Layer 7 Access Management

Tech Tip : CA Single Sign-On : iOS Gmail app shows blank page on login.fcc

  • 1.  Tech Tip : CA Single Sign-On : iOS Gmail app shows blank page on login.fcc

    Posted 03-29-2018 04:16 AM

    Issue:

     

    Running SPS, when a user tries to login, the login page doesn't show up when the browser runs on iOS Mobile device.

    When we check the code that is returned by the IIS Server, we see the following :
    404 15


    Environment:

     

    Policy Server 12.52 SP1 CR00 on RedHat 6
    CA Access Gateway (SPS) 12.52 SP1 CR04 on RedHat 6

    Cause:

     

    The return code that IIS sends when accessing the login page is 404 15 which means:

    Request Filtering: Denied because query string too long (IIS 7)

    IIS error log code (sc-status and sc-substatus)
    http://www.zquad.in/2010/07/iis-error-log-code-sc-status-and-sc.html

    This happens as there is a limit in request query for IIS :

    Request Limits <requestLimits>
    https://docs.microsoft.com/en-us/iis/configuration/system.webServer/security/requestFiltering/requestLimits/


    Resolution:

     

    On IIS, add the following to your web.config:

    <system.webServer>
    <security>
    <requestFiltering>
    <requestLimits maxQueryString="32768"/>
    </requestFiltering>
    </security>
    </system.webServer>

    Where maxQueryString is set to a higher value to match the possible queries you may expect. Check with the IIS administrator to set a reasonable value for the maxQueryString parameter.

     

    KB : 000072458