WSO2 User Login Issue using IWA
Question
We are using WSo2 IS 5.0.0 server and have enabled IWA which used windows user object and automatically logs into our application suite. We are seeing a problem where specific set of users are not automatically authenticated using the IWA mechanism. An HTTP 400 response is received for these users. We enabled trace logs on the WSo2 end and were able to track the request to a point after which the request gets terminated for some reason and are unable to see any exception or error in the trace logs.
Below is the link which has the trace for a successful user
Link for Failed User
We need some pointers which will help us understand what is stopping these users from getting logged in.
1 answers
solution1
1 ACCPTED 2016-10-12 19:57:33
According the symptoms you may reach the tomcat's header size limit. The NTLM Negotiation HTTP headers can be pretty large (mainly for users having many groups/roles). In the catalina-server.xml check the maximal header size (maxHttpHeaderSize) on the connector (by default it is 4kB or 8kB). Try to increase it to something more (54kB was ok for us).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.