[
https://issues.apache.org/jira/browse/KNOX-2679?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More resolved KNOX-2679.
--------------------------------
Resolution: Fixed
> Trim Pac4j entitlements to avoid cookie too large issue.
> --------------------------------------------------------
>
> Key: KNOX-2679
> URL: https://issues.apache.org/jira/browse/KNOX-2679
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Reporter: Sandeep More
> Assignee: Sandeep More
> Priority: Major
> Fix For: 1.6.0
>
> Time Spent: 1.5h
> Remaining Estimate: 0h
>
> Currently with KnoxSSO if the user is part of too many groups SAML assertions
> that we get back from IdP is huge. This cause hadoop-jwt cookie to not set
> throwing the SSO in a loop.
> Knox does not need groups, groups in knox are figured out based on the
> hadoop-user-group lookup. We should be able to filter out groups from the
> SAML assertion.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
