Forum Discussion
David, not that it appears to matter anymore, but for posterity consider this. The different authentication methods (NTLM, Basic, Forms, Kerberos, etc.) have different protocol exchanges. For NTLM, Basic and Kerberos, the client gets a 401 and the server expects an Authorization header in every request. That's essentially what your NTLM SSO profile is doing. For a page that does forms auth, the client must POST some values to a form, in which case the server usually passes back some kind of token - a cookie usually - so that subsequent requests are seen as authenticated. APM's forms SSO looks for a form object, POSTs your credentials to that form, and then looks for the defined response to know if authentication was successful. It looks like you have a mixture of NTLM and forms auth pages. APM does support this sort of environment, but you have to specify which is which. You'd build an NTLM SSO for your regular pages, and potentially different forms SSO profiles for the different forms auth pages (if there's more than one). Then based on the request URI, you can switch the SSO profile.