When you have more than roughly 33 google accounts (cross domains) able to access your Jenkins installation you hit googles maximum URL length when the browser is instructed to redirect to the OpenID endpoint.

According to http://stackoverflow.com/questions/4957435/got-414-request-uri-too-large-from-google-when-authenticating-using-spring-secur the correct thing to do is POST the data from the browser rather than redirect with it all in the query string.

I have half an implementation of this here. I will update this if I ever get it working correctly.