Issue with large HTTP headers for ECP authentication

Cantor, Scott cantor.2 at
Mon Dec 10 15:08:00 EST 2018

The other "fix", really a workaround, is to turn off sessions for ECP. There's no supported way, but grepping for idp.session.enabled in the system files will locate the places the property is used to populate the activationConditions for the actions that would avoid doing anything with the cookie. You'd have to override those with scriptlets, expressions, or Java code to check for ECP (a Spring expression like "#input.isBrowserProfile()")

I'm not suggesting that but it may well work. Most of the direct property -> true/false settings are gradually being replaced with full support for plugging in conditions so just file an RFE and I'm sure we can get it included down the road.

-- Scott

More information about the users mailing list