Problem

For security reasons (to avoid DoS attacks via very large form content), it is desired to add the maxFormContentSize parameter to the Jetty instance used by PassPort SSO. Where and how should this be done?

Resolution

Modify PP/conf/httpssoserver.xml, and add the following:

<Call name="setAttribute">
<Arg>org.eclipse.jetty.server.Request.maxFormContentSize</Arg>
<Arg>200000</Arg>
</Call>

(or whatever maximum number you want instead of 200000 - the value is in bytes)

then restart PassPort.

Note: this will need to be redone after applying any new version or service pack.