For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

InnO's avatar
InnO
Icon for Nimbostratus rankNimbostratus
Sep 14, 2015

Username in APM Reports - VIP using Kerberos SSO

Hi,   I know this question was raised a bit in the past, but my guess is that it had no solution or answer.   I have a VIP which my users access leveraging Kerberos SSO through an APM policy....
BIG-IP Access Policy Manager (APM)
management
security
InnO's avatar
InnO
Icon for Nimbostratus rankNimbostratus
Sep 22, 2015
Yes @boneyard, that is exactly a HTTP401 + Kerberos Auth. The thing is reports in APM probably do not get the username from the standard session variables (session.logon.last.username and logonname). Asked F5, and the workaround they provided me did the trick. I added a logging event box at the end of the VPE, configured to log session.logon.last.username for instance, then using custom reports, checked the session variable value to be displayed. This worked, but that would be cool to have something more consistent. Asked F5, and the workaround they provided me did the trick. I added a logging event box at the end of the VPE, configured to log session.logon.last.username for instance, then using custom reports, checked the session variable value to be displayed. This worked, but that would be cool to have something more consistent.