Forum Discussion
NimbostratusInsert Authorization header into HTTP
We have a web server with SSO Kerberos, user from windows machine can successfully access to this web server and automatically authorized via SSO. However, MAC book and IPad users are not authorized and they received 401 HTTP error, they need to at least received a login pages and then insert teh user credential manually. I have capture the traffic with Wireshark and noticed truncated Authorization header is missing for MACbook/Ipad user.
Is there a way to add the Authorization header via iRule for MACbook/Ipad users? I have also attached the screenshot of the packet capture for windows user that send Truncated Authorization header.
2 Replies
JGCumulonimbus
The HTTP Authorization request header contains the credentials to authenticate a user agent with a server, usually after the server has responded with a 401 Unauthorized status and the WWW-Authenticate header.(From https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization ).
Did your Mac user get the HTTP header "WWW-Authenticate" in the server response?
Stanislas_Piro2Hi,
F5 can insert negotiate header, but where do you get value of this header?
The server requests only Kerberos authentication, so basic auth won’t work!
Kerberos header value comes from authentication against KDC!
You can configure Kerberos authentication in iPad and Mac OS X! So the best solution is to configure clients to authenticate with Kerberos instead of trying to make it work with an irule.
