Shulou(Shulou.com)06/01 Report--

This article introduces the knowledge about "how to troubleshoot server HeadersTooLargeException". In the actual case operation process, many people will encounter such difficulties. Next, let Xiaobian lead you to learn how to deal with these situations! I hope you can read carefully and learn something!

causes

There are many permission points in the internal system of the company. The permission transmission of the system cas uses cookies. All permissions are organized into character strings and then written into cookies. When an administrator logs in, all permissions are written to the cookie. Cookies are also carried into the header when the page is requested, resulting in too long header content

error elimination process

When an administrator cannot log in, the first reaction is whether the permissions are configured incorrectly. But by comparison, the permissions are configured correctly.

The second step is to try to delete the newly added permissions, and the login is successful. Add permissions one by one. When adding the last few permissions, login failure occurs.

Subsequent review of ng's error log found that when ng forwarded the request, tomcat of the service returned an error rejecting the request:

Check tomcat catalina log of error application and find error:

As we all know, as long as you see the stack of real error messages, the problem has basically been solved. Below, you can get the error message under google. In tomcat's official website, there is a configuration to change the information. Just modify the maxHttpHeaderSize value in tomcat's server.xml to change the header length.

Login succeeded after modifying the maximum limit of request header. However, this way of directly using cookies to store permission information, whether it is a security issue or a request pressure on the server (each request carries a header of more than 4K, which is terrible to think about). In fact, TGT with cas (cookies in cas) can already determine the current login user and can obtain permissions. The server can add layers to cache the permissions of each user, and directly obtain the permissions and authenticate them according to the token.

This is tomcat configuration information, where: maxHttpHeaderSize is the limit of header length tomcat default setting

"How to troubleshoot server HeadersTooLargeException" content is introduced here, thank you for reading. If you want to know more about industry-related knowledge, you can pay attention to the website. Xiaobian will output more high-quality practical articles for everyone!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.