Steve_Lyons
Mar 01, 2019Ret. Employee
Multiple Login Attempts Required for Kerberos Constrained Delegation (KCD)
Has anyone run into an issue in which it took 2 or more authentication attempts to finally successfully log into an application using KCD? Below is an example of the use case I am referencing where it takes 3 authentication attempts before a successful login.
Attempt 1: Failed to get a forwardable ticket and SSO halts
Manually Delete Session in APM
Attempt 2: Failed to get forwardable ticket though has a cached ticket
Manually Delete Session in APM
Attempt 3: Has cached ticket and SSO works as expected.
Manually Delete Session and bigstart restart websso to reproduce from attempt 1