Forum Discussion
Chandru_01
Nimbostratus
NimbostratusF5 APM Kerberos SSO error log
Dear All,
I have an APM Kerberos (delegation) SSO configured for my sharepoint application, with Radius Auth as the primary authentication. Though everything is working fine as expected, I get the below APM logs:
Mar 9 19:41:08 slot1/Datacenter-SF-Sec notice tmm1[27422]: 01490521:5: /Common/OTP:Common:65297ecb: Session statistics - bytes in: 0, bytes out: 0 Mar 9 19:41:09 slot1/Datacenter-SF-Sec warning tmm1[27422]: 01490531:4: fcf9d73f: Detected invalid host header (). Mar 9 19:41:09 slot1/Datacenter-SF-Sec notice tmm1[27422]: 01490567:5: /Common/OTP:Common:fcf9d73f: Session deleted (no_hostname). Mar 9 19:41:09 slot1/Datacenter-SF-Sec warning tmm1[27422]: 01490531:4: 52959b6e: Detected invalid host header (). Mar 9 19:41:09 slot1/Datacenter-SF-Sec notice tmm1[27422]: 01490567:5: /Common/OTP:Common:52959b6e: Session deleted (no_hostname). Mar 9 19:41:14 slot1/Datacenter-SF-Sec warning tmm[27422]: 01490531:4: 18085054: Detected invalid host header (). Mar 9 19:41:14 slot1/Datacenter-SF-Sec notice tmm[27422]: 01490567:5: /Common/OTP:Common:18085054: Session deleted (no_hostname). Mar 9 19:41:14 slot1/Datacenter-SF-Sec warning tmm[27422]: 01490531:4: 087dd709: Detected invalid host header (). Mar 9 19:41:14 slot1/Datacenter-SF-Sec notice tmm[27422]: 01490567:5: /Common/OTP:Common:087dd709: Session deleted (no_hostname). Mar 9 19:41:14 slot1/Datacenter-SF-Sec notice tmm[27422]: 01490521:5: /Common/OTP:Common:86aec73e: Session statistics - bytes in: 0, bytes out: 0 Mar 9 19:41:15 slot1/Datacenter-SF-Sec notice tmm1[27422]: 01490521:5: /Common/OTP:Common:88965610: Session statistics - bytes in: 0, bytes out: 0 Mar 9 19:41:15 slot1/Datacenter-SF-Sec notice tmm[27422]: 01490521:5: /Common/OTP:Common:704c5724: Session statistics - bytes in: 0, bytes out: 0 Mar 9 19:41:19 slot1/Datacenter-SF-Sec warning tmm[27422]: 01490531:4: 75bfc35b: Detected invalid host header (). Mar 9 19:41:19 slot1/Datacenter-SF-Sec notice tmm[27422]: 01490567:5: /Common/OTP:Common:75bfc35b: Session deleted (no_hostname). Mar 9 19:41:19 slot1/Datacenter-SF-Sec warning tmm[27422]: 01490531:4: 46da5465: Detected invalid host header (). Mar 9 19:41:19 slot1/Datacenter-SF-Sec notice tmm[27422]: 01490567:5: /Common/OTP:Common:46da5465: Session deleted (no_hostname). Mar 9 19:41:22 slot1/Datacenter-SF-Sec notice tmm[27422]: 01490521:5: /Common/OTP:Common:54976d9f: Session statistics - bytes in: 0, bytes out: 0
What is the issue?
Chandru_01Dear All... Could somebody please help? I am trying to implement Radius authentication (application has Kerberos delegation enabled) with Kerberos SSO using APM. Radius auth works fine. But Kerberos fails with the mentioned error.
Hi,
Are you using portal or LTM+APM mode?
Cheers,
Kees
- Chandru_01
I am using LTM+APM mode
Stanislas_Piro2Cumulonimbus
when you work with Sharepoint, the SPN Pattern must be set to %h
SPN Pattern can be:
- Empty : SPN will be constructed with reverse DNS
- HTTP/%s : SPN will be constructed with reverse hostname in local host file
- HTTP/%h : SPN will be constructed HTTP request host name (each application have a different service account with dedicated SPN... this SPN if based on request host header)
- HTTP/%s@REALM : SPN will be constructed with reverse hostname in local host file with different Kerberos Realm than account Realm
- HTTP/%h@REALM : SPN will be constructed HTTP request host name with different Kerberos Realm than account Realm
