
Web servers that are exposed to the Internet eventually gain a security feature of limiting the amount of data in the request body. In Apache Httpd, this is provided by the LimitRequestBody directive. This is added to the sample Httpd config file. The limit is set for only the keystone services so it won't affect other services running in Httpd. The value of 114688 was picked because it's the current limit on request body that oslo.middleware's sizelimit function puts on requests to keystone. Use of oslo.middleware's sizelimit re-implementation can be deprecated. Docs: - http://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody ReleaseNotesImpact Closes-Bug: 1481048 Change-Id: I5509e4b65900c15dd0b5fda43b1d5bb4dc3ff5ff
Documentation for running Keystone with Apache HTTPD is in doc/source/apache-httpd.rst