404 error with login.fcc with SP Initiated SAML 2.0

404 error with login.fcc with SP Initiated SAML 2.0

search cancel

404 error with login.fcc with SP Initiated SAML 2.0

book

Article ID: 101617

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign-On SITEMINDER CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder)

Issue/Introduction

When hitting the SP initiated URL, the browser lands on a 404 page of login.fcc.

The login page can be displayed correctly when the browser hits the IDP initiated URL without any parameters.

URL is over 2048 characters long.

Environment

IIS 7.5

Cause

URL is longer than IIS' maxQueryString.

Resolution

The browser receives the IIS return code 404.15. This means "The Request Filtering module rejected a request with a too long query string" (1)(2)(3).

To fix this, increase the value for maxQueryString. It has a default value of 2048, and the browser request query string is 2,248 bytes.

To do this, edit IIS' web.config:

<system.webServer>
<security>
<requestFiltering>
<requestLimits maxQueryString="4096"/>
</requestFiltering>
</security>
</system.webServer>

Additional Information

Feedback

thumb_up Yes

thumb_down No