Developer forum

Forum » Development » LoginError from azure AD

LoginError from azure AD

E-mail notifications
Andreas Pettersson
Reply
Posted on 27/02/2024 09:13:47

Hi,

I have implemented the azure AD connection. But some times i get a LoginError and a banned IP.

Error message:
SQL Injection detected from ip : (Match on QueryString LoginError); expression: (?:'|%27|%22|%26|%3B|;|%3D|%23|%00|%7c|--)(?![ |:|>|{|}]+)(?![A-Za-z0-9]{2,}).{1,}?(?:'|%27|%22|%3B|%3D|%23|%00|%7c|=|%3e|>) key: LoginError; value: IDX21323: RequireNonce is '[PII is hidden. For more details, see https://aka.ms/IdentityModel/PII.]'. OpenIdConnectProtocolValidationContext.Nonce was null, OpenIdConnectProtocol.ValidatedIdToken.Payload.Nonce was not null. The nonce cannot be validated. If you don't need to check the nonce, set OpenIdConnectProtocolValidator.RequireNonce to 'false'.

 

Has anyone had the same issue?

/Andreas


Replies

 
Nicolai Pedersen Dynamicweb Employee
Nicolai Pedersen
Posted on 27/02/2024 09:26:57
Reply

Hi Andreas

Try to add LoginError parameter to the "Ignore the following fields" setting found here: https://doc.dynamicweb.com/documentation-9/platform/advanced-settings/web-and-http#3518

 
Andreas Pettersson
Posted on 27/02/2024 09:30:04
Reply

Hi,

I have already that parameter there



Maybe i cant have space after comma? 

 
Aki Ruuskanen
Aki Ruuskanen
Posted on 31/05/2024 12:52:38
Reply

Hi,

We get the IDX21323 error for a number of users. What could be the source for that error?

Regards / Aki

 
Nicolai Pedersen Dynamicweb Employee
Nicolai Pedersen
Posted on 03/06/2024 09:59:17
Reply

Related to Nonce issue: https://learn.microsoft.com/en-us/answers/questions/1255930/idx21323-requirenonce-is-true-openidconnectprotoco

 

You must be logged in to post in the forum