Bad Request: Size of request header field exceeds server limit

Richard E. Silverman res at qoxp.net
Tue Jun 7 08:25:48 EDT 2011


<Charles.C.Slovak at wellsfargo.com> writes:

> Guten Tag Matthias,
>
> Sind Sie weiter gekommen  mit diesem Fall? I habe das gleiche Problem.
>
>
> They get the Error:
>         Bad Request
>         Your browser sent a request that this server could not
> understand.
>         Size of a request header field exceeds server limit.

I assume this is in the context of HTTP Negotiate authentication.  As
the error message implies, you need to increase the web server's limit
on the size of an individual HTTP header field (if it's Apache, raise
the LimitRequestFieldSize parameter).  The usual reason for this is that
the service ticket encoded in the Negotiate header contains a Windows
PAC, which can be several K in size and much larger than a standard
non-Windows ticket.

-- 
  Richard Silverman
  res at qoxp.net



More information about the Kerberos mailing list