Forum Discussion

Nimbostratus

Jul 30, 2014

Client side Kerberos problem with Mac OSX 10.9 and Safari 7.0.2

Hi all, I've got a working client side SSO access policy in APM providing access to an internal intranet. It works perfectly with Windows clients (with the right browser config) and I can get it...

BIG-IP Access Policy Manager (APM)

Employee

Aug 05, 2014

What I see is the policy following the Mac-HTTP-401-Response branch for the MAC client, and from there it simply dies. The 401 agent should be sending a 401 WWW-Authenticate header to the client, which should trigger the browser to prompt the user for credentials. If you have a client side capture running you should see this 401, the prompt, and then the request back to the server with an Authorization header containing the user's submitted credentials. I'm guessing if you look at this capture you'll see the 401 response but the client will not do anything with it.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Client side Kerberos problem with Mac OSX 10.9 and Safari 7.0.2

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Enhance your Application Security using Client-side signals

APM Kerberos Auth or fallback to another authentication method

Akamai True-Client-IP Header Persistence

Kerberos SSO without APM?

Serving Moodle App - problem when using https

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS