[33447] in Kerberos
Re: Bad Request: Size of request header field exceeds server limit
daemon@ATHENA.MIT.EDU (Richard E. Silverman)
Tue Jun 7 11:19:11 2011
From: res@qoxp.net (Richard E. Silverman)
Message-ID: <m2sjrl3k1f.fsf@darwin.oankali.net>
MIME-Version: 1.0
X-Complaints-To: abuse@thundernews.com
Date: Tue, 07 Jun 2011 08:25:48 -0400
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
<Charles.C.Slovak@wellsfargo.com> writes:
> Guten Tag Matthias,
>
> Sind Sie weiter gekommen mit diesem Fall? I habe das gleiche Problem.
>
>
> They get the Error:
> Bad Request
> Your browser sent a request that this server could not
> understand.
> Size of a request header field exceeds server limit.
I assume this is in the context of HTTP Negotiate authentication. As
the error message implies, you need to increase the web server's limit
on the size of an individual HTTP header field (if it's Apache, raise
the LimitRequestFieldSize parameter). The usual reason for this is that
the service ticket encoded in the Negotiate header contains a Windows
PAC, which can be several K in size and much larger than a standard
non-Windows ticket.
--
Richard Silverman
res@qoxp.net
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
