Forum Discussion

Hank_Moody_3649's avatar
Hank_Moody_3649
Icon for Nimbostratus rankNimbostratus
Jan 14, 2019

OWA 2nd Authentication? Exchange Problem?

Hi DevCentral,

 

I deployed iApp Exchange 2010/2013 Template a several times and it was working fine for every customer.

 

On my last customer there's something strange happening. I tried everything to fix it. When I want to authenticate with the test user it gives me after hitting login button a second http-auth prompt where I need to log in with the same data a second time. So after typing 2nd time credentials he forwards me to OWA. On which site is something wrong configured?

 

I tried everything on F5 site. I cannot access customers Exchange so I dont know what I have to tell the customer to change..

 

 

Log: Disabled the SSO for this session: no supported WWW-Authenticate header is found

 

2010
APM
application delivery
exchange
LTM
owa
template

3 Replies

Sort By
  • KeesvandenBos's avatar
    KeesvandenBos
    Icon for MVP rankMVP
    Jan 23, 2019

    Could you add this irule to your virtual server? Hopefully we can see what authentication header/methode OWA is sending.

    when HTTP_REQUEST_RELEASE {
  set LogString "Client [IP::client_addr]:[TCP::client_port] -> [HTTP::host][HTTP::uri]"
   log local0. "============================================="
   log local0. "$LogString (request)"
   foreach aHeader [HTTP::header names] {
      log local0. "$aHeader: [HTTP::header value $aHeader]"
   }
   log local0. "============================================="
}
when HTTP_RESPONSE_RELEASE {
   log local0. "============================================="
   log local0. "$LogString (response) - status: [HTTP::status]"
   foreach aHeader [HTTP::header names] {
      log local0. "$aHeader: [HTTP::header value $aHeader]"
   }
   log local0. "============================================="   
}

    Cheers,

    Kees

    • Hank_Moody's avatar
      Hank_Moody
      Icon for Nimbostratus rankNimbostratus
      Feb 14, 2020

      Hey Kees! I know its been a year now, and the problem came back. I created this topic with my old account (when DevCentral had'nt their weird update).

      I would try these to attach this iRule to the VS, hope it will work.

       

      Gonna send an update here if I tried

       

      Thanks so far!

  • Yoann_Le_Corvi1's avatar
    Yoann_Le_Corvi1
    Icon for Cumulonimbus rankCumulonimbus
    Feb 14, 2020

    Hi,

     

    It may be a mismatch betwee the SSO profile configurerd for OWA and the Authentication mechanisms configured on the OWE Virtual Directory in Exchange. For example, if you do Kerberos SSO and Kerberos is not enable on Exchange ?

     

    Can you provide more detail :

    • Logon page is on APM side or Exchange Side
    • In exchange profile, what is the SSO Configuration enabled ?
    • Is Exchange published via Portal or LTM ?
    • If Portal, what is the SSO profile on the portal configuraiton ?

     

    Cheers