In case a user is member of too many groups in the Active Directory (AD) there might occur the following problem:
... the request entity is too large ...
To solve this problem, VertiGIS recommends the following system settings:
Registry
Increase the MaxTokenSize to 32 kb under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters:
- MaxTokenSize = 32000
http://support.microsoft.com/kb/938118/en
MaxTokenSize
Add the following entries (DWORD) under HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters:
- MaxFieldLength = 65534
- MaxRequestBytes = 65534
http://support.microsoft.com/kb/820129/en
MaxFieldLength und MaxRequestBytes
Tomcat
- Add the parameter max_packet_size=65536 in the workers.properties.minimal (C:\Tomcat\conf) and adjust this file as shown in the following:
# workers.properties.minimal -
#
# This file provides minimal jk configuration properties needed to
# connect to Tomcat.
#
# The workers that jk should create and work with.
#
worker.list=worker1
#
# Defining a worker named worker1 and of type ajp13.
# Note that the name and the type do not have to match.
#
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
worker.worker1.max_packet_size=65536
http://tomcat.apache.org/connectors-doc/reference/workers.html
- Edit packetSize in server.xml
- Configure packetSize="65536" for AJP connector (port=8009)
- Configure maxHttpHeaderSize="65536" for HTTP connector (port=8080)
https://tomcat.apache.org/tomcat-9.0-doc/config/index.html
packetSize und maxHttpHeaderSize
Note: After applying these settings IIS (Microsoft Internet Information Services) and Apache Tomcat have to be restarted!
Note: If these settings do not make an impact, you have to further analyze the problem with focused logging. Use the Apache Connector logging under C:\Tomcat\bin\win\isapi_redirect.properties (log_level=trace). Look for entries containing mod_jk one in the log file (C:\Tomcat\logs\isapi_redirect.log).
Comments
0 comments
Please sign in to leave a comment.