We are having some issues regarding configuration of CA SSO Password Services and using Custom Authentication Forms, where we experience different kind of problems in corner cases.
We pretty much try to use the functionality from both html forms and password services forms out of the box, with same parameters and settings, but we will then customize look and feel.
Some of the problems that we encounter is e.g. around SMTRYNO cookie. When a user has failed to login for a number of times with incorrect password, then this will be set in browser - and prevent all other users from actually logging in. Also affecting other users, which aren't locked because the cookie is set in browser. This cookie can of course be deleted, but it is just not very user friendly - and this can also be fixed by setting fcccompatmode=yes in ACO.
So in general, then I am just curious to know, how you actually make the default settings for customized forms, when making HTML Based Authentication forms work with Siteminder Password Services and Password Policies ??