rdpgw: OIDC / AzureAD error: "securecookie: the value is too long"

Very interesting project - thought I’d give this a try.

Compiled master (3919a7e)
Configured to use Azure AD for OIDC auth
Getting the following error after successful authentication: securecookie: the value is too long
The service logs this: 2021/02/24 18:46:51 http: superfluous response.WriteHeader call from github.com/bolkedebruin/rdpgw/api.(*Config).HandleCallback (web.go:118)

Any idea? Is there a flag to get more debug output?

Thanks 😃

About this issue

Original URL
State: open
Created 3 years ago
Comments: 15 (5 by maintainers)

Commits related to this issue

Allow filesystemstore for sessions (#15) AD and other IdPs can provide long lists of group membership. This can lead to securecookie too big as this cannot always be stored inside a HTTP header. File... — committed to bolkedebruin/rdpgw by bolkedebruin 2 years ago

Most upvoted comments

@sphr2k make sure your keys in the security section are exactly 32 characters (I fixed the readme in master). That should solve your error

bolkedebruin on Aug 14, 2022

@jH- you can now configure (rdpgw from master) the gateway to use a filesystem store instead of a cookie store for sessions. This should remove this issue at the expense of needing to keep clients connected to the same rdpgw instance during the exchange of credentials. This is typically the case with load balancers, but ymmv. See the rdpgw.yaml template on how to configure this. Let me know if this works for you

bolkedebruin on Aug 11, 2022

Sorry, no, didn’t pursue this. Maybe you could try to put Dex in between?

sphr2k on Aug 10, 2022