Session initiation cookie flood

Ulf Seltmann ulf.seltmann at
Tue Sep 6 07:25:23 UTC 2022


I have a XHR rich website behind an Shibboleth-SP proxy and recently i
noticed 502 bad gateway errors when i came back to a open tab after
quite a while.
Investigating the request chain i found that the proxy buffers where
too low, originating from too big headers. The final issue is tons of
"_opensaml_ss_req*" cookies - a new cookie created with each XHR reqest
- that seem to not expire.

Is there a way to set the expire time of those session initiation

Ulf Seltmann

Hochschule für Musik und Theater Leipzig
Grassistraße 8 | 04107 Leipzig
Tel.: +49 341 2144 681
ulf.seltmann at |
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6554 bytes
Desc: not available
URL: <>

More information about the users mailing list