Lightweight Third-Party Authentication (LTPA), is an authentication technology used in IBM WebSphere and Lotus Domino products. When accessing

web server A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initiate ...

s that use the LTPA technology it is possible for a web user to re-use their login across physical servers. A Lotus Domino server or an IBM WebSphere server that is configured to use the LTPA authentication will challenge the web user for a

name A name is a term used for identification by an external observer. They can identify a class or category of things, or a single thing, either uniquely, or within a given context. The entity identified by a name is called its referent. A personal ...

and password. When the user has been authenticated, their browser will have received a session cookie - a cookie that is only available for one browsing session. This cookie contains the LTPA token. If the user – after having received the LTPA token – accesses a server that is a member of the same authentication realm as the first server, and if the browsing session has not been terminated (the browser was not closed down), then the user is automatically authenticated and will not be challenged for a name and password. Such an environment is also called a single sign-on environment.

References

DeveloperToolbox Technical Magazine: WebSphere and Domino single sign-on

DominoTomcatSSO at OpenNTF.org: A open source implementation of LTPA for Tomcat

Websphere

Websphere Liberty Profile IBM software, Lightweight Third-Party Authentication Computer access control {{compu-network-stub

See also

References