You receive unlimited authentication popup and in proxy real-time monitor, you receive this error
ERROR: Negotiate Authentication validating user. Result: {result=BH, notes={message: gss_accept_sec_context() failed: Unspecified GSS failure. Minor code may provide more information. Request is a replay; }}
"Request is a replay", aka "token replay attack".
The client sends an authentication token that has already been used in another connection.
Such clients are either fatally broken or malicious.
Negotiate credentials authenticate the specific TCP connection on which they are used.
They cannot be reused on other connections or modified once authenticated.
You need to evaluate why there are broken connections or removed the Replay Cache
Cache used in Kerberos technology to store records of user authentication requests.
This mechanism helps protect the infrastructure against replay attacks.
When employing these types of attacks, hackers record user traffic so that they can replay the user's previously sent messages and thereby successfully complete authentication on the proxy server.
When using a replay cache, the authentication server detects the duplicate request and responds by sending an error message.
Storing and comparing Kerberos authenticators can result in a substantial performance penalty for certain storage system workloads.
To fix is you can use this patch if using Artica v4.30 SP206+HotFix, Artica v4.30 SP208
Patch avoid: Request is a replay