About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Troubleshooting
Problem
During user attempt to login (authenticate) through WebSEAL, the following error message is encountered: Size of a request header field exceeds server limit.
Symptom
User login / authentication fails.
Cause
The number of groups or roles a user is associated with can cause the contents of iv-creds to make the header larger than the backend server will accept...
Resolving The Problem
In most cases, this can be resolved by modifying the following (default) declaration in the webseald conf file:
max-webseal-header-size = 0
to a fixed value, such as:
max-webseal-header-size = 1024
This will cause webseal to split the header (packet) at the given value if the header size is above the given value. Backend server processes meeting the HTTP 1.1 spec will reconstruct the header if applicable.
[{"Product":{"code":"SSPREK","label":"Tivoli Access Manager for e-business"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"WebSEAL","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All versions","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
More support for:
Tivoli Access Manager for e-business
Software version:
All versions
Document number:
94449
Modified date:
16 June 2018
UID
swg21292171
Manage My Notification Subscriptions