Please can anyone assure me that SSO works in ND6. I am trying it since 2 days still i am not able to configure it.Error is
“HTTP Server:Error Loading web SSO Configuration(LPTAToken). (Single Sign Configuration is invalid)”
I have implemented SSO in R5 successfully in no time… but in ND6 , still unable to implement…
has anyone confugured SSO in ND6.please guide me
Subject: SSO - Does it work in ND6.Anyone tested and implemented
Have you try to re-import your ltpa key file ? Please try reimport (reconfigure) and see what happens.
Thanks,
ShiuFun
Subject: SSO - Does it work in ND6.Anyone tested and implemented
Were you able to get this going? Was this SSO with WebSphere (v5?), or other Domino servers?
Can anyone confirm that SSO works between Domino6 and WAS5 just so I know whether to keep banging my head against the wall?
Subject: Yes, SSO between WAS 5.0 and Dom 6 works, I got it going
I followed the steps outlined in the following paper:
And it worked but you should upgrade to 5.0.1 to get around a bug if you do not list the base distinguished name in the ldap setup.
Howard
Subject: RE: Yes, SSO between WAS 5.0 and Dom 6 works, I got it going
Thanks for your confirmation. I have been following this redbook as well. I’m almost there, just can’t make it across the finish line…
I can now authenticate against my NAB from either the WebSphere side or the Domino side (ie. I can access a servlet or a domino database using a name in my NAB).
However, they don’t seem to be sharing the SSO token. BTW, i’m running WAS5.01 and Domino6.01 on the same Win2K server.
If I first open a servlet (eg. snoop) it prompts me to authenticate, and I can get in using my “wasadmin” id. However, if I then try to access a Domino resource (eg. names.nsf) it prompts me again to authenticate. If I type in the same userid and pwd, it lets me in.
The same thing happens if I access the Domino resource first-- both WAS and Dom and prompting me to authenticate.
So the SSO token isn’t being shared. Any ideas?
Subject: RE: Yes, SSO between WAS 5.0 and Dom 6 works, I got it going
Just as a follow-up, using Mozilla shows that both WAS and Domino are generating the “LtpaToken” cookie. However, they don’t seem to recognize the cookie created by the other-- the first server I sign-on to creates an “LtpaToken” cookie, and when I sign-on to the second server, it also creates it’s own cookie, overwriting the first cookie.
The cookie info in both cases is the same:
Name: LtpaToken
Domain: .mydomain.com
Path: /
Server Secure: no
Expires: at end of session
Just the “Content” for each cookie is different.
Any ideas what this indicates, or how to fix it?
Subject: RE: Yes, SSO between WAS 5.0 and Dom 6 works, I got it going
Difference in the LTPA Cookie Keys is against SSO. They need to be the same im Mozilla. They appear after you establish a session with Domino Web Server or WebSphere (HTTP Server).
Subject: Check your domain names
The domain names have to be the same. In Websphere there is a SSO option at the bottom of the LPTA page. Click on that option and then there is a field for the domain name. Then make sure your Domino server is set to the same domain.
Howard