...
- the Log In form will not be emptied after a period of time when Remember Me is set and a user does not log in again,
- the behavior specified in the table above is independent of whether or not the browser is set to save login information.
- therefore do not use Remember Me if you are working in a security-sensitive environment.
...
When a user logs on the JOC Cockpit generates an authorization token and saves it twice (Keys $SOS$accessTokenId and $SOS$permission), either in the browser's local storage, if Remember Me is set on logging in or in the browser's session storage, if Remember Me is not set.Status
| Situation | Remember Me Set | Remember Me Not set |
|---|---|---|
| User logs out, browser reverts to Log In page | Authorization token remains in browser's local storage | Authorization token is deleted with the session storage |
| Session expires, browser reverts to Log In page | Authorization token is deleted | Authorization token is deleted with the session storage |
| Browser tab is closed during session and then reopened by opening recent tab (Firefox) | Authorization token remains in browser's local storage | Authorization token remains in browser's session storage |
Browser tab is closed during session and then reopened by opening login page | Authorization token remains in browser's local storage | Authorization token has been deleted with the session storage |
...