Usual SSO flow is, you login to one application. Then if you try to login to another application it, login page should be bypassed and you should able to login without providing your credentials again.
I believe your problem is similar to the scenario reported in here.
But at it seems what you do is,
- Goto your first app, click on login then it will redirect to WSO2 Identity Server's SSO login page.
- Instead of you enter your credential and login to the first app, if you go to second app and click on login then the second app also redirect you to login page of WSO2 Identity Server's SSO page. Now you have two tabs in your browser which have same login page.
- Now you enter credential on one login page, then it login without a issue.
- Then you enter same credential on the other login page, then it throws the above exception.
I would say its a poor way of doing SSO. And yet, yes it is a bug and it should fixed on a upcoming release.
HTH,
DarRay