This content has been marked as final. Show 2 replies
It seems this is a platform dependent issue. With WebLogic 10.3.5 (x64) on RedHat Linux 5.5 (x64), Kerberos authentication with the latest JRockit (currently 28.2.4) works fine towards a Windows 2008 Active Directory.
It could be related to the size of the kerberos ticket (not sure here, just a guess).
When a user belongs to many groups, it affects the size of the ticket, some tips are provided here: http://support.microsoft.com/kb/327825
(not related to JRockit, but to the MaxTokenSize in the Windows registry).
Could also run into trouble when using a front-end such as Apache HTTP Server (and WebCache)
- http://httpd.apache.org/docs/2.2/mod/core.html (set the LimitRequestFieldSize http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestfieldsize appropriately)
- WebCache: WXE-11355 Single request header length exceeds configured maximum. A forbidden error response is returned to the client. Client IP: %s error
- Cause: One of the headers in the request exceeded the configured maximum.
- Action: Adjust the maximum individual header size limit in the Security page of OracleAS Web Cache Manager. If the problem persists, contact Oracle Support Services.