Requirements for application support
Single signon for forms authentication is supported on applications that meet the specific requirements. Applications must meet these requirements:
- The login page or pages for the application must be uniquely identifiable with a single regular expression or several regular expressions.
- The login page can include more than one HTML form. However, the login form must be identified by applying a regular expression to the action URIs of each of the login forms. Otherwise, the login form must be the first form in the login page. If we use the action attribute to identify the login form, know the action attribute did not pass through WebSEAL's HTML filtering. The regular expression must match the action URI before it is filtered.
- Client-side scripting can be used to validate input data. However, it must not modify the input data, such as using JavaScript to set cookies in the user browser.
- Login data is submitted at only one point in the authentication process.
- The junction where the authentication request is directed must be the same junction where the login page is returned.
Parent topic: Forms single sign-on concepts