You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Kubernetes 1.10 was installed with kubespray on Redhat 7. Node or go not installed.
Client Version: version.Info{Major:"1", Minor:"10", GitVersion:"v1.10.0+coreos.0", GitCommit:"6bb2e725fc2876cd94b3900fc57a1c98ca87a08b", GitTreeState:"clean", BuildDate:"2018-04-02T16:49:31Z", GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"10", GitVersion:"v1.10.0+coreos.0", GitCommit:"6bb2e725fc2876cd94b3900fc57a1c98ca87a08b", GitTreeState:"clean", BuildDate:"2018-04-02T16:49:31Z", GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}
The dashboard is being accessed from a windows laptop using the chrome browser at the following url : https://:6443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login
Execute kubectl command to get Token from Azure (populated in kubeconfig by azure plugin)
Attempt to login to the dashboard https://:6443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login
Use the Azure token to login to the dashboard
Observed result
No error given in the UI, opening the console shows the following error:
Cookie 'jweToken' possibly not set or overflowed because it was too large (4329 > 4096 bytes)!
Expected result
Login successful, redirected to dashboard
Comments
This occurs when group claims are included in the token from azure. It works fine when group claims are not included and the resulting token is smaller.
The text was updated successfully, but these errors were encountered:
skattoju-zz
changed the title
Tokens exceeding 4k in size do not work with the dashboard
Tokens exceeding 4k in size do not work with the kubernetes dashboard
Jun 6, 2018
browser limits the cookie size to 4k. the token have to be somewhere because all the requests send the token. as the token is signed, you can't simply shrink or cut it.
the solution would be to save the token on local storage instead of a cookie, but local storage is not recommended to save a token.
Environment
Kubernetes 1.10 was installed with kubespray on Redhat 7. Node or go not installed.
Client Version: version.Info{Major:"1", Minor:"10", GitVersion:"v1.10.0+coreos.0", GitCommit:"6bb2e725fc2876cd94b3900fc57a1c98ca87a08b", GitTreeState:"clean", BuildDate:"2018-04-02T16:49:31Z", GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"10", GitVersion:"v1.10.0+coreos.0", GitCommit:"6bb2e725fc2876cd94b3900fc57a1c98ca87a08b", GitTreeState:"clean", BuildDate:"2018-04-02T16:49:31Z", GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}
The dashboard is being accessed from a windows laptop using the chrome browser at the following url : https://:6443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login
Steps to reproduce
Observed result
No error given in the UI, opening the console shows the following error:
Cookie 'jweToken' possibly not set or overflowed because it was too large (4329 > 4096 bytes)!
Expected result
Login successful, redirected to dashboard
Comments
This occurs when group claims are included in the token from azure. It works fine when group claims are not included and the resulting token is smaller.
The text was updated successfully, but these errors were encountered: