Techniques for WCAG 2.0

Skip to Content (Press Enter)

-

G105: Saving data so that it can be used after a user re-authenticates

Applicability

Web pages that require user authentication and limit the time available for submitting data.

This technique relates to:

Description

Web servers that require user authentication often terminate the session after a set period of time if there is no activity from the user. If the user is unable to input the data quickly enough and the session times out before they submit, the server will require re-authentication before proceeding. When this happens, the server stores the data in a temporary cache while the user logs in, and when the user has re-authenticated, the data is made available from the cache and the form is processed as if there had never been a session time-out. The server does not keep the cache indefinitely, merely long enough to ensure success after re-authentication in a single user session, such as one day.

Examples

Tests

Procedure

On a site that requires user login to submit data,

  1. Log in and begin the timed activity.

  2. Allow the session to time out.

  3. Submit the data.

  4. Re-authenticate.

  5. Check that the process can continue and be completed without loss of data, including the original data and any changes made after re-authentication.

Expected Results

If this is a sufficient technique for a success criterion, failing this test procedure does not necessarily mean that the success criterion has not been satisfied in some other way, only that this technique has not been successfully implemented and can not be used to claim conformance.

Techniques are Informative

Techniques are informative—that means they are not required. The basis for determining conformance to WCAG 2.0 is the success criteria from the WCAG 2.0 standard—not the techniques. For important information about techniques, please see the Understanding Techniques for WCAG Success Criteria section of Understanding WCAG 2.0.