Sandeep More created KNOX-2679:
----------------------------------
Summary: Trim Pac4j entitlements to avoid cookie too large issue.
Key: KNOX-2679
URL: https://issues.apache.org/jira/browse/KNOX-2679
Project: Apache Knox
Issue Type: Bug
Components: Server
Reporter: Sandeep More
Assignee: Sandeep More
Currently with KnoxSSO if the user is part of too many groups SAML assertions
that we get back from IdP is huge. This cause hadoop-jwt cookie to not set
throwing the SSO in a loop.
Knox does not need groups, groups in knox are figured out based on the
hadoop-user-group lookup. We should be able to filter out groups from the SAML
assertion.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
