← Back to team overview

openstack team mailing list archive

Re: Keystone 8K header size limit


Thank you Dolph.


From: Dolph Mathews [mailto:dolph.mathews@xxxxxxxxx]
Sent: Wednesday, May 29, 2013 12:55 PM
To: Miller, Mark M (EB SW Cloud - R&D - Corvallis); openstack
Cc: Yee, Guang
Subject: Re: Keystone 8K header size limit

Apologies, none of these configuration settings were documented in etc/keystone.conf.sample. The last one is the one that controls this behavior.


  # enforced by sizelimit middleware (keystone.middleware:RequestBodySizeLimiter)
  max_request_body_size = 114688

  # limit the sizes of user & tenant ID/names
  max_param_size = 64

  # similar to max_param_size, but provides an exception for token values
  max_token_size = 8192

I also put these docs up for review: https://review.openstack.org/30932


On Wed, May 29, 2013 at 1:23 PM, Miller, Mark M (EB SW Cloud - R&D - Corvallis) <mark.m.miller@xxxxxx<mailto:mark.m.miller@xxxxxx>> wrote:
Hi Guang,

We are running into a problem with PKI tokens being greater than 8K and having Keystone not able to validate them. Do you know of a workaround?