HTTP Form SSO with Dynamic Parameter
I'm setting up a new Webptop with Portal and Weblink resources. I have SSO working with my sites that use Basic auth and now I'm trying to a site that uses Forms-based authentication. The website is hosted externally so I configured it as a Portal resource and applied an SSO object to the Portal resource. When I clink on the link in the Webtop the username and password fields are sent to the server but I'm not able to authenticate. After troubleshooting for a while I found that the website uses a hidden parameter named authenticity_token. This parameter is dynamically generated when you load the login page. When you enter our username and password and click submit the username, password and authenticity_token parameters are sent.
It looks like I should be able use a session variable to send this hidden field. Do I have to assign this variable in my VPE? Or should I use a client initiated form SSO object for this?