- Context: Visual Studio 2013
- Project: ASP. NET MVC
- .NET Framework 4.0 or later.
Here is the story: I created new MVC 5 project wrote wonderful code inside for controller/model/view and tested, everything worked fine with local IIS Express/Visuals Studio Debugging environment. Once I deployed the solution to IIS 7.0, Disabled Anonymous Authentication and enabled, Windows Authentication..Bhoom!! , I started getting this crazy error.
HTTP Error 404.15 – Not Found The request filtering module is configured to deny a request where the query string is too long.
Ok. what’s wrong ? Request filtering is configured on the Web server to deny the request because the query string is too long.
See the Requested Url in the above screenshot, http://localhost:30/LarsUI/Home/Index?ReturnUrl=%2FLarsUI%2FHome%2FIndex%3FReturnUrl%3D……
some part of the query string is a actually a repetitive text that gets appended to the query string and path to make the URL too long and overflow the default length. Here actual issue is because of the authentication mode selected(by default) by the MVC 5 Template, which triggers the ReturnUrl Style of redirection that might lead to an infinite loop if not configured correctly.
Individual User Accounts allows you to have full control of user accounts in your application. Users will be able to register an account with your application, by creating a username and password on the site or by signing in with social providers such as Facebook, Google, Microsoft, Twitter and more..
Remember seeing this window while creating the project? By default the template uses Individual User Accounts, as the authentication mode. So if you look closely in your project folder you can see two files Startup.cs and App_Start/Startup.Auth.cs. These file are placed the project template to help you configure OWIN for the ASP.NET MVC application.
To disable OWIN startup discovery, add the appSetting owin:AutomaticAppStartup with a value of “false” in your web.config.
Read more about configuring and using OWIN.
This appSettings change resolved the login redirection issue for me in IIS 7.0. And if you are experiencing the issue in IIS express, try the following steps
Select the Web Applcaiton project in Visual Studio solution Explorer
Open the ‘Properties’ panel on the right or press F4
Set ‘Windows Authentication’ to ‘Disabled’
Set ‘Anonymous Authentication’ to ‘Enabled’