I am using Keycloak for authenticating on my spring boot 3 app. When making a request to logout, I get 431 Request Header Fields Too Large. This is not happening with normal users, just the dev users, which carry 260 Roles. I tried server.max-http-request-header-size=20KB server.tomcat.max-http-response-header-size=20KB, but they don't solve the problem. It throws the exception at this line: ResponseEntity logoutResponse = restTemplate.getForEntity(builder.toUriString(), String.class);
@Component
public class KeycloakLogoutHandler implements LogoutHandler {
private final RestTemplate restTemplate;
@Autowired
public KeycloakLogoutHandler(RestTemplateBuilder builder) {
this.restTemplate = builder.build();
}
@Override
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication auth) {
logoutFromKeycloak((OidcUser) auth.getPrincipal());
}
private void logoutFromKeycloak(OidcUser user) {
String endSessionEndpoint = user.getIssuer() + "/protocol/openid-connect/logout";
UriComponentsBuilder builder = UriComponentsBuilder
.fromUriString(endSessionEndpoint)
.queryParam("id_token_hint", user.getIdToken().getTokenValue());
**ResponseEntity<String> logoutResponse = restTemplate.getForEntity(builder.toUriString(), String.class);**
if (logoutResponse.getStatusCode().is2xxSuccessful()) {
log.info("Successfully logged out from Keycloak");
} else {
log.error("Could not propagate logout to Keycloak");
}
}
}
