401 and Kerberos

Question

Hello;&nbsp;
I have following pass-through set and working fine using this link as the guideline:
https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-single-sign-on-11-6-0/9.html&nbsp;
I have a VIP with the following Access Policy:&nbsp;
.....-&gt;HTTP 401 Response -&gt; Negotiate -&gt; Kerberos Auth -&gt; resources...-&gt;&nbsp;
Everything is working fine. User can open a browser and gets authenticated based on the domain/kerberos authentication. 
BUT, if a open a new instance of the browser (lets say I am using IE), 401 Response will not make the pass-through and ask for credentials.&nbsp;
Its like of the browser don't let another 401 session to occurred, maybe?&nbsp;
Please advise&nbsp;
Thank you&nbsp;
J&nbsp;

thibaut_91745 · Answer

Hey,&nbsp;
It's not the same thing that I used to have (I used to have IE ask for my credentials when logging out and laucnhing a new session in the same tab).
This only happened on IE so I looked at the IE settings and found this : http://support.microsoft.com/en-us/kb/2749007
Adding the new key in the registery solved my problem, hoped it will you.&nbsp;

Forum Discussion

401 and Kerberos

1 Reply

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Software Downgrade from version 17.x.x to 15.x.x

Error diskmonitor

CPU utilization of F5OS on r2600

sslprovide (--f5 ssl) does not generate CLIENT/SERVER_TRAFFIC_SECRET on server-side TLS traffic

Hardware replacement i2800 to r2600

Related Content

Troubleshooting Kerberos Constrained Delegation: Strong Encryption Types Allowed for Kerberos

Kerberos is Easy - Part 2

Kerberos Is Easy - Part 1

APM Cookbook: Single Sign On (SSO) using Kerberos

Kerberos Authentication Failing for Exchange 2016 Behind F5 Cloud WAF

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS