2

I'm working on a SAAS application that uses subdomains. For some reason users with long names who are part of companies with long subdomains aren't able to access the app after logging in until the browser does a hard refresh. Until the refresh, they end up in a redirect loop. This seems to be isolated to Chrome and Firefox only. It seems like its an issue with cookie caching but I can't be sure.

Has anyone seen this issue before?

After a little more digging I found this only happens when SSL is enabled. Over http there are no issues.

kroehre
  • 1,104
  • 5
  • 15
  • See [this answer in a possibly related SO thread](http://stackoverflow.com/a/608183/304683) – EdSF Aug 09 '12 at 00:25
  • Thanks @EdSF, but that isn't the issue i'm facing. Authentication works fine across subdomains normally, just not when the subdomain AND the user's name is long, and it's over https. – kroehre Aug 09 '12 at 02:39
  • are you using a wild card SSL certificate? – Joe Aug 23 '12 at 16:17
  • @Joe yep, we are using a wild card SSL cert. – kroehre Aug 29 '12 at 05:38

1 Answers1

0

Resolved this by stripping the cookie down to as small as possible.

Turns out cookies over roughly 1kb require multiple packets to transfer. So, my guess is that only one packet can make it through our load balancer with SSL going? I can't confirm the exact reason behind the issue but it seems to be resolved.

The Forms Auth cookie gets pretty large on its own (due to encryption / validation overhead), so it only takes a few properties to get over 1kb.

kroehre
  • 1,104
  • 5
  • 15