Saving data so that it can be used after a user re-authenticates

Important Information about Techniques

See Understanding Techniques for WCAG Success Criteria for important information about the usage of these informative techniques and how they relate to the normative WCAG 2.1 success criteria. The Applicability section explains the scope of the technique, and the presence of techniques for a specific technology does not imply that the technology can be used in all situations to create content that meets WCAG 2.1.

Applicability

Web pages that require user authentication and limit the time available for submitting data.

This technique relates to Success Criterion 2.2.5: Re-authenticating (Sufficient as a way to meet an unwritten technique).

Description

Web servers that require user authentication often terminate the session after a set period of time if there is no activity from the user. If the user is unable to input the data quickly enough and the session times out before they submit, the server will require re-authentication before proceeding. When this happens, the server stores the data in a temporary cache while the user logs in, and when the user has re-authenticated, the data is made available from the cache and the form is processed as if there had never been a session time-out. The server does not keep the cache indefinitely, merely long enough to ensure success after re-authentication in a single user session, such as one day.

Examples

Tests

Procedure

On a site that requires user login to submit data,

  1. Log in and begin the timed activity.
  2. Allow the session to time out.
  3. Submit the data.
  4. Re-authenticate.
  5. Check that the process can continue and be completed without loss of data, including the original data and any changes made after re-authentication.

Expected Results

  • #5 is true.