Authentication header blocked when doing Kerberos authentication (SPNEGO) on CA Access Gateway (SPS)

search cancel

Authentication header blocked when doing Kerberos authentication (SPNEGO) on CA Access Gateway (SPS)

book

Article ID: 418368

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder)

Issue/Introduction

Running CA Access Gateway (SPS), when the browser goes to do Kerberos authentication (SPNEGO), then the Apache Httpd process blocks the Authentication Header intermittently before it reaches the embedded Tomcat server.

The browser receives the error HTTP 400.

Trying to set "worker.ajp13.max_packet_size" to the max value (65536) in the CA Access Gateway (SPS) server.conf doesn't solve the issue.

Resolution

Increase "LimitRequestFieldSize" in CA Access Gateway (SPS) httpd.conf to solve this issue (1).

Additional Information

How to Increase Allowed Header Size for SharePoint Agent / Access Gateway

Feedback

thumb_up Yes

thumb_down No