APM SSO Problems

Hello Community,

 

We are facing some problems with APM configured with SSO (NTLMv2).

 

At the first login all works. But if the user fails, the back-end answers directly to the client asking for the credentials (authentication pop-up)

 

From the apm.log i can see the following (F5 release 11.5.1 HF8)

 

debug websso.0[15997]: 014d0001:7: http header [Connection][keep-alive] (len=10) debug websso.0[15997]: 014d0044:7: bda32c91: metadata len 330 debug websso.0[15997]: 014d0001:7: init webssoConfig from data: 0x927ae84, len: 330 debug websso.0[15997]: 014d0001:7: different sso config object received, xxxxx method: 4 debug websso.0[15997]: 014d0001:7: ssoMethod: ntlmv2 usernameSource: session.sso.token.last.username passwordSource: session.sso.token.last.password ntlmdomain: xxxx debug websso.0[15997]: 014d0001:7: ctx: 0x92357e0, CLIENT: TMEVT_REQUEST debug websso.0[15997]: 014d0001:7: ctx: 0x92357e0, CLIENT: TMEVT_REQUEST_DONE debug websso.0[15997]: 014d0001:7: ctx: 0x92357e0, CLIENT: TMEVT_SESSION_RESULT err websso.0[15997]: 014d0026:3: bda32c91: Could not find SSO username, check SSO credential mapping agent setting debug websso.0[15997]: 014d0001:7: ctx: 0x92357e0, CLIENT: TMEVT_SESSION_RESULT err websso.0[15997]: 014d0027:3: bda32c91: Could not find SSO password, check SSO credential mapping agent setting err websso.0[15997]: 014d0028:3: bda32c91: Master Decyrpt failed for ckDecrypt: Ciphertext does not begin with master key prefix debug websso.0[15997]: 014d0001:7: ctx: 0x92357e0, CLIENT: TMEVT_SESSION_RESULT debug websso.0[15997]: 014d0001:7: ctx: 0x92357e0, CLIENT: TMEVT_SESSION_RESULT err websso.0[15997]: 014d0043:3: bda32c91: SSO username is empty - SSO is disabled

 

Thanks in advance,

 

M.