Grabbing the user name from HTTP 401 Response from APM

Question

I have users that want to use a custom login different from their UPN and samAccountName. I'm using the 401 because I have windows client apps connecting to a back-end server. 
I need to capture the user name do a lookup against AD (I already have this part) and put the UPN into a SSO session variable. When the client application connect it seems to use Negotiate instead of Basic auth. Even if I have HTTP Auth Level set to basic. &nbsp;
I have read a lot of documentation but I'm still a little confused on my options with the HTTP 401 Response (APM module).&nbsp;

kevin_stewart · Answer

Can you verify:

In the 401 request to the client that there is only one WWW-Authenticate header defined and is using Basic?
WWW-Authenticate: Basic realm="test"

That the corresponding response is NTLM and not Basic.
Authorization: Basic ZHVkZTp0ZXN0

Forum Discussion

Grabbing the user name from HTTP 401 Response from APM

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

UCS Encryption Question

Unblock Request WAF

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

DEVCENTRAL END-USER LICENSE AGREEMENT

Introduction of Incident Response

F5 NGINX API Gateway: Simplify Response Manipulation

SSL Orchestrator Service Extensions: User Coaching

Securing the LLM User Experience with an AI Firewall

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS