How to pass User's UPN to internal FBA appliaction.


  • I have a 3rd party FBA application that only recognizes a user's UPN string as the username. i.e. DOMAIN\USERNAME will not work in its FBA username prompt.

    I've gone through the sections on configuring the FormLogin.xml file here: and have been able to successfully get UAG to post the username and password to the FBA application so I know my FormLogin.xml config is working. However, the username syntax is not what the application is expecting (the user's kerberos UPN). Is there a value similar to USER_NAME that passes the Kerberos UPN for the logged in user?

    I also tried enabling UPN auth to see if that would pass the UPN but that doesn't seem to have worked.

    Below is a snip of my xml.

               <CONTROL handling="real_value"> 
               <CONTROL handling="real_value"> 
               <CONTROL handling="real_value"> 





    Mark E. Smith
    Practice Manager, Unified Communications
    Capax Global Consulting
    My Blog -
    Thursday, September 02, 2010 5:29 PM


  • Hi Mark,

    I haven't tried it myself, but you may try the following:

    1.       By taking a look at the instructions in the TechNet article you already mentioned: , change the FormLogin.xml CONTROL element type to be USER_ PROVIDED instead of USER_NAME, like this:
            <CONTROL handling="real_value">





    2.       Then store the user’s UPN in the UAG SessionManager, still as per the instructions of the above TechNet article, as a Session Resource parameter, by creating a [TrunkName][0 for HTTP or 1 for HTTPS] file in InternalSite\inc\CustomUpdate and using this line of ASP script:
           SetSessionResourceParam g_cookie, "<Application ID>", “txtUserName”, "<User’s UPN>"
    Note that you need to use the actual Application ID and the actual user’s UPN. Also note that the Session resource parameter name has to be identical to the <NAME> of the CONTROL as defined in FormLogin.xml, so in your case this seems to be txtUserName.



    Thursday, September 02, 2010 10:57 PM