Form based SSO

Have created a working form based SSO, but need to enhance it to preserve the URL, and would like better detection of failure (error conditions that should never occur, occur because humans have fiddled).

 

How should I choose between the options for form based SSO, as we used the "simple" FORM based SSO before? Feel I'm missing useful wizards, or is that how it is with form and cookie pass-thru

 

Are there some more examples around as documentation is spartan?

 

The method to preserve URL seems simple enough as the form takes a hidden parameter, but I noted the form based SSO has less options for testing success than the client initiated form based SSO (for no obvious reason). e.g. presence of cookie as well as cookie contains string (I'm assuming "*" will probably work).

 

Not clear if I can use multiple strings for the match to cookie, since the UI gives a text box, but docs only show one line.