Feature Requse: Change Default Authentication Method
amitayk last edited by
Hi, A lot of people who work in big companies have problems login to some organizational sites becuase the fact those sites try to authenticate the user by using Kerberos. Or as Microsoft put it (sorry for my English): A domain user attempts to browse to a website hosted on Internet Information Services (IIS) 6.0 or higher by using Internet Explorer 6.0 or later. The website is configured to use Kerberos authentication. Instead of receiving the expected web page, the user is presented with an error message similar to the following: HTTP 400 - Bad Request (Request header too long) The cause is: This issue may occur when the user is a member of many Active Directory user groups. When a user is a member of a large number of active directory groups the Kerberos authentication token for the user increases in size. The HTTP request that the user sends to the IIS server contains the Kerberos token in the WWW-Authenticate header, and the header size increases as the number of groups goes up. If the HTTP header or packet size increases past the limits configured in IIS, IIS may reject the request and send this error as the response. If there is a way to add a prefernce which authentication method should be used for a single site it would be wonderful. In chrome this option is available only by using flags and it is quite annoying close all tabes and re-open the browser. Thanks!