MAC book user issue with SSO Kerberos

Question

We have a web server with SSO Kerberos configured. Windows client can easily brows then web site and SSO works fine, however,  MAC book and IPad user receives HTTP 401. I'd like to create a iRules to insert a dummy token into the HTTP header so MAC Book user and IPad users revive login page instead of HTTP 401 and manually  enter username and password. &nbsp;
Any clue would be highly appreciated. &nbsp;
Thanks,&nbsp;

al_7443 · Answer

Perhaps consider using the APM module to present a form-based logon to your clients that fail Kerberos.  APM will use delegation to go and get a Kerbers ticket for your users, and proxy them onto the protected app.  This way you still get AAA without compromising your security.&nbsp;
This article steps you through the concepts and configuration&nbsp;
https://devcentral.f5.com/articles/apm-cookbook-single-sign-on-sso-using-kerberos&nbsp;
If you -really- wanted to make a bad security decision, you could use an iRule to check for an OSX/Ipad user-agent header, and set the Kerberos header.&nbsp;

Forum Discussion

MAC book user issue with SSO Kerberos

Recent Discussions

Big IP DNS Failover

AS3 Limitations

Diameter iRules attachment?

Help needed with iRule (connection closed log )

Use of SSL Decryption.

Related Content

Troubleshooting Kerberos Constrained Delegation: Strong Encryption Types Allowed for Kerberos

Kerberos is Easy - Part 2

Kerberos Is Easy - Part 1

Regex issue

New iOS F5 Access version (3.1.0) issues

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS