I am doing ADFS authentication, and when I click the Sign In button from Microsoft Teams, I will be redirected to my URL, and I am getting the following error after the pages gets redirected:
AADSTS90015: Requested query string is too long.
I have tried the following solutions:
HTTP Error 414. The request URL is too long. asp.net
and
Query string is too long
But i couldn't resolve the problem, help me to figure out this problem.
The solutions in the two questions you linked are not complete. Try adding the following to your web.config:
<system.webServer>
<security>
<requestFiltering>
<requestLimits maxQueryString="32768"/>
</requestFiltering>
</security>
</system.webServer>
See:
http://www.iis.net/ConfigReference/system.webServer/security/requestFiltering/requestLimits
You may have to add the following in your web.config as well:
<httpRuntime maxQueryStringLength="32768" maxUrlLength="65536"/>
Of course these numbers are just examples and you don't have to use these exact values in these settings.
Related
I am getting this error when my payment gateway is redirecting user to my react application. Same code works on firebase hosting and doesn't give the error. Redirection url is a POST request
I tried various solutions from Asp.NET Web API - 405 - HTTP verb used to access this page is not allowed - how to set handler mappings
removed WebDav
Assuming there is no CORS issue here.
The issue is the call back to your site is a Post request along with data. Client application's index.html hosted inside IIS is not able to understand how to handle a post request to a html page. You will have to specifically make an entry in Handler Mapping section of IIS configurations.
Inside Request Restrictions add the HTTP Methods you want it for or allow all verbs if it is a specific case.
Or you can directly put it in your web.config with what all verbs you want to allow, as in below snippet
<add name="html" path="*.html" verb="*" modules="IsapiModule" scriptProcessor="%windir%\system32\inetsrv\asp.dll" resourceType="Unspecified" requireAccess="None" />
On the Request Filtering page, switch to the "HTTP Verbs" tab - if you see that "POST" has "Allowed" set to False, this is the cause. Remove this entry or changing it to explicitly be allowed will fix the issue.
I'm using a library that is submitting a "POST" request to a .axd path in my Angular application. Since I am using UI-Router, it seems that the #/ appended to the URL is preventing the request from properly reaching the DLL.
The URL that needs to be reached in the library is:
http://localhost:8080/MyApplication/MyArea/ModuleName#/ThermalLabelWebEditor.axd?_=1478731762000
However, all I am getting back from this "POST" request is the HTML data of the page. I believe this is a symptom of MVC handling the path in its default manner, searching for a page matching the above URL, rather than accessing the DLL.
What I am trying to achieve is something along the lines of
routes.IgnoreRoute("{*anything}/ThermalLabelWebEditor.axd/{*pathInfo}");
However, this is not valid in MVC.
Additionally, I've specified in my Area's Web.config file the httpHandlers required for this library, mainly:
<system.web>
<httpHandlers>
<add path="ThermalLabelWebEditor.axd" verb="*" type="Neodynamic.Web.ThermalLabelEditor.ThermalLabelWebEditor"/>
...
<system.webServer>
<handlers>
<add name="TLWE" path="ThermalLabelWebEditor.axd" verb="*" preCondition="integratedMode" type="Neodynamic.Web.ThermalLabelEditor.ThermalLabelWebEditor" />
Now, I know that I can specify $locationProvider.html5Mode(true); in my Angular module's configuration. However, I would like to avoid doing this if at all possible, as it wouldn't solve the problem for older, non-HTML5 browsers that have to use the # fallback.
How can I configure my Web.config file for this Area (or for the entire MVC application) or the RouteConfig.cs to ensure that the request to ThermalLabelWebEditor.axd will successfully complete?
I'm using MVC 5, .NET 4.6, Angular 1.5.8, and UI-Router v0.3.1.
After much investigation, I have determined that this issue is only fixable on the JavaScript side. There appears to be no way to get IIS to parse # in the path section of the HTTP Handler, even with the use of wildcards. Due to the nature of how the # will short-circuit the URL, IIS is unable to route the request to the HTTP Handler, therefore handling the response instead with standard MVC that is breaking the application. Similarly, even with routes.IgnoreRoute, MVC cannot be configured to interpret the # character.
The solution to this issue is really just to parse the URL before sending the request and removing the #. With this in place, the handler mappings can be configured to look at the route in question MyArea/MyModule/HttpHandler.axd... and intercept with IIS before looking through the MVC structure.
I should note that the reason I am avoiding the use of HTML5 Mode in UI-Router is to preserve browser compatibility. If HTML5 Mode were enabled, the issue would be fixed for HTML5-compliant browsers. However, non-HTML5 browsers will fallback to the # in the URL, thus breaking the application.
I am creating an API with URI template patient/{name} and production URL to http://localhost:8888/patient/{uri.var.name} in WSO2 APIM. Also adding this sequence
<sequence xmlns="http://ws.apache.org/ns/synapse" name="TestSequence">
<property name="REST_URL_POSTFIX" scope="axis2" action="remove"/>
</sequence>
The target URL is not being invoked with this. Can you please let me know what is the issue?
This error can occur due to Invalid URI provided by you, make sure you are using valid endpoint url for the Production Endpoint.
Ok so I've read multiple articles on my topic but none seem to help. I'm trying to accomplish the same thing this guy wanted in this article here.
I used the example stated in the answer (https://{yourserver}/defaultcollection/_apis/git/repositories?api-version=1.0 ) in an angular http get request but I'm getting a 401 error saying the credentials i supplied were not valid.
I then downloaded curl and supplied the following command "curl -u username:password http://{myserver}/defaultcollection/_apis/git/repositories?api-version=1.0" and the result came back the same, html saying i do not have valid credentials. Can someone point me in the right direction so I can pull the projects root branch and childrens branches and data along with it?
Essentially I am searching for a way to pull data from the server and display it on my web app. I'll need branches names and history for each branch and child branch.
Update
So I'm now able cURL into this service using the --ntlm switch that Richard recommended. Now to actually get my app connected to the service I found that I could pass windows credentials using:
withCredentials:true
It no longer gives me a 401 error. Instead I am not getting a new error stating:
XMLHttpRequest cannot load http://{servername}/{defaultcollection}/_apis/projects?api-version=1.0. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access.
What are my next steps to get this working?
Solution
I took what Richard suggested and created my own asp.net web api to communicate with tfs. I was able to modify the web.config file to allow CORS. I added the following lines to the system.webServer section of the file.
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
Doing this has resolved the error message I was receiving and creating a simple api to get specific information was not too hard to do. Thanks for all the help.
In your curl command add --ntlm as an option.
The command should be as follows:
curl -u username:password --ntlm http://{myserver}/defaultcollection/_apis/git/repositories?api-version=1.0
Be aware that the API doesn't currently support CORS. This means you can make API calls from your own server side code without a problem, but you can't make the calls directly from a browser. There's a UserVoice suggestion to enable this that you can vote for.
I am trying to do the following;
From salesforce.com I call http get or post and post a json object using httpRequest system class. but I am getting following exception (it is https):
java.security.cert.CertificateException: No name matching issue mywebsite.com found
I have configured this website in the remote host already. Does anyone have some idea what could be wrong here?
Are you missing a call to req.setClientCertificateName?
I have APEX code where Salesforce calls out to a web service on my site. I protected it with client-side SSL. My website, the host, authorizes the client cert from Salesforce.com (vs traditional web SSL where the browser client authorizes the server cert). You can create a self-signed certificate in Salesforce Admin under Certificate and Key Management and then reference it with a call to req.setClientCertificateName. Here is some code from my production org:
HttpRequest req = new HttpRequest();
req.setMethod('POST');
req.setHeader('Host', 'www.mywebsite.com');
req.setEndpoint('https://www.mywebsite.com/post.asp');
try {
req.setClientCertificateName('Cert_For_MyWebSite');
} catch (System.CalloutException e) {
// The cert doesn't make it to the sandbox
}
req.setHeader('Connection', 'keep-alive');
req.setHeader('content-type', 'text/plain');
req.setHeader('Content-Length', body.length().format());
req.setBody(body);
Http http = new Http();
HttpResponse res = http.send(req);
System.debug(res.toString());
System.debug('STATUS:' + res.getStatus());
System.debug('STATUS_CODE:' + res.getStatusCode());
On the server (IIS 7.5) I enabled the self-signed cert with this web.config:
<configuration>
<system.webServer>
<security>
<access sslFlags="Ssl, SslNegotiateCert, SslRequireCert" />
<authentication>
<iisClientCertificateMappingAuthentication enabled="true" oneToOneCertificateMappingsEnabled="true">
<oneToOneMappings>
<!-- production salesforce -->
<add enabled="true"
userName="salesforce"
password="[enc:AesProvider:aaa...aaa:enc]"
certificate="MIIEaaa...aaa=" />
</oneToOneMappings>
</iisClientCertificateMappingAuthentication>
</authentication>
</security>
</system.webServer>
</configuration>
In my other answer I was thinking about the Salesforce client cert because I remember having headaches sorting it out originally, but maybe the error is with your web server's cert. This might be a simple name matching issue. For example, the cert your server presented to Salesforce was issued to a.company.com but you're trying to use it at b.company.com. That produces a very similar java error message as talked about here and here. Does your browser give any errors when you try your service over SSL?
If you think Salesforce isn't verifying your web server's cert you can try some of the tricks suggested over here for a similar javax.net.ssl.SSLPeerUnverifiedException error. They even point to a list of CAs that are trusted by Salesforce.