Need help on SSO-authentication issue

Hi All,

There are 2 URL applications configured under APM; namely, "url1.domain.com" and "url2.domain.com".

Two virtual servers are created for the 2 URLs. The VS for "url1.domain.com" has an Access Profile configured with 'SSO Method' - "NTLMV1". The VS for "url2.domain.com" has an Access Profile configured with 'SSO Method' - "Kerberos".

Referring to the below article, the Access Profile for "url2.domain.com" is created and linked to the 2nd VS. The 'SPN Pattern' configured is "HTTP/url2.domain.com". The 'Kerberos Realm' configured is "domain.com". https://devcentral.f5.com/articles/apm-cookbook-single-sign-on-sso-using-kerberos

When the user tries accessing "url1.domain.com", he is prompted for domain creds.
The username format supplied is "username", and not "domain\username" - if this information helps.
After a successful login, a link pointing to "url2.domain.com" is clicked.
Instead of taking the user directly in, it prompts (basic authentication) for creds again, which is not what is expected.

How do we get the APM to authenticate the user without prompting for creds, when "url2.domain.com" is clicked from within a successfully logged-in page of "url1.domain.com"?

Thanks,

Jimmy

application delivery

BIG-IP Access Policy Manager (APM)

Forum Discussion

Need help on SSO-authentication issue

Recent Discussions

did not show checkbox on chrome while access through f5

How do I create a traffic log for two different route domains?

Flip-flop load balancing

ASM Export JSON - size Limit ?

Can i apply ddos profile on virtual server using port range

Related Content

Open SSO Authentication

F5 APM OWA o365 SSO Form Based Authentication Issues

Regex issue

New iOS F5 Access version (3.1.0) issues

Configuring an Application for Smart Card Authentication and Forms Based SSO Using a Static Username and Password

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS