Forum Discussion
Chandru_01
Nimbostratus
NimbostratusF5 APM Kerberos SSO error log
Dear All,
I have an APM Kerberos (delegation) SSO configured for my sharepoint application, with Radius Auth as the primary authentication. Though everything is working fine as expected, I get the below APM logs:
Mar 9 19:41:08 slot1/Datacenter-SF-Sec notice tmm1[27422]: 01490521:5: /Common/OTP:Common:65297ecb: Session statistics - bytes in: 0, bytes out: 0 Mar 9 19:41:09 slot1/Datacenter-SF-Sec warning tmm1[27422]: 01490531:4: fcf9d73f: Detected invalid host header (). Mar 9 19:41:09 slot1/Datacenter-SF-Sec notice tmm1[27422]: 01490567:5: /Common/OTP:Common:fcf9d73f: Session deleted (no_hostname). Mar 9 19:41:09 slot1/Datacenter-SF-Sec warning tmm1[27422]: 01490531:4: 52959b6e: Detected invalid host header (). Mar 9 19:41:09 slot1/Datacenter-SF-Sec notice tmm1[27422]: 01490567:5: /Common/OTP:Common:52959b6e: Session deleted (no_hostname). Mar 9 19:41:14 slot1/Datacenter-SF-Sec warning tmm[27422]: 01490531:4: 18085054: Detected invalid host header (). Mar 9 19:41:14 slot1/Datacenter-SF-Sec notice tmm[27422]: 01490567:5: /Common/OTP:Common:18085054: Session deleted (no_hostname). Mar 9 19:41:14 slot1/Datacenter-SF-Sec warning tmm[27422]: 01490531:4: 087dd709: Detected invalid host header (). Mar 9 19:41:14 slot1/Datacenter-SF-Sec notice tmm[27422]: 01490567:5: /Common/OTP:Common:087dd709: Session deleted (no_hostname). Mar 9 19:41:14 slot1/Datacenter-SF-Sec notice tmm[27422]: 01490521:5: /Common/OTP:Common:86aec73e: Session statistics - bytes in: 0, bytes out: 0 Mar 9 19:41:15 slot1/Datacenter-SF-Sec notice tmm1[27422]: 01490521:5: /Common/OTP:Common:88965610: Session statistics - bytes in: 0, bytes out: 0 Mar 9 19:41:15 slot1/Datacenter-SF-Sec notice tmm[27422]: 01490521:5: /Common/OTP:Common:704c5724: Session statistics - bytes in: 0, bytes out: 0 Mar 9 19:41:19 slot1/Datacenter-SF-Sec warning tmm[27422]: 01490531:4: 75bfc35b: Detected invalid host header (). Mar 9 19:41:19 slot1/Datacenter-SF-Sec notice tmm[27422]: 01490567:5: /Common/OTP:Common:75bfc35b: Session deleted (no_hostname). Mar 9 19:41:19 slot1/Datacenter-SF-Sec warning tmm[27422]: 01490531:4: 46da5465: Detected invalid host header (). Mar 9 19:41:19 slot1/Datacenter-SF-Sec notice tmm[27422]: 01490567:5: /Common/OTP:Common:46da5465: Session deleted (no_hostname). Mar 9 19:41:22 slot1/Datacenter-SF-Sec notice tmm[27422]: 01490521:5: /Common/OTP:Common:54976d9f: Session statistics - bytes in: 0, bytes out: 0
What is the issue?
Stanislas_Piro2Cumulonimbus
when you work with Sharepoint, the SPN Pattern must be set to %h
SPN Pattern can be:
- Empty : SPN will be constructed with reverse DNS
- HTTP/%s : SPN will be constructed with reverse hostname in local host file
- HTTP/%h : SPN will be constructed HTTP request host name (each application have a different service account with dedicated SPN... this SPN if based on request host header)
- HTTP/%s@REALM : SPN will be constructed with reverse hostname in local host file with different Kerberos Realm than account Realm
- HTTP/%h@REALM : SPN will be constructed HTTP request host name with different Kerberos Realm than account Realm
Chandru_01I am using LTM+APM mode
Hi,
Are you using portal or LTM+APM mode?
Cheers,
Kees
- Chandru_01
Dear All... Could somebody please help? I am trying to implement Radius authentication (application has Kerberos delegation enabled) with Kerberos SSO using APM. Radius auth works fine. But Kerberos fails with the mentioned error.
