Large AuthnRequest truncation
search cancel

Large AuthnRequest truncation


Article ID: 4952


Updated On:


CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On



I run Secure Cloud and when it processes an assertion, the Policy Server reports error:

[09/28/2016][14:16:14.657][14:16:14][5968][4013198192][] [invoke][a6f4f4eb-097c0e82-a7329a5c-fd148615-0d697747-c6][][][][][][][][][][] [][][][][][][][][][Error in getting configuration data. Leaving Assertion Generator Framework. Exception: java.lang.Exception: The Federation Web Service didn't send the request with a correct resource!

Internal Exception:

javax.xml.bind.UnmarshalException: Content is not allowed in prolog. and the assertion cannot be processed. 


AuthnRequest -> Truncated to 8,191 characters -> Authnrequest CANNOT be decoded using online decoder



Secure Cloud 1.55;



It appears that there is a hard set buffer of 8192 bytes to store this AuthnRequest.




Hotfix provided by SE to resolve the issue: available at page: