Hello,
We are having recurring issues with the auth cookies that makes the request header too large. At the GOOD conference, @dsajdak mentioned that they have identified the root cause and fixed it in their instance. I am starting this topic to see if we can finally get this resolved.
Thanks,
Raj
This is the configuration you’re looking for:
Hi Raj, Thanks for bringing this up. I thought we had solved the problem but it persists. We made one small change - this was set to 10:
oidc_state_max_number_of_cookies: “2 true”
However, we are still having this issue and haven’t had the time to track down what else we might configure. If anyone else has seen this and fixed it, we’d love to know the solution.
Dori
Thank you both. We do have it this parameter set to “5 true”. I will lower it some more.
I also remember that CSCfi ppl saying that they are using the latest mod_auth_openidc and didn’t have this issue.
I believe there were some cases in older mod_auth_openidc where the oidc_state_max_number_of_cookies wasn’t respected and the number of state cookies grew beyond the limit. I think Jupyter allowed me to reproduce the issue, which then disappeared with newer mod_auth_openidc, although I don’t remember anyone which version fixed it.