Hi,
We had a lot of trouble when we setup vRA 6.2 long time ago. Our users could not login because they were in alot of AD-groups. SAML/kerberos and httpheadersize was to big.
The solution we came up with after many many weeks with support was to add the following to Identity Appliance in vRA 6.2.
Identity Appliance 2.2.1.0 Build 2496259
/usr/lib/vmware-sts/conf/server.xml
<Connector acceptCount="100"
connectionTimeout="20000"
executor="tomcatThreadPool"
maxKeepAliveRequests="-1"
maxHttpHeaderSize="65536"
<Connector SSLEnabled="true"
acceptCount="200"
maxHttpHeaderSize="65536"
Now we have the exact same symptoms in vRA 7.1, logs don't say much except 400 bad request when clicking "Next" on login page. Exactly like we had on 6.2.
I have found the value 3 times in /opt/vmware/horizon/workspace/conf/server.xml by just searching for it
maxHttpHeaderSize="32768"
I have tried to change these values to "65536" without success and i don't know if this is the right place or if i need to add it in other config files in the vRA 7.1 solution.
Hopefully someone here have insight how to change this in vRA 7.1 and Identiy Manager.
(VMware Identity Manager 2.7.0.0 Build 4161732)
Any advice or tip where to look and i would be very grateful!
/Best regards