HI All.
I've just managed to get Single Sign On working in the Automic AWI. I found that IE would seemingly redirect to a 400 page and Chrome would be stuck obtaining a Kerberos token. I found that it worked with another an admin user account and we thought it was down to browser settings but it was actually the number of AD groups that my user belong to.
The fix is to add the following part to the Connector in the Tomcat Server.xml file.
<Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol"
keystoreFile="a_certificate" keystorePass="a_password"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
maxHttpHeaderSize="16384"
/>
This is the part you need - maxHttpHeaderSize="16384"