2.5.1 Authenticate Against a Web Server That Is Gated by Forms Authentication
Use Case Diagram
Figure 1: Process for authenticating against a forms authentication server
Preconditions
The protocol client can connect to the server that hosts the document.
The user has permissions to access the document on the server.
The Web server and the protocol client both support the Office Forms Based Authentication Protocol [MS-OFBA].
The Web server is configured such that the user’s identity is established by using forms authentication. The user’s identity is transferred between the protocol client and the server by using the HTTP State Management Mechanism [RFC2109].
The protocol client is configured to store and transmit cookies, as described in [RFC2109].
Main Flow
The user opens the client application and brings up the file open dialog box.
The user navigates to the Web server in the file open dialog box.
The user is presented with a forms authentication logon prompt.
The user enters credentials and authenticates with the server.
The user selects a document from the Web server and chooses to open it in the client application.
Alternate Scenarios
The user chooses to cancel out of the forms authentication logon prompt. This cancels the file open action.
Error Scenarios
The user enters incorrect credentials in the forms authentication prompt three times. This cancels the file open action.