-
-
Notifications
You must be signed in to change notification settings - Fork 249
Home
It may be that you are using the (default) cookie-only session storage of lua-resty-session
library that lua-resty-openidc
depends on and the size of the cookie becomes too large, typically >4096 bytes. See: https://github.com/zmartzone/lua-resty-openidc/issues/32.
Solution: either make the size of the session cookie smaller by having the Provider include less information in the session/claims, or revert to server side session storage such as memcache, see: https://github.com/bungle/lua-resty-session#pluggable-storage-adapters.
Update: since version 2.15 lua-resty-session
has support for "chunked" session cookies, https://github.com/bungle/lua-resty-session/releases/tag/v2.15, so upgrading to that version would also mitigate this issue.