Clientless mode failing to interact with AD

Scenario:

I have a webserice that is being called by some clients. When they hit a webservice, they should enter in a username / password combo for basic authentication. Those credentials should be taken by the APM, and processed in active directory. Here is an image of the flow:

Per this conversation, I am creating this IRule to promt for username/password credentials and allow the APM to perform work.

 

when HTTP_REQUEST {    
    set apmsessionid [HTTP::cookie value MRHSession]
    if { [HTTP::cookie exists "MRHSession"] } {set apmstatus [ACCESS::session exists -state_allow $apmsessionid]} else {set apmstatus 0}
    if {!($apmstatus)} {
         Insert Clientless-mode header to start APM in clientless mode
        if { [catch {HTTP::header insert "clientless-mode" 1} ] } {log local0. "[IP::client_addr]:[TCP::client_port] : TCL error on HTTP header insert clientless-mode : URL : [HTTP::host][HTTP::path] - Headers : [HTTP::request]"}
    }
}

when ACCESS_POLICY_COMPLETED {
    Authentication request for non bowser user-agent session denied
   if { ([ACCESS::policy result] equals "deny") } {
      ACCESS::respond 401 noserver WWW-Authenticate "Basic realm=\"My Web Services Authentication\"" Connection close
      ACCESS::session remove
      return
    }
}

 

However, following that post and using that code, always leads me to the Deny portion. If I use the original solution here, I am able to authenticate successfully.

Am I missing something to add?