Fortinet white logo
Fortinet white logo

Administration Guide

Using Form Based Delegation

Using Form Based Delegation

You can configure FortiWeb to use Form Based Delegation to publish your web servers including OWA/Exchange (2010/2016).

Once the client successfully passes the authentication with FortiWeb, FortiWeb will issue a cookie to track the user session and do form based authentication with the server.

tooltip icon

The FBD configuration does not support the retrieval of dynamic values other than the username and password keys from the HTML authentication form submitted by clients during client authentication. These values cannot be added to the form intended for transmission to the backend server.

To configure a Form based Delegation
  1. Go to Application Delivery > Site Publish > Form Based Delegation.
    To access this part of the web UI, your administrator's account access profile must have Read and Write permission to items in the Server Policy Configuration category. For details, see Permissions.
  2. Click Create New. You can also clone the predefined templates, and edit the settings as your desire.
  3. Configure the following settings. FortiWeb will initiate an authentication request to the server based on the following fields.
    NameEnter a name for the Form based Delegation rule.
    Logon URL Type

    Simple String—Enter a literal URL, such as /folder1/index.htm that the HTTP request must contain in order to match the rule.

    Regular Expression—A regular expression, such as ^/*.php, matching the URLs to which the rule should apply. The pattern does not require a slash ( / ).

    Logon URLEnter the logon URL in simple string or regular expression.
    Form ActionThe URL of the form.
    MethodSelect whether to use GET or POST method to initiate the authentication requests to the server.
    Additional CookiesConfigure to add cookie in the authentication request.
    Username FieldThe keyword of the username field.
    Password FieldThe keyword of the password field.

    Additional Fields

    Enter additional fields to add in the authentication request. The format must be “key=value”

  4. Click OK.

To use the Form Based Delegation, you need to create a Site Publish rule, select HTML Form Authentication for Client Authentication Method, select Form Based Delegation for Authentication Delegation, then choose the Form Based Delegation you have created. See Offloaded authentication and optional SSO configuration.

Using Form Based Delegation

Using Form Based Delegation

You can configure FortiWeb to use Form Based Delegation to publish your web servers including OWA/Exchange (2010/2016).

Once the client successfully passes the authentication with FortiWeb, FortiWeb will issue a cookie to track the user session and do form based authentication with the server.

tooltip icon

The FBD configuration does not support the retrieval of dynamic values other than the username and password keys from the HTML authentication form submitted by clients during client authentication. These values cannot be added to the form intended for transmission to the backend server.

To configure a Form based Delegation
  1. Go to Application Delivery > Site Publish > Form Based Delegation.
    To access this part of the web UI, your administrator's account access profile must have Read and Write permission to items in the Server Policy Configuration category. For details, see Permissions.
  2. Click Create New. You can also clone the predefined templates, and edit the settings as your desire.
  3. Configure the following settings. FortiWeb will initiate an authentication request to the server based on the following fields.
    NameEnter a name for the Form based Delegation rule.
    Logon URL Type

    Simple String—Enter a literal URL, such as /folder1/index.htm that the HTTP request must contain in order to match the rule.

    Regular Expression—A regular expression, such as ^/*.php, matching the URLs to which the rule should apply. The pattern does not require a slash ( / ).

    Logon URLEnter the logon URL in simple string or regular expression.
    Form ActionThe URL of the form.
    MethodSelect whether to use GET or POST method to initiate the authentication requests to the server.
    Additional CookiesConfigure to add cookie in the authentication request.
    Username FieldThe keyword of the username field.
    Password FieldThe keyword of the password field.

    Additional Fields

    Enter additional fields to add in the authentication request. The format must be “key=value”

  4. Click OK.

To use the Form Based Delegation, you need to create a Site Publish rule, select HTML Form Authentication for Client Authentication Method, select Form Based Delegation for Authentication Delegation, then choose the Form Based Delegation you have created. See Offloaded authentication and optional SSO configuration.