Hi
We are trying to provide access to domino mail server through MOSS 2007 portal. Users would login to MOSS 2007 portal and from there they can access domino mail server through a webpart. MOSS 2007 uses windows authentication running on IIS 7 and currently we are having difficulty in providing single sign-on facility to users. Users once they log into MOSS 2007 portal are also prompted for domino account for accessing the mail.
I’ve looked at some of the articles which suggests generating a LTPA cookie manually and send it to domino server via HTTP Post and also adding some mappings in the person document. I don’t know how to create this cookie in .Net and to which url this cookie has to be posted. Any sample code is available? Or are there any other approach?
Thanks
Subject: Solution
Rajesh,
This is a 2 step process !
You have Authentication and Authorization.
This could be solved quite easily !
the Authentication part can’t be solved by Domino nativly. What you could do with that is make use of a ISS server. You could install the WebSpherePlugin for IIS and if correctly configured the authetication part is solved by the IIS HTTP stack en the WebSPhere plugin !
The second part (Authorisation) means that you have to connect Domino (via Directory Assitance) to the Active Directory !
What will happen if all of the above is configured correctly is that the IIS server with WebSPhere plugin handles the Authetication (user id & password check) and when thats doen the WebSphere plugin will post the username in the HTTP header. When this special HTTP headers are posted to the Domino Server the domino server will automatically use this name as the autheticated user and as oon that user has acces to the resource you want to access domino will allow that. This could potentially create a security risk to your domino server so you need to be 100% suer that nobody else could access this domino server otherwise they can accesss resources without to autheticate
Or you could access the guys at http://www.pistolstar.com/ they have developed an DSAPI add-in which accomplish the same as described above but then you have to pay for it 
PS you need to set an extra Notes.ini to make the above to go to work HTTPEnableConnectorHeaders = 1
Subject: websphere plugin - SSO between MOSS 2007 and domino webaccess
Thanks Sjaak for the reply.
I guess the scenario you are talking is different from my requirement. The solution you’re suggesting is to make the IIS as the web server for the domino lotus notes server.
In our case we want to display the domino web access in a webpart on the MOSS portal.We could use a pageviewer webaprt to display the web access page, but that throws up a domino login page. How do we enable SSO in this case? MOSS 2007 runs on IIS and uses windows authentication. Once the MOSS portal page loads, it should redirect the user to the mail box without prompting for credentials.
Also the Domino server does not use Active Directory, how do I map my windows accounts to domino users?
Thanks
Subject: 8.5.1 Windows single sign-on for Web clients
Assuming you have Windows platforms for your servers, it is likely that you can greatly simply your architecture if you run Domino 8.5.1 and use the feature Windows single sign-on for Web clients. There are a number of deployment choices to be made, far more than what I can discuss in a response here. So I advise you to have a look at the online documentation for Domino 8.5.1.
good luck!
Jane Marcus, IBM