HTTP Error 400. The size of the request headers is too long in ASP.NET MVC-application

0
votes

We created an ASP.NET MVC application that uses Windows Authentication. We now have the problem that we have some users who get the following error message when accessing the site:

HTTP Error 400. The size of the request headers is too long.

This seems to be due to the users being in too many Active Directory groups.

I already did the following:

I added the following registry keys on the server that is running the web-application:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\MaxFieldLength ==> 65536

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\MaxRequestBytes ==> 16777216

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Lsa\Parameters\MaxTokenSize ==> 65535

I also set the following registry key on the client computer via which I accessed the web-application:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Lsa\Parameters\MaxTokenSize ==> 65535

I then restarted all the computers and tried accessing the web-application again. I am still getting the above error message.

Does anybody have an idea what I can do? How can I further debug and analyze this problem?

1
asp.net-mvciiskerberosrequest-headers
First of all, have you monitored the response server for 400 is http api/2.0 or IIS? It will tell us which tier should we focus on. If the response server is http api, then you should focus on registry. Otherwise, you should focus on IIS configuration and promise the app pool has been recycled.Jokies Ding
The response comes from http api/2.0Alexander
If so, the error should be returned from http.sys instead of IIS. Its strange that modify the registry keys should work. If you wanna digging further. Capture etl and analyze the http.sys log with docs.microsoft.com/zh-cn/archive/blogs/wndp/…Jokies Ding
Besides, have you monitored whether your request header is still over the size of your configuration.Jokies Ding

1 Answers

0
votes

Can you check it again by setting below request length limits as your need in web.config ?

<configuration>
    <system.web>
        <httpRuntime maxRequestLength="1048576" />
    </system.web>
</configuration>

and 

<system.webServer>
   <security>
      <requestFiltering>
         <requestLimits maxAllowedContentLength="1073741824" />
      </requestFiltering>
   </security>
</system.webServer>