We have a SAML SP service that has been working just fine for years, but they are now updating SSO certificates <https://support.everbridge.com/articles/Technical_Support/59811>, and I'm running into an issue where the Duo flow is breaking because of the length of the URI in the initial SAML request. Specifically, I can get past the password prompt, but once the flow redirects to Duo, Duo's API rejects the response with "414 Request-URI Too Large"
I'm going to contact the vendor support as well, and I suspect that's likely where the issue is coming from, which Duo support suspects as well: * The HAR shows the request and the 414 error returned. I was able to review the SAML request, but only after URL decoding the request twice before I could Base64 decode and Inflate the request.* * Seeing that the SAML request is URL encoded multiple times before being sent to Duo, I suggest reviewing the SP settings to determine why it is encoding the request multiple times, adding to the length and causing the failure. The request URL is 10550 chars long when it returns the 414.* That said, I'm wondering if others have run into this behavior and already know what the resolution is. Thanks! Mike -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEdMQHUjMh9ovF_u3sO3AMDWKK4ev%3DQTorRRXTM8uFv05zAxww%40mail.gmail.com.
