I am moving away from using cookies to a server-side for my application's session storage because of the size of the session object. Our application uses lua-resty-openidc integrated with Azure AD and I believe the security code generated by Azure is too large and thus the size of the session is also huge.
Environment
lua-resty-openidc version -1.7.3
OpenID Connect provider -Azure AD
Expected behaviour
We have to choose Memcache for the session storage. I put in all the configurations as mentioned by lua-resty-session but the creation of session fails.
Actual behaviour
The session is not created successfully. The error I see in the logs are as follows,
/usr/local/share/lua/5.1/resty/session.lua: in function 'new'
/usr/local/share/lua/5.1/resty/session.lua:571: in function 'open'
/usr/local/share/lua/5.1/resty/session.lua:611: in function 'start'
access_by_lua(lb.conf:225):2: in function <access_by_lua(lb.conf:225):1>, client: 10.244.1.5, server: xyz-dev.eo.tools, request: "GET /browse/homepage HTTP/1.1", host: "xyz-dev.eo.tools"
I would expect that the exceptions provide more specific details.
My nginx.conf file
user www-data;
worker_processes auto;
error_log stderr warn;
pid /run/nginx/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /etc/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'$request_time $upstream_response_time $pipe $upstream_cache_status';
access_log /dev/stdout main_timed;
error_log /dev/stderr notice;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites/*.conf;
lua_shared_dict sessions 1m;
lua_shared_dict sessions_locks 1m;
server {
set $session_storage memcache;
set $session_memcache_prefix sessions;
set $session_memcache_connect_timeout 1000; # (in milliseconds)
set $session_memcache_send_timeout 1000; # (in milliseconds)
set $session_memcache_read_timeout 1000; # (in milliseconds)
set $session_memcache_socket unix:///var/run/memcached/memcached.sock;
set $session_memcache_host aks-nodepool1-42857599-vmss000000;
set $session_memcache_port 5000;
set $session_memcache_uselocking on;
set $session_memcache_spinlockwait 150; # (in milliseconds)
set $session_memcache_maxlockwait 30; # (in seconds)
set $session_memcache_pool_name sessions;
set $session_memcache_pool_timeout 1000; # (in milliseconds)
set $session_memcache_pool_size 10;
set $session_memcache_pool_backlog 10;
}
}
Could somebody help me find out what I am missing!
I am moving away from using cookies to a server-side for my application's session storage because of the size of the session object. Our application uses lua-resty-openidc integrated with Azure AD and I believe the security code generated by Azure is too large and thus the size of the session is also huge.
Environment
lua-resty-openidc version -1.7.3 OpenID Connect provider -Azure AD
Expected behaviour
We have to choose Memcache for the session storage. I put in all the configurations as mentioned by
lua-resty-sessionbut the creation of session fails.Actual behaviour
The session is not created successfully. The error I see in the logs are as follows,
I would expect that the exceptions provide more specific details.
My
nginx.conffileCould somebody help me find out what I am missing!