Steps:

1. Deploy a Jenkins instance and Set it up with the Security realm as Google login
2. Under Authorisation, select Logged in user can do anything.
3. Create few test jobs and check for the session times outs. (for the intervals of 10-15 mins)
4. Now, change the Authorisation to Project-base Matrix Authorisation Strategy.
5. Goto a job and leave it idle for the session timeout to occur.
6. Once the session timeout time is elapsed, click on any link on the page and observe

Actual Result:

1. The user will be presented with HTTP ERROR 404\
2. Refer the attachment

Expected Results:

1. The user should not be made go to the login page and click on the login page. Since Google oAuth is present, the user should be able to access Jenkins seamlessly until the user manually signs out (either from Jenkins or Google)
2. If the user tries to access https://mydomain.jenkins.com/job/test-job/ without logging in, the user should be able to do that. or at least user should be re-directed to google sign in page instead of Welcome page.