quick clearing of your browser cookies and/or cache should resolve any issues.  Please contact our fabulous Support team if need additional assistance after taking those steps. 

Should this single sign-on apply to the Support web pages - since they are on a different domain?  Every time that I go to Support History - from my Dashboard that I am already logged in to -- I have to log in again.  Okay, not every time, but the token that is applicable to the Support pages apparently only last a few hours.  I'm able to bounce around my Account pages without having to relog, but the minute I click that link for Support, if it has been more than a few hours, I have to log in again.

 

[Arwen Serpente]

36 minutes ago, LittleMe Jewell said:

Should this single sign-on apply to the Support web pages - since they are on a different domain?  Every time that I go to Support History - from my Dashboard that I am already logged in to -- I have to log in again.  Okay, not every time, but the token that is applicable to the Support pages apparently only last a few hours.  I'm able to bounce around my Account pages without having to relog, but the minute I click that link for Support, if it has been more than a few hours, I have to log in again.

 

Hi LittleMe, pending Keira's response to that, from what I've experienced, both Support and JIRA are on separate logon systems than the dashboard/MP/mysecondlife.  But then again, the whole thing is still borked and not working properly with random logouts, so if it is intended that they all be linked, then (at least for some) it isn't working that way.

[LittleMe Jewell]

2 hours ago, Arwen Serpente said:

Hi LittleMe, pending Keira's response to that, from what I've experienced, both Support and JIRA are on separate logon systems than the dashboard/MP/mysecondlife.  But then again, the whole thing is still borked and not working properly with random logouts, so if it is intended that they all be linked, then (at least for some) it isn't working that way.

If I am logged out of everything and then log in to my Dashboard and click the Support links, I am taken there without having to log in separately to anything.

When too much time has passed and I click Support, the login page is the "id.secondlife.com" page -- the same page that I use to log in to my Dashboard.

That is why it does appear that they are connected via a Single Sign-on, despite their different domains.

 

[Arwen Serpente]

Just tried again this morning. You're right, support logon is now linked to dashboard logon. JIRA isn't, but that may be for security reasons of some sort.