Big-IP header authorization size is limited ??

Question

Folks,&nbsp;
I have an iRule that pulls access session variables, base64encode and inserts into header as authorization.   It was working fine until we start to receive too many values in the access session variable.   I can see all the values in the session variable under event logs but the authorization is sending only 880 bytes of base64encoded token to backend servers (Cutting half of the token).   My http header size in the profile is set to default and current header size not even near to that value(32768Bytes).    
&nbsp;
FYI- the incoming session variables are SAML attributes and i'm setting variables(set x [Access::session data get "somesamlvariable"] ) to store these saml attributes and sending them in the header as auth header.  
&nbsp;
Any help is appreciated!&nbsp;

jg · Answer

How did you know it's because of "too many values"? Any error messages in the browser, or in the log?&nbsp;

p_k · Answer

Hi Jie, Thanks for the response!  
&nbsp;
I checked the header size and found its not the issue..&nbsp;
No errors in the logs either .
I tested different users and every user token is cutting at 880 bytes and assumed this is because of the too many values.  
&nbsp;
Anyway, I found that its a limitation probably on the log local0 command. I log the token before sending it to backend servers, The logged token shows 880 bytes of base64encode token but the backend server logs show full token which is good.&nbsp;
In the conclusion, the whole token is being sent to backend but not logging the full token.&nbsp;

jg · Answer

Good to know you've got it sorted - and reported back!&nbsp;

Forum Discussion

Big-IP header authorization size is limited ??

Recent Discussions

user alert on apm logs

Adding New BigIP Units Using Free CPUs on i7800 (LB13 & LB14) to an existing HA Pair

Big-IP ASM automatically removes my hostname

not able to access f5 via ssh and gui

tunnel failed after antivirus avg from trial to full protection

Related Content

OWASP Tactical Access Defense Series: Broken Object Property Level Authorization and BIG-IP APM

Re: Get Started with BIG-IP Virtual Edition (VE), BIG-IQ VE or BIG-IP Cloud Edition Trial

Prepare BIG-IP Central Manager for Automation

Integrate BIG-IP with AWS CloudWAN Service Insertion

F5 BIG-IP SSL Orchestrator Configuration with Advanced WAFaaS