This is why the most common profile for SAMLResponse is POST. That, or use SAML Attribute Query (uncommon with SAML 2.0).
Tom. > On Nov 14, 2017, at 8:59 AM, Fabio Martelli <fabio.marte...@gmail.com> wrote: > > Hi All, I have some trouble with SAML Authentication through mod_proxy_http. > > It seems that there is a strong limitation to 8k for http response headers: > in particular, my issue is about a redirect URL generated by CAS 5.2_RC4 [1]. > > As you know, this redirection requests results in a specific response header > specification: Location. > > Unfortunately, the redirection URL results to be of ~13k. For this reason, > the Location header is truncated by mod_proxy and the SAML authentication > fails (authentication request results in an invalid XML). > > Is there a known way to address this problem or I need to implement some > custom string compression somewhere? > > I'm quite sure I cannot be alone facing with this kind of problem .... > Please, let me have your help. > > Best regards, > > F. > > [1] > https://github.com/apereo/cas/blob/master/support/cas-server-support-saml-idp/src/main/java/org/apereo/cas/support/saml/web/idp/profile/AbstractSamlProfileHandlerController.java#L386-L403 > > > -- > Fabio Martelli > https://it.linkedin.com/pub/fabio-martelli/1/974/a44 > http://blog.tirasa.net/author/fabio/index.html > > Tirasa - Open Source Excellence > http://www.tirasa.net/index.html?pk_campaign=email&pk_kwd=fm > > Apache Syncope PMC > http://people.apache.org/~fmartelli/ > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/63e1b4dd-e8b6-8cb4-eb1d-7af4ad2b9e91%40gmail.com. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/5A57456B-1D20-4D4D-9DD0-F6A6A149780C%40ucdavis.edu.
