Using PHP to access single sign-on

hcl-bot · February 15, 2008, 5:49am

need to access the content of Single sign-on on Domino server.

The current situation is an Intranet built using Domino server and lotus database. The staff have a single sign-on that allows them to access their mail, database application etc…

I have been assigned the task of extending the Intranet with other apps. and have to use PHP, MYSQL on Apache server. This will be a separate server. One stipilation, maintain the single sign-on.

Is it possible to pass the sign-on content to another server, maybe using POST? What information can I expect to see from this sign-on content? users id?

p.s. I know diddly about Domino

Any help of direction will be appreciated.

hcl-bot · February 15, 2008, 9:52am

Subject: using PHP to access single sign-on

If you are currently using (multi-server) single sign on with Domino - browsers will receive an LtpaToken cookie upon authentication. This cookie can be used by your other applications, assuming they are in the same dns domain. If you need to retrieve user information from the token for use in the non-Domino apps - there are a few ways.

This can get you started in the right direction - although the “client” code is for IIS, the concept is the same: http://www.openntf.org/Projects/codebin/codebin.nsf/CodeByDate/8016EB7A34C7930086256E9A0019EC2D The domino app will “decode” the token and provide user information in xml format – you’d just need to call http://domino.host.com/sso.nsf/credentials.xml?readform