Shibboleth forces login on group details page
Running GitLab with Shibboleth.
After some time (2-3 hours) navigating to a group detail page will show An error has occurred. Please try again. Clicking on Activity will sometimes take you to the activity. Other times, it will redirect to Shibboleth sign in page. It seems that if you navigate to Activity shortly after the error occurs, you will see activity. If you wait a while after the error shows, you will be redirected to log in again.
When examining the console logs, they see Failed to load https://shibboleth-url: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://gitlab-url' is therefore not allowed to access. The response had HTTP status code 403. They also see OPTIONS https://shibboleth-url 403 (Forbidden) and XHR failed loading: OPTIONS "https://shibbolth-url". When they are not redirected to Shibboleth, they do not see errors in the console.
They were not seeing this error prior to 10.3.2-ee
Customer ticket -> https://gitlab.zendesk.com/agent/tickets/85769 (internal)