For long authorization fields the request header size could be over the default limit (8192 bytes) and in this case Jetty replies HTTP 413 (Request Entity Too Large).
This issue may occur if the user is a member of many Active Directory user groups.
The HTTP request to the server contains the Kerberos token in the WWW-Authenticate header. The header size increases together with the number of user groups.
Currently there is no way in Spark to override this limit.