I have an external IdP, where I am not in control of the number of groups/roles. (Azure AD) And the header "Cookie" that is generated by STS (Ws Fed) exceeds the limit.
"Bad Request - Header Field Too Long HTTP Error 400. A request header field is too long."
System: .NET6 Web App+ IIS 6
Already tried:
added
<system.web><httpRuntime maxRequestLength="16777210" maxRequestHeadersTotalSize="131068"/></system.web>to web.configadded to web.config
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="16777210">
<headerLimits>
<add header="Cookie" sizeLimit="131068" />
</headerLimits>
</requestLimits>
</requestFiltering>
</security>
defined MaxFieldLength and MaxRequestBytes (Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters)
added
builder.Services.Configure<IISServerOptions>(options =>
{
options.MaxRequestBodySize = int.MaxValue;
options.MaxRequestBodyBufferSize = int.MaxValue;
});
I was able to make it work on Kestrel: kestrelOptions.Limits.MaxRequestHeadersTotalSize = int.MaxValue, but I need to make it work with IIS.