Slow Processing of SAML assertion

Question

I have a page that doesn't have a fully functional SSO process. It only receives a SAML assertion and processes a login. After an upgrade to CF 2023, the processing takes 30 seconds. On CF 2018 it was 2-3 seconds. I created a test page that simply dumps the assertion. Just the dump (no other processing) also takes 30 seconds. I tried sending the test page a field of plain text that was equal in length to the assertion, and it dumped in 2-3 seconds. Any ideas as to what could cause this slowness only with the SAML assertion?

Bob2841038875de · Accepted Answer

I found the cause myself so I thought I would post it in case it helps anyone in the future. We had expanded the RegEx in neo-security.xml that attempts to replace XSS attempts with the text "Invalid Content". When I rolled this back to the default version, the problem disappeared.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded