The Tomcat maxhttpheadersize settings are not large enough to cause SSO logon failures

2016-11-06 xxxx Org.apache.coyote.http11.Http11Processor-Error Parsing HTTP request Header Note:further occurrences of HTTP header parsing errors'll be logged at DEBUG Lev El.java.lang.IllegalArgumentException:Request header is too large at Org.apache.coyote.http11.InternalInputBuffer.fill (Internalinputbuffer.java:512) at Org.apache.coyote.http11.InternalInputBuffer.fill (Internalinputbuffer.java:501) at Org.apache.coyote.http11.InternalInputBuffer.parseHeader (Internalinputbuffer.java:393) at Org.apache.coyote.http11.InternalInputBuffer.parseHeaders (Internalinputbuffer.java:268) at Org.apache.coyote.http11.AbstractHttp11Processor.process (Abstracthttp11processor.java:1011) at Org.apache.coyote.abstractprotocol$abstractconnectionhandler.process (Abstractprotocol.java:623) at Org.apache.tomcat.util.net.jioendpoint$socketprocessor.run (Jioendpoint.java:318) at Java.util.concurrent.ThreadPoolExecutor.runWorker (Threadpoolexecutor.java:1142) at Java.util.concurrent.threadpoolexecutor$worker.run (Threadpoolexecutor.java:617) at Org.apache.tomcat.util.threads.taskthread$wrappingrunnable.run (Taskthread.java:61) at Java.lang.Thread.run (Thread.java:745)

The default Maxhttpheadersize setting for Tomcat seems to be 4K, and we've increased it to 8K, which is 8192. In the case of an upgrade, the customer has reported that the SSO feature is not available. It was later discovered that we covered the customer-defined maxhttpheadersize value, and the customer defined 32K. Because the customer complex network, may automatically add some other parameters in the URL, causing the URL to pass too much, the default 8K is not enough, there will be the above error in the background. When the maxhttpheadersize value is increased, the error disappears and the problem is resolved.

The Tomcat maxhttpheadersize settings are not large enough to cause SSO logon failures