I’m trying to implement Kerberos SSO (SPNEGO / Integrated Windows Authentication) for a web application in an Active Directory environment.
The application is deployed on OpenShift Kubernetes and exposed via the ingress/routing layer.
Kerberos authentication itself seems to work — my account successfully authenticates and I receive an HTTP 200 response. However, the login flow does not complete. I only get a Kerberos success response, but the rest of the application’s authentication/authorization flow does not proceed.
Additionally, I’m experiencing intermittent authentication issues that I cannot reliably reproduce or isolate.
Has anyone encountered a similar issue with Kerberos (SPNEGO) behind OpenShift ingress? Could this be related to headers, routing, or session handling at the ingress level?
Any suggestions on what to check or debug would be appreciated.