Form-based Authentication
Form-based authentication is suited to applications that present a login form instead of a dialog box. This sort of authentication configuration makes sense when the application itself is form-based.
Form-based Authentication makes most sense when used with SSO. The typical configuration uses a SuccessRule parameter, which is a means for NetScaler to detect if the SSO was successful or not. If the SuccessRule criterion is met, NetScaler presents the final page, such the User's mailbox, when the application is OWA. If it is not met, NetScaler passes the login page as is to the User so that they can manually enter the credentials – say, when the credentials for SSO are not the same as for NetScaler authentication.
Please take a look at CTX128197 (http://support.citrix.com/article/CTX128197) for an article which shows you how to configure form-based SSO for exchange 2010 through NetScaler.
Authentication flow
Let's take a look at the flow as it should happen:
The client...
