融合备份一体机:在 2.7.6 升级后,使用 AD/LDAP 凭据访问 DPC 时出现间歇性访问问题和 SSO 失败。
Summary: 在 IDPA 2.7.6 升级/DPC 19.9 升级后,DPC 在尝试使用 AD/LDAP 凭据执行此操作时显示访问和 SSO 问题。
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
- AD/LDAP 源在 DPC 中配置,当尝试使用 AD/LDAP 凭据访问 DPC 时,它会间歇性地失败并显示此错误,有时它可以正常工作。然而,更重要的是,如果cookie和缓存被清除,这不是一个永久的解决方案。
- 当使用 AD/LDAP 凭据进行日志记录时,集成到 DPC 中的系统的 SSO 将失败,并显示相同的错误。
- 开发人员工具显示 502 bad gateway 错误。
2024/04/09 10:53:10 [error] 64587#64587: *14150 upstream sent too big header while reading response header from upstream, client: 172.26.130.97, server: xxxxx.xxxxx.xxxxx request: "GET /auth/realms/DPC/protocol/openid-connect/authscope=openid+profile&response_type=code&redirect_uri=https%3A%2F%2Fxxxxx.xxxxx.xxxxx&state=YWK9IJANc0Tn9c8dhSA_MAOfja3DSairR_Ag8kLker4&nonce=uPOO0ZLBU9WzHhuaR45e6q7PqYCbYOEi8Kk5sttJA5I&client_id=98ce7c21-0ec2-4d9b-9bde-125d940f212f HTTP/1.1", upstream: "https://127.0.0.1:8143/auth/realms/DPC/protocol/openid-connect/auth?scope=openid+profile&response_type=code&redirect_uri=https%3A%2F%2Fmin-dp-idpa01-dpc-01.vcdservices.local&state=YWK9IJANc0Tn9c8dhSA_MAOfja3DSairR_Ag8kLker4&nonce=uPOO0ZLBU9WzHhuaR45e6q7PqYCbYOEi8Kk5sttJA5I&client_id=98ce7c21-0ec2-4d9b-9bde-125d940f212f", host: "xxxxx.xxxxx.xxxxx", referrer: "https://xxxxx.xxxxx.xxxxxx/"
Cause
当 NGINX 处理响应标头时,它会对它可以处理的标头大小设置限制。如果标头超过此限制,NGINX 将拒绝连接,这会导致 502 错误网关错误。
Resolution
1.在 etc/nginx/nginx.conf 文件中,设置变量后添加以下行 keepalive_timeout 。
proxy_buffer_size 128k; proxy_buffers 4 256k; proxy_busy_buffers_size 256k;
2.保存此配置。
3.重新启动 nginx 服务
service nginx restart
4.如果行为发生更改,请再次测试。
Affected Products
Data Protection CentralArticle Properties
Article Number: 000225360
Article Type: Solution
Last Modified: 27 May 2024
Version: 2
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.