locked
Header Field Too Long RRS feed

  • Question

  • I have a windows 2012 Server running adfs version 2.0.  I am using adfs to get access to a weblogic server.  When I sign in using firefox, I get bad request header field too long.  If I use IE, I just get http 400 bad request.  In event viewer on the adfs server, I get the below message. 

    Encountered error during federation passive request.

    Additional Data

    Protocol Name:
    Saml

    Relying Party:
    VentureADFS

    Exception details:
    Microsoft.IdentityServer.Web.InvalidRequestException: MSIS7042: The same client browser session has made '6' requests in the last '13' seconds. Contact your administrator for details.
       at Microsoft.IdentityServer.Web.Protocols.PassiveProtocolHandler.UpdateLoopDetectionCookie(WrappedHttpListenerContext context)
       at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.SendSignInResponse(SamlContext context, MSISSignInResponse response)
       at Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolRequest(ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler)
       at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)

    I have already made the changes according to this document with no help.

    <cite class="_Rm">https://support.microsoft.com/en-us/kb/2020943</cite>

    Any suggestions would be helpful.<cite class="_Rm"></cite>

    Monday, November 7, 2016 2:44 PM

All replies

  • Verify that the time on the different servers is not off.

    Also make sure that the token signing certificate are up to date on the application side as well as using the exact ID sometimes the RP Identifier is https://lala/lili where in fact ADFS knows about it as https://lala/lili/ (trailing slash). But that is just an example.


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Monday, November 7, 2016 3:47 PM
  • Everything checks out.
    Monday, November 7, 2016 4:05 PM
  • Can you take and share a sanitized Fiddler capture?

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Monday, November 7, 2016 8:00 PM