From Bart Bultinck's blog:
Last week(s) i've been looking for a solution on how to implement form based authentication for extranet scenarios towards sharepoint portal server (and wss).
I ended up with a solution using ISA2004 and a third party filter from Collective Software. (for being correct i used 2 filters from this company)
Using this third party filter called flexauth you can enable form based authentication for your sharepoint solution, apply branding (custom layouts, css) to it (what is also possible with OWA form based auth (but not supported)) and also use it as some kind of Single sign on (not sharepoint SSO) for your internal websites and applications.It spans over multiple listeners by establishing a session for *.somedomain.tld so if you have for example extranet.somedomain.tld and webmail.somedomain.tld you don't need to re-authenticate all the time. It uses LDAP (secure & unsecure) for doing authentication. and furhtermore for mobile, OMA, ActiveSync, and other clients, FlexAuth automatically provides Basic Authentication services (using the normal annoying pop up window)
Pretty nice huh !
We also acquired the webdirect filter that auto transforms all http to https (in sharepoint the annoying thing is that you might have http:// hardcoded links, so these are auto transfered to https:// for your extranet publishing.
Another benefit is that alerts you had created using the http:// site and that you click on through your OWA for example are now working from the outside to 😉
We enabled the flexauth filter also over the standard OWA form based filter that comes with ISA because of the support for branding and the capability to provide Single sign on for OWA and our portal (so you don't have to re- authenticate if you are displaying owa webparts)
Collective Software only provides support engaged through email but they respond pretty quick, and their support is excellent. (using live meeting …)