Hi I'm trying to resolve an issue with Integrated Authentication when a user with a large Group Membership tries to access a site served by Tomcat via IIS ISAPI Redirect.
For all other users, access is fine. For users with 70+ Windows groups, they are failing to be redirected and are getting a 500 error. Basic Authentication works fine. Tomcat 6 IIS 6.0 on Windows 2003 ISAPI 1.2.26 32 bit Access to IIS for the same users (i.e. with no ISAPI filter) is fine. We have explored various Kerberos package size options in initial troubleshooting, but once we realized that IIS alone worked fine, it now appears that whatever is being passed to the ISAPI filter via IIS as part of the Authentication process is exceeding some buffer. The user is prompted for credentials (but shouldn't be) and will fail to get access regardless of what is typed. IE classifies site as Internet, when it isn't (And doesn't get mistrated for other users - i.e. Shows as Local Intranet and no user prompt appears) Can anyone point me in the direction of settings that increase buffer (?) settings related to Integrated Authentication? Any ideas as to where I should focus? (i.e. the ISAPI Filter config end, or Tomcat end?) Thanks!!! -- View this message in context: http://www.nabble.com/Tomcat6%2BISAPI%2BIIS%2BIntegrated-Authentication%2BLarge-User-tp20049325p20049325.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
