How to confirm APM is sending LOGON_USER and DOMAIN to the application portal

Question

I am getting 401 when hitting an application that is behind APM. How do I confirm that APM is sending Login User to the application after authentication happened ?&nbsp;
Thank-you.
Edouard.&nbsp;

hamish · Answer

If you really want to know, then use tcpdump (Or ssldump if it's an encrypted connection) to actually look at the stream of data between the BigIP and the pool member.&nbsp;
If you use ssldump, you'll need access to the key on the pool member to decrypt the traffic. If you an't get that, you can always drop a proxy in between (Or even another bigIP) and do cleartext between your big and the proxy and then encrypt from the proxy to the pool member.&nbsp;
Other options are getting the app to log headers (if possible). And have it log LOGIN_USER. (I suspect you think this isn't coming through so you may have tried this already). &nbsp;

Forum Discussion

How to confirm APM is sending LOGON_USER and DOMAIN to the application portal

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

VIP in https that redirect to another vip in https

can you help with getting a BigIP virtual edition serial key

In Using the AST tool am I pointing it to TENANTS or to the F5OS(hardware) I have?

2026 is Almost Here

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

Related Content

Introducing the F5 Application Study Tool (AST)

System Prerequisites for Deploying the Application Study Tool

Application Study Tool: Make Grafana Listen on HTTPS

Zero Trust Application Access for Federal Agencies

Automating F5 Application Delivery and Security Platform Deployments

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS