Issue with large HTTP headers for ECP authentication

Daudt, Carl crdaudt at
Mon Dec 10 14:52:49 EST 2018

I would like to see what is inside this cookie but am not sure how to decrypt it (or else log what is going into it.  I have the sealer.jsk and sealer.kver files, and also the isp.sealer.storePassword and isp.sealer.keyPassword values.  Can these be used to crack what is inside?  If so, how?


-----Original Message-----
From: users [mailto:users-bounces at] On Behalf Of Cantor, Scott
Sent: Monday, December 10, 2018 11:54 AM
To: Shib Users <users at>
Subject: Re: Issue with large HTTP headers for ECP authentication

If you don't want/need the ECP client to retain sessions for SSO, it can stop remembering the cookie but you don't control this client.

I imagine there's something stale that's not really valid or needed being kept around and accumulating in the cookie, but there are no bugs open on it and I don't see any older commits that might have to do with it if it's a known issue.

-- Scott

For Consortium Member technical support, see
To unsubscribe from this list send an email to users-unsubscribe at

The information in this communication is intended solely for the individual or entity to whom it is addressed. It may contain confidential or legally privileged information. If you are not the intended recipient, any disclosure, copying, distribution or reliance on the contents of this information is strictly prohibited, and may be unlawful. If you have received this communication in error, please notify us immediately by responding to the sender of this email, and then delete it from your system. Taylor University is not liable for the inaccurate or improper transmission of the information contained in this communication or for any delay in its receipt.

More information about the users mailing list