Large AuthnRequest truncation

Document ID : KB000004952
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

 

I run Secure Cloud and when it processes an assertion, the Policy Server reports error:

[09/28/2016][14:16:14.657][14:16:14][5968][4013198192][AssertionGenerator.java] [invoke][a6f4f4eb-097c0e82-a7329a5c-fd148615-0d697747-c6][][][][][][][][][][] [][][][][][][][][][Error in getting configuration data. Leaving Assertion Generator Framework. Exception: java.lang.Exception: The Federation Web Service didn't send the request with a correct resource!

Internal Exception:

javax.xml.bind.UnmarshalException: Content is not allowed in prolog. and the assertion cannot be processed. 

 

AuthnRequest -> Truncated to 8,191 characters -> Authnrequest CANNOT be decoded using online decoder

 

Environment:
Secure Cloud 1.55;
Cause:

 

It appears that there is a hard set buffer of 8192 bytes to store this AuthnRequest.

 

Resolution:

 

Hotfix provided by SE to resolve the issue:

 

CASecureCloud-1-55-Hotfix008.zip available at page:

 

http://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/technical-document-index/ca-secure-cloud-cumulative-hotfix-packages.html