I have setup IIS's authentication by enabling Windows Authentication and disabling Anonymous Authentication. When browsing the site I get presented with the following error message:
The request filtering module is configured to deny a request where the query string is too long
Here is the generated URL upon login:
How do I fix this?
4 Answer(s)
Does your initial url which you write to browser contains returnUrl parameter ?
I suppose that your Login action somehow recursively calls itself. If you deny to all anonymous requests, how to go to login page?
Just to give some context...
This is a intranet site and should only allow domain users access. In the web.config the database connection has been set as a trusted connection, which from what I understand indicates that it will be using Integrated Security (AKA Windows Authentication).
In the core module, I have also set Multi Tenancy to false and enabled LDAP authentication.
The web application is running on one server with the database running on a remote server
Both of the servers are on the domainMaybe I am misunderstanding something, but surely it must take me to the Login page for me to enter AD account details which would then be passed to the remote SQL server?
I think I may have found where It is generating the recursive ReturnURL, but don't know how to fix this. Please see below:
public virtual async Task Login(LoginViewModel loginModel, string returnUrl = "", string returnUrlHash = "") { CheckModelState(); _unitOfWorkManager.Current.DisableFilter(AbpDataFilters.MayHaveTenant); var loginResult = await GetLoginResultAsync(loginModel.UsernameOrEmailAddress, loginModel.Password, loginModel.TenancyName); if (loginResult.User.ShouldChangePasswordOnNextLogin) { loginResult.User.SetNewPasswordResetCode(); return Json(new MvcAjaxResponse { TargetUrl = Url.Action( "ResetPassword", new ResetPasswordViewModel { UserId = SimpleStringCipher.Encrypt(loginResult.User.Id.ToString()), ResetCode = loginResult.User.PasswordResetCode }) }); } await SignInAsync(loginResult.User, loginResult.Identity, loginModel.RememberMe); if (string.IsNullOrWhiteSpace(returnUrl)) { returnUrl = Url.Action("Index", "Application"); } ]if (!string.IsNullOrWhiteSpace(returnUrlHash)) { returnUrl = returnUrl + returnUrlHash; } return Json(new MvcAjaxResponse { TargetUrl = returnUrl }); }
As a side note, I have specified a RedirectToAction("Index", "Application") within the Index method of the Home controller to take me directly to the web app instead of the landing page. Could this have something to do with the problem I am be presented with?
On the IIS Manager, under feature delegation, Authentication should have read/write delegation.
After that, you will be able to see login page.But i didn't test the rest with ldap login, please test and share your result :).