Bug ID 739024: Kerberos auth fails intermittently after upgrade from v14.0.0

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:

Fixed In:

Opened: Aug 02, 2018
Severity: 3-Major


Kerberos auth fails and the client get credentials prompt (although it does not work even when entering credentials).


Kerberos authentication fails.


1. Configure SWG explicit or transparent proxy. 2. Configure start -> 401 negotiate -> variable assign <session.server.network.name = return "your_proxy_fqdn"> (required for Kerberos auth) -> Kerberos auth in main access policy. 3. Configure start -> SSL check -> [HTTPS | HTTP ] -> category lookup -> allow in per-request policy. 4. Send HTTP/HTTPS request from explicit or transparent client.


Change the permission and ownership of the Kerberos keytab file with these commands: chmod 640 <Kerberos keytab file> chgrp root <Kerberos keytab file>

Fix Information

The permission of the Kerberos keytab file will be rw-r----- tomcat root which will make sure Kerberos auth does not fail.

Behavior Change