search

DuendeSoftware / Support

Support for Duende Software products
21 stars 0 forks source link

Connect a web form application to duende identity server #1443

Closed geetzkrish closed 1 month ago

geetzkrish commented 1 month ago

Which version of Duende IdentityServer are you using? - 7.0.6

Which version of .NET are you using? 4.8

Describe the bugI am trying to connect to the Duende Identity Server ISUI template from a web form application. After login, when redirecting to the client application, I am getting an 'HTTP Error 400: The size of the request headers is too long.

A clear and concise description of what the bug is.

To Reproduce

Steps to reproduce the behavior.

  1. Run the duende identity server ISUI template.
  2. run that sample web form application.
  3. which will show a login page and after entering credentials getting this error.

Expected behavior

A clear and concise description of what you expected to happen.

after successfull login the client application home page needs to be loaded. Log output/exception with stacktrace

data

Additional context

Add any other context about the problem here. This is the startup page of our web form application.

[assembly: OwinStartup(typeof(SSO_POC_WEB_App_1.Startup))]

namespace SSO_POC_WEB_App_1
{
    public class Startup
    {
        public void Configuration(IAppBuilder app)
        {
            // Cookie authentication middleware
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = "Cookies",
                CookieSecure = CookieSecureOption.Always,
                CookieHttpOnly = true,
                SlidingExpiration = true,
                ExpireTimeSpan = TimeSpan.FromMinutes(60),
            });

            // OpenId Connect middleware to connect to IdentityServer
            app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
            {
                AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Active,
                AuthenticationType = "oidc", //Open ID Connect.  This name appears as a button on the UI when rendered.
                Authority = "https://localhost:5001",
                ClientId = "web",
                ClientSecret = "secret",
                RedirectUri = "https://localhost:44353/",
                ResponseType = "code",
                Scope = "openid", // Add other scopes as necessary
                ResponseMode = "form_post",

                SignInAsAuthenticationType = "Cookies",
                RequireHttpsMetadata = false

            });

        }

    }
}

Image saple redirect uri

RolandGuijt commented 1 month ago

Since this is running on localhost there could be a lot of cookies already present that are sent along on each request. Can you please try clearing all cookies in the browser and then do a new login attempt and let us know how it went?

geetzkrish commented 1 month ago

Since this is running on localhost there could be a lot of cookies already present that are sent along on each request. Can you please try clearing all cookies in the browser and then do a new login attempt and let us know how it went?

Image I cleared all cookies in the browser and attempted a new login. The login page appeared, and I entered the credentials, but after submission, it still redirects to the error page. Could there be a compatibility issue between the WebForm application and Duende Identity Server??

RolandGuijt commented 1 month ago

As cookies do seem to be the problem can you please share what cookies are in place during the process? Maybe by showing a screenshot using the F12 tools in the browser.

Additionally, IIS Express could also be the limiting factor here. Is there a way you can try this out on a test environment with the full IIS?

geetzkrish commented 1 month ago

As cookies do seem to be the problem can you please share what cookies are in place during the process? Maybe by showing a screenshot using the F12 tools in the browser.

Additionally, IIS Express could also be the limiting factor here. Is there a way you can try this out on a test environment with the full IIS?

Hi Roland,

I was working on connecting a web form application to the Identity Server using a sample application. Now, we've moved to a customized version of Identity Server with a different version, and we've successfully established the connection, so we can disregard this issue.

Thank you so much for your response!