Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<blockquote> <p>LTPA - Lightweight Third-Party Authentication is a IBM provided mechanism to achieve Single Sign-On between IBM WebSphere servers and Lotus Domino servers. If the server is configured to use LTPA, the server first checks for a valid LTPA token for the SSO domain the server has been configured for. If the LTPA token is not yet present the user must authenticate normally. </p> </blockquote> <h3>Technology</h3> <p>In order for a server to use the LTPA authentication mechanism, it must first be configured to do so. When configuring the usage of LTPA between servers, the servers must be in the same domain (also configured in the LTPA configuration) and use the same LTPA SSO key as each other. Once the user has been authenticated the first time, the server creates two cookies: <code>LtpaToken</code> and <code>LtpaToken2</code>. The latter is the latest version of the token, the former is used for backward compability with older servers. The cookies are encrypted and contains (as a minimum requirement) the user's login. </p> <p>When the same user accesses another server in the same SSO domain, the user will not need to re-authenticate. The server will read the LTPA token and after validating it accept the users authentication.</p> <p>The LTPA token is time sensitive and will eventually expire. As a result it is important that the time on the server is synchronized as the server might otherwise consider a fully valid token as invalid. How long the token is valid for is configured on the server. </p> <h3>More information</h3> <ul> <li><a href="ftp://public.dhe.ibm.com/software/integration/datapower/library/prod_docs/Misc/UnderstandingLTPA-v1.pdf" rel="nofollow">IBM - Understanding LTPA</a></li> <li><a href="http://www-01.ibm.com/support/docview.wss?uid=swg21078845" rel="nofollow">IBM - Security Cache, LTPA Token, and Session Time Outs</a></li> </ul>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload