This might be related to https://github.com/xrootd/xrootd/pull/970 Basically, instead of forcing the client to repeat the `Authorization` header when redirected (fewer and fewer clients elect to do this anymore), include the information as part of the opaque string. I would be curious: (a) How long is the entire string? (b) Does this happen in the redirector or data server? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/988#issuecomment-492721258 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1