Ok so I may be pinpointing the exact issue now. As you can see with the client response, you get http_filters.c saying "Response sent with status 302".While the Agent-Portal, after the exact same process the client goes through, gets this: http_filters.c(1129): Response sent with status 422, headers:, referer: http://osticket.domain.com/scp/login.php http_filters.c(958): Status: 422 Unprocessable Entity, referer: http://osticket.domain.com/scp/login.php http_filters.c(958): [client What does this mean.Well doing some googling, status 302 in HTTP responses means the following, "A 302 status is indicating that the requested resource has been temporarily moved to a different URI. Since the location or current redirection directive might be changed in the future, a client that receives a 302 Found response code should continue to use the original URI for future requests."Ok so redirection; thats fine.Status 422 on the other hand is described just as the log says it, "The 422 (Unprocessable Entity) status code means the server understands the content type of the request entity (hence a 415(Unsupported Media Type) status code is inappropriate), and the syntax of the request entity is correct (thus a 400 (Bad Request) status code is inappropriate) but was unable to process the contained instructions. For example, this error condition may occur if an XML request body contains well-formed (i.e., syntactically correct), but semantically erroneous, XML instructions."SO it has to be the plugin; probably somewhere in these two functions:require_once(INCLUDE_DIR.'class.auth.php');class HttpAuthentication extends StaffAuthenticationBackend { static $name = "HTTP Authentication"; static $id = "passthru"; function supportsInteractiveAuthentication() { return false; } function signOn() { if (isset($_SERVER) && !empty($_SERVER)) // User was authenticated by the HTTP server $username = $_SERVER; elseif (isset($_SERVER) && !empty($_SERVER)) $username = $_SERVER; if ($username) { // Support ActiveDirectory domain specification with either // "user@domain" or "domain\user" formats if (strpos($username, '@') !== false) list($username, $domain) = explode('@', $username, 2); elseif (strpos($username, '\\') !== false) list($domain, $username) = explode('\\', $username, 2); $username = trim(strtolower($username)); if (($user = StaffSession:($username)) && $user->getId()) { if (!$user instanceof StaffSession) { // osTicket <= v1.9.7 or so $user = new StaffSession($user->getId()); } return $user; }