HTTP Status 400 - Bad Request after upgrading to VIP Authentication Hub 3.2.1
search cancel

HTTP Status 400 - Bad Request after upgrading to VIP Authentication Hub 3.2.1

book

Article ID: 377777

calendar_today

Updated On:

Products

VIP Authentication Hub

Issue/Introduction

After upgrading to VIP Authentication Hub 3.2.1, authentication flows break and Browser shows "HTTP Status 400 - Bad Request" error.

Looking at ingress-nginx-controller pod's log, we can see the HTTP 400 error messages.

Environment

VIP Authentication Hub 3.2.1

Cause

Due to previous vulnerabilities, Spring libraries have been upgraded in 3.2.1. Before upgrade the following settings are working, but not anymore
  max-http-header-size: ${MAX_HTTP_HEADER_SIZE:8kb}

Resolution

Run the following helm upgrade command to set max-http-header-size to 32kb on the factor, authMgr and azserver pods

helm get values ssp -n ssp > ssp-override.yaml

helm upgrade ssp ssp_helm_charts/ssp -n ssp -f ssp-override.yaml --timeout 30m --set ssp.factor.env.jvmOpts="-Dserver.max-http-request-header-size=32000" --set ssp.authMgr.env.jvmOpts="-Dserver.max-http-request-header-size=32000" --set ssp.azserver.env.jvmOpts="-Dserver.max-http-request-header-size=32000" --set ssp.featureFlags.dataseed.enabled=false

Running this command will rolling update the factor, authMgr and azserver pods

Powered by Wolken Software