Error: HTTP 400 Bad Request: Request Header Too Long
Symptom
When attempting to use SSO for the Published Reports web console (port 8082), you encounter the following error:
HTTP 400 Bad Request (Request Header too long) responses to HTTP requests
Cause
This issue may occur if the user is a member of many Active Directory user groups.
The HTTP request to the server contains the Kerberos token in the WWW-Authenticate header. The header size increases together with the number of user groups. If the HTTP header or packet size increases past the limits configured on the server, the server may reject the request and send an error message as the response.
Resolution
To resolve this error, follow the steps below:
-
For IIS 6.0 and later, the
MaxFieldLengthandMaxRequestBytesregistry keys are located at the following subkey:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters
-
Set the key values as shown in the following table:
Name Value Type Value Data MaxFieldLengthDWORD (4/3 * T bytes) + 200MaxRequestBytesDWORD (4/3 * T bytes) + 200 -
You can also set the registry keys to their maximum values, as shown in the table below. Consider all potential security ramifications before making any changes to the registry settings:
Name Value Type Value Data MaxFieldLengthDWORD 65536 (Decimal) or 10000 (Hexadecimal)MaxRequestBytesDWORD 16777216 (Decimal) or 1000000 (Hexadecimal)
For detailed information on this error message, refer to the full Microsoft documentation: Troubleshooting HTTP 400 Bad Request Responses — Microsoft 🤥.