Lightweight third-party authentication

from Wikipedia, the free encyclopedia

Lightweight Third-Party Authentication (LTPA) is an authentication technique that is used in the software products IBM Websphere and Lotus Domino . When accessing web servers that use LTPA, it is possible for a user to use his user login across servers, which is also known as single sign-on .

functionality

A Lotus Domino or Websphere server configured for LTPA authentication prompts the user for a username and password . When the user has been authenticated with this, the server sends the user's web browser a cookie that is valid for the user's current browser session. This cookie contains a special data record, the LTPA token .

If the user then addresses another server in the same browser session that is a member of the same authentication configuration as the first server, the user is automatically authenticated there and is not prompted for a user name and password again.

The format of the LTPA token has not been published by IBM and has only been made available to IBM business partners who have signed a confidentiality agreement. It contains in coded form, among other things, the authentication information of the user, the network domain in which it is valid, and an expiration date.

history

IBM introduced LTPA with Websphere 3.0.

Individual evidence

  1. ^ André Luerssen: Security aspects of Java 2 Enterprise Edition (J2EE) . University of Hamburg, Department of Computer Science, January 2003, p. 140 ( uni-hamburg.de [PDF] diploma thesis).
  2. ^ André Luerssen: Security aspects of Java 2 Enterprise Edition (J2EE) . University of Hamburg, Department of Computer Science, January 2003, p. 125 (diploma thesis).
  3. Jim Hsu and Steve Nikopoulos: WebSphere and Domino single sign-on. In: DeveloperToolbox Technical Magazine. January 1, 2001, accessed January 25, 2009 .

Web links