BI4.1 SP04 Patch 4
I've gotten the following working successfully:
AD SSO via Tomcat
AD Silent SSO via Tomcat
Non-SSO via Apache (mod_jk) and Tomcat
AD Silent SSO with Hardware Load Balancer and Tomcat.
I'm stuck on Silent SSO with Apache (mod_jk) and Tomcat. I get an HTTP 400 (Bad Request) on the following URL:
http://idsbidev/BOE/portal/1411040809/BIPCoreWeb/VintelaServlet?vint_backURL=%2FInfoView%2Flogon.faces&vint_cms=<cms name>%3A6400
I increased the header size on the AJP connector with "maxHttpHeaderSize="65536"". I also increased Apache's header limit with "LimitRequestFieldSize 65536", and the mod_jk workers' limit with "worker.ajp13.max_packet_size=65536" (before doing that, I got 413 errors).
The weird thing is, the Tomcat access log implies that the request from mod_jk is empty:
10.255.0.141 - - [05/Nov/2014:11:15:38 -0500] "GET /BOE/portal/1411040809/BIPCoreWeb/VintelaServlet?vint_backURL=%2FInfoView%2Flogon.faces&vint_cms=AD1HFDBOW010%3A6400 HTTP/1.1" 401 166
10.255.0.141 - - [05/Nov/2014:11:15:38 -0500] "-" 400 -
The 401 on the first line is expected, as it's the authentication challenge. But the second indicates that the request is empty.
Has anyone gotten AD Silent SSO to work with Apache and Tomcat?