Azure门户:错误的请求-请求太长 [英] Azure Portal: Bad Request - Request Too Long
问题描述
当我尝试运行 portal.azure.com 中修改策略"rel ="noreferrer">内置b2c 修改策略.我打开了门户的2个选项卡.为什么我会收到此错误?
I just received the following error when I tried to run a built-in b2c edit policy from portal.azure.com. I have 2 tabs of the portal open. Why am I receiving this error?
错误请求-请求太长 HTTP错误400.请求标头的大小太长.
Bad Request - Request Too Long HTTP Error 400. The size of the request headers is too long.
注意:我经历了这一样测试 active-directory-b2c时出现错误消息 -dotnet-webapp-and-webapi示例项目.提供的原因是我发送了太多Cookie.这是同样的问题吗?
Note: I experienced this same error message when testing active-directory-b2c-dotnet-webapp-and-webapi sample project. The reason provided was I was sending too many cookies. Is it the same problem?
如果是相同的问题,在删除cookie之前,请不要过时 cookies 创建新的?
If it is the same problem, shouldn't stale cookies be deleted before creating new ones?
我确实看到了很多 https://login.microsoftonline.com
推荐答案
错误 HTTP 400:标头请求的大小太长 通常是由于Cookie过多或太大.
Azure AD B2C的登录通过login.microsoftonline.com,几乎每个Microsoft服务(O365,Azure等)都通过.因此,如果您在这些服务中已经登录了多个帐户,则说明您正在积累Cookie,这将导致此问题.
Azure AD B2C's login goes through login.microsoftonline.com, as does almost every Microsoft service (O365, Azure, etc). So if you've got several accounts that you've signed in to across these services, you're accumulating cookies that will cause this problem.
与最终用户相比,这对于开发人员而言更频繁发生,因为开发人员使用其公司帐户(也许还使用B2C管理员帐户)登录到Azure门户,然后通过多次登录测试其B2C驱动的应用程序.
This is bound to happen much more frequently to developers than end users as developers are logging in to the Azure portal with their corporate account, maybe also with a B2C admin account and then testing out their B2C-powered app with multiple logins.
从长远来看,答案将是允许Azure AD B2C客户指定他们自己的自定义域.这使应用程序的B2C Cookie与login.microsoftonline.com中的所有其他内容隔离开来.截至2019年6月23日,此功能仍在开发中.您可以在Azure AD B2C反馈论坛中对该功能进行投票来支持该功能并跟踪其进度:
In the long term, the answer will be to allow Azure AD B2C customers to specify their own custom domain. This gives the application's B2C cookies isolation from everything else in login.microsoftonline.com. As of 2019-06-23, this feature is still under development. You can support this feature and keep track of its progress by voting for it in the Azure AD B2C feedback forum: Customer-owned domains
但是,在此期间,您可以探索两件事:
-
清除Cookie .这肯定会每次都起作用,而且非常麻烦,尤其是如果将其呈现给您的最终用户.
Clear your cookies. This will definitely work every time, it's just cumbersome, especially if presented to your end users.
Limit the amount of claims you include in your token. The more attributes you include in your policy, you'll end up with longer http requests which give you less margin for cookies from other Microsoft properties
Note: This is the same question as: http 400: size of header request is too long when signing in user using Multifactor authentication
Azure AD B2C允许您使用b2clogin. com 而不是login.microsoftonline.com,它将大大减少您对该问题的暴露程度,因为您将不再与其他Microsoft服务共享Cookie.
Azure AD B2C allows you to use b2clogin.com instead of login.microsoftonline.com which will reduce your substantially reduce your exposure to this issue as you'll no longer share cookies with other Microsoft services.
这篇关于Azure门户:错误的请求-请求太长的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
