Base64 image in SAML assertion

Cantor, Scott cantor.2 at
Thu Aug 29 10:22:26 EDT 2013

On 8/28/13 8:20 PM, "MikeWho" <who at> wrote:
>We were considering using that approach for entirely separate reasons (IdP
>is sending SessionNotOnOrAfter field, but client wants us to maintain
>session beyond that), it hadn't occurred to me that it would also solve
>problem of 'big headers'.

Well, it won't really. If it's too big, it's too big. Whether you get a
500 error because of one request or many, it still won't work.

-- Scott

More information about the users mailing list