Bad Request – Request Too Long

by ·Comments Off on Bad Request – Request Too Long

Product:

Cognos Analytics 11.1.7

Microsoft Windows 2016 server

Issue:
Only one user get a error when running a report in CA11, after he have logged in with SSO, if he do not use SSO with IIS, and instead enter name and password at Cognos dialog, then the report works.

A check of the users – showed he belongs to a lot of domain groups.

net user  donaldduck  /DOMAIN   >  c:\temp\userlist.txt

Error message:

HTTP Error 400. The size of the request headers is too long.

Solution:

Increase the allowed header size on the Cognos Gateway server

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters]

"MaxFieldLength"=dword:00032768

"MaxRequestBytes"=dword:01000000

Login to the server, and start REGEDIT program.

Expand to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters]

Add the DWORD values.

You must restart the Windows server, for the registry changes to take affect.

You may also need to update the TCPIP values:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"MaxUserPort"=dword:0000fffe
"TcpTimedWaitDelay"=dword:00000032

or change the IIS \ibmcognos\bi folders Request Filtering to a higher value, to get the report to work.

 

More information:

https://stackoverflow.com/questions/1097651/is-there-a-practical-http-header-length-limit

Although each web server software has some limitations, there is a difference whether there’s a limit for the HTTP request line plus header fields or for each header field.

Here’s a summary:

  • Apache 1.3, 2.0, 2.2, 2.3: 8190 Bytes (for each header field)
  • IIS:
    • 4.0: 2097152 Bytes (for the request line plus header fields)
    • 5.0: 131072 Bytes, 16384 Bytes with Windows 2000 Service Pack 4 (for the request line plus header fields)
    • 6.0: 16384 Bytes (for each header fields)
  • Tomcat:
    • 5.5.x/6.0.x: 49152 Bytes (for the request line plus header fields)
    • 7.0.x: 8190 Bytes (for the request line plus header fields)

So to conclude: To be accepted by all web servers above, a request’s request line plus header fields should not exceed 8190 Bytes. This is also the limit for each header fields (effectively even less).

You can edit tomcat/conf/server.xml’s HTTP/1.1 Connector entry, and add a maxHttpHeaderSize=”65536″ to increase from the default maximum of 8K or so, to 64K

https://docs.microsoft.com/en-US/troubleshoot/iis/httpsys-registry-windows

https://stackoverflow.com/questions/42862828/how-to-increase-size-limit-for-http-header-value-in-request-for-azure-iis

https://docs.microsoft.com/en-us/troubleshoot/iis/http-bad-request-response-kerberos

https://www.leansentry.com/guide

https://docs.microsoft.com/en-us/iis/configuration/system.webserver/security/requestfiltering/requestlimits/headerlimits/

https://www.leansentry.com/guide/reset-restart-recycle-iis

https://www.ibm.com/support/pages/kerberos-based-single-sign-fails-some-not-all-users