This provider is required when registration is set to automatic. It can also be used to enable SSO into SAP servers in place of the deprecated SAPSSOTokenLoginModule.
The LoginModule validates standard username/password style credentials by passing them to a Web server. Configure the URL property to point to a Web server that challenges for basic authentication.
This provider is enhanced to authenticate the user by validating a token specified by the client by sending the configured client values to the HTTP backend in the specified format (header/cookie). Any parameter value, for example personalization parameter, http header, or http cookie can be specified in the ClientHttpValuesToSend property so that the provider can retrieve the value of the configured parameter(s) and pass them to the Web server in the format required by the SendClientHttpValuesAs configuration property.
For example, SiteMinder is often used in mobile deployments to protect existing Web-based applications. Existing users point their browser at a URL, and SiteMinder intercepts an unauthenticated session to challenge for credentials (Basic). When the authentication succeeds, it returns a SMSESSION cookie with a Base64-encoded value that can be used for SSO into other SiteMinder enabled systems.