404 error with login.fcc with SP Initiated SAML 2.0

Document ID : KB000101617
Last Modified Date : 15/06/2018
Show Technical Document Details
Issue:
When we hit the SP initiated url, we are landing to 404 page of login.fcc.

We are getting login Page when we hit IDP initiated url without any parameters. 

URL is over 2048 characters long.

Webserver is IIS 7.5
Environment:
IIS 7.5
Cause:
Url is longer than IIS' maxQueryString
Resolution:
Customer receiving 404.15. This means "The Request Filtering module rejected a request with a too long query string" 

To fix this we need to increase the value for maxQueryString. which has a default value of 2048 - customer's query string was 2,248 bytes.

To do this, edit IIS' Web.config:
 
<system.webServer>
  <security>
    <requestFiltering>
      <requestLimits maxQueryString="4096"/>
    </requestFiltering>
  </security>
</system.webServer>


 
Additional Information:
Background reading:
https://blogs.iis.net/ma_khan/troubleshooting-iis-6-status-and-substatus-codes
https://docs.microsoft.com/en-us/iis/configuration/system.webserver/security/requestfiltering/requestlimits/ 
https://stackoverflow.com/questions/11636386/how-to-configure-the-web-config-to-allow-requests-of-any-length