4 weeks ago
I’m facing an issue while setting up a SAMLAssertion destination in SAP BTP. I’m encountering a 431 status code when checking the connection for the destination. The 431 status code stands for "Request Header Fields Too Large". This error indicates that the request headers being sent to the server are exceeding its size limits. In my case, this is happening while using SAMLAssertion as the authentication method for an SAP destination.
From what I understand, SAML tokens can sometimes become quite large, and this can cause issues when they are passed in the request headers. However, I’m not sure how to proceed in resolving the issue.
I’ve done some research, but I haven’t come across a definitive solution yet. I’m reaching out to the community to see if anyone has encountered a similar problem and managed to resolve it.
Any advice or suggestions would be greatly appreciated!
Dealing with a 431 status code while using SAMLAssertion in SAP is proving to be quite a challenge. I’d love to hear from anyone who has tackled this issue or has insights into potential solutions.
Hi, thanks for the prompt response!
I am using Cloud foundry environment and nodejs in BAS, SAP hana cloud for db. How should I proceed for this?
Regards,
Shubham
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I have created a backend system using CAPM and now I want to connect this system to Frontend system using destination and for this I want to use SAMLAssertion mechanism for security. While doing so I am encountering 431 error while checking connection in destination. What configuration do I have to implement in BAS to achieve this?
No the frontend part is in different bas space, I have used xsuaa in pacakge.json to use Oauth2ClientCredentials mechanism but it is only working in full stack case not when fortend and backend are in different spaces. In this I have used managed Approuter. There are other protocols mentioned in the destination and in neo I have used SAML so I wanted to use SAMLAssertion in the same way here.
Hi,
We faced the same issue and applied the suggestion of Gregor by making the saml assertion token smaller. We achieved this by limiting the user groups or ad groups in the saml ticket depending on the connected system. We provide a unique identifier to the company idp that will be used to only return a subset of ad groups instead of all.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
79 | |
11 | |
10 | |
10 | |
10 | |
8 | |
7 | |
7 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.