Sounds to me like one of a couple things are happening:
-
Your browser’s web sockets are losing their connection to the gateway (bad network connectivity from browser to gateway or maybe the machine with the browser went to sleep). When the last web socket disconnects for a given (browser, project) pair, the session timeout begins. When the session timeout elapses, the perspective session for that (browser, project) pair is destroyed. Since the web auth session lives on the perspective session, it will also be destroyed. However, your browser session with the IdP may live on depending on its own session timeout. This would explain why you were able to authenticate without re-entering credentials - your browser’s cookie is still valid.
-
You changed your IdP’s configuration while your user was logged into a perspective session. Some IdP configuration changes such as changes to the web auth strategy settings will always invalidate the web auth session in a perspective project session.
It seems more likely that #1 is happening unless you remember messing around with IdP configurations on the gateway web interface with the live perspective sessions running? Next time it happens, check to see if your browser is disconnecting from the gateway.