Hello Kerberos Community.
At the organisation where I work we are trying to achieve SSO authentication using Kerberos mechanism on the following setup: - physical load-balancer (machine1) receiving incoming http sessions, but redirecting the traffic to a WebLogic Server (machine2). The application deployed on the WLS instance is the one expected to allow or disallow a user to login, but the exposed URL is the one of the frontend Load Balancer. The Service Account in MS AD has an account with the logon HTTP/ machine1.mydomain....@mydomain.com Is this correct ? Our WebLogic instance has the keytab of machine1 as a parameter, but is not able to allow automatic login for users. We only managed to make it work with an SPN of HTTP/ machine2.mydomain....@mydomain.com and accesing the URL exposed by machine2, but this is not what we want. Thank you in advance for any advice about what we might be missing. Regards, Adrian ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos