After upgrade to RSSO 19.05: No login-page appears after Kerberos-Authentication has failed

Version 1
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    Remedy Single Sign On


    COMPONENT:

    Remedy Single Sign On


    APPLIES TO:

    RSSO 18.08 and above



    PROBLEM:

    Create realm with a chain Kerberos-->Local
    Open application protected by rsso on the machine not from the KDC domain in IE (this is an IE issue only)
    In pop-up provide some credentials and submit

    Nothing will happen

    In the RSSO server log you will see this e.g.:
    18-10-19 10:15:30.141 [43-exec-24] DEBUG .rsso.servlet.LoginRequestServlet.processRequest(): Incoming request from the url: 'https://yourapp.company.com/support/' for the <domain>@<realm>: '*@*'
    .
    18-10-19 10:15:30.141 [43-exec-24] DEBUG .rsso.servlet.LoginRequestServlet.processRequest(): Using 'Kerberos' authentication. Request will be routed to: 'login'
    .
    18-10-19 10:15:30.141 [43-exec-24] DEBUG .b.r.c.a.e.k.KerberosAuthentication.authenticate(): SPNEGOToken was not found. Requesting Negotiation ...

    Nothing happens after this.

     


    CAUSE:

    Defect DRSMX-23317 Fallback from Kerberos in chain is broken in IE


    SOLUTION:

    There is a hotfix for 19.05 and 19.08, contact BMC support.


    Article Number:

    000175579


    Article Type:

    Solutions to a Product Problem



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles