HTTP/413 in certain circumstances due to large Authorization headers

Had a user case where a certain user's requests to an Avatica server were met with an HTTP/413 error because the Authorization header was larger than the default allowed 8KB. I'm not sure of the exact circumstances, but something is "special" about the user's Kerberos key (SPNEGO-based auth).

We should allow this to be configurable by the Avatica server and also increase the default (64KB should be more than enough for the present and would avoid more downstream changes).