Forum Discussion
CirrostratusAPM Basic Authentication giving 401 Authorization error
Hi,
We have an IIS based application which is working fine within our LAN and through a different load balancer from internet. Authentication works well with the existing load balancer. We are trying to migrate this portal to F5 and basic authentication would be done on F5. Authentication works well on F5 but we get Unauthorized/401 error page when we try to access. Server is doing restriction for authentication & authorization based on an AD group. Authentication via F5 works well but fails for authorization.
Also, we have an irule for this VS to pass the authentication
when ACCESS_ACL_ALLOWED { set sessionid [ACCESS::session data get "session.user.sessionid"] HTTP::header insert APM_session $sessionid }
Any clue/suggestions as i am working on APM for the first time.
Thanks
4 Replies
MEminNimbostratus
Hi Nuruddin; I think you should put "Full Resource Assign" Item after "SSO" BR
Seth_CooperEmployee
Based on your question is appears that you are using a basic logon page / AD Auth on the APM but when the traffic is allowed from APM and goes to the web app you are getting a 401 from the web app? Do you have SSO configured for this access policy? You should be able to configured Basic auth in SSO and then when the APM sees the 401 it will respond with the creds needed to authenticate on the backend.
Seth
Nuruddin_Ahmed_Hi Cooper, we have configured SSO and inserting domain name in variable assign (which i distorted in the image)
- Nuruddin_Ahmed_Just checked the back end server logs, F5 is not passing the credentials to the server (username is '-' ). while when we disable the APM then it works fine (authenticated by back end server directly). Not sure what needs to be checked here :(
