[Openstack] Keystone 8K header size limit

Dolph Mathews dolph.mathews at gmail.com
Wed May 29 19:55:16 UTC 2013


Apologies, none of these configuration settings were documented in
etc/keystone.conf.sample. The last one is the one that controls this
behavior.

  [DEFAULT]

  # enforced by sizelimit middleware
(keystone.middleware:RequestBodySizeLimiter)
  max_request_body_size = 114688

  # limit the sizes of user & tenant ID/names
  max_param_size = 64

  # similar to max_param_size, but provides an exception for token values
  max_token_size = 8192

I also put these docs up for review: https://review.openstack.org/30932



-Dolph


On Wed, May 29, 2013 at 1:23 PM, Miller, Mark M (EB SW Cloud - R&D -
Corvallis) <mark.m.miller at hp.com> wrote:

>  Hi Guang,
>
> We are running into a problem with PKI tokens being greater than 8K and
> having Keystone not able to validate them. Do you know of a workaround?
>
> Mark
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130529/ed7a5b95/attachment.html>


More information about the Openstack mailing list