401 and Kerberos

Question

Hello;&nbsp;
I have following pass-through set and working fine using this link as the guideline:
https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-single-sign-on-11-6-0/9.html&nbsp;
I have a VIP with the following Access Policy:&nbsp;
.....-&gt;HTTP 401 Response -&gt; Negotiate -&gt; Kerberos Auth -&gt; resources...-&gt;&nbsp;
Everything is working fine. User can open a browser and gets authenticated based on the domain/kerberos authentication. 
BUT, if a open a new instance of the browser (lets say I am using IE), 401 Response will not make the pass-through and ask for credentials.&nbsp;
Its like of the browser don't let another 401 session to occurred, maybe?&nbsp;
Please advise&nbsp;
Thank you&nbsp;
J&nbsp;

thibaut_91745 · Answer

Hey,&nbsp;
It's not the same thing that I used to have (I used to have IE ask for my credentials when logging out and laucnhing a new session in the same tab).
This only happened on IE so I looked at the IE settings and found this : http://support.microsoft.com/en-us/kb/2749007
Adding the new key in the registery solved my problem, hoped it will you.&nbsp;

Forum Discussion

401 and Kerberos

1 Reply

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

Troubleshooting Kerberos Constrained Delegation: Strong Encryption Types Allowed for Kerberos

Kerberos is Easy - Part 2

Kerberos Is Easy - Part 1

APM Cookbook: Single Sign On (SSO) using Kerberos

Transparent Kerberos Authentication and APM fallback authentication