tags:

views:

531

answers:

2
+2  Q: 

Generate an LTPA token?

We have a need to integrate a server with our WebSphere environment that does not support LTPA. I found the blog post here and corresponding code to decode the information in an LTPA token. However, there's no code explaining the digital signature and how that's generated/validated. Does anyone have any information on how to generate an LTPA token in custom code?

A: 

You would need to specify how and what you want to integrate?

LTPA is a mechanism used by WebSphere and other IBM products (e.g lotus products) as a means of authentication (typically for a Single Sign on SSO)

If a WebSphere App Server (as an example) authenticates a user and the request say goes to a lotus product (which is part of the same domain), the lotus product identifies the user via the LTPA token which was generated by WAS.

The same applies to multiple WebSphere products too.

There are no public APIs for LTPA for users to work with and it is meant to be used by various IBM products.

HTH Manglu

Manglu  2010-05-25 05:43:51
I'm aware that there are no public APIs available for LTPA. That is why I referenced the blog post that shows how to validate an LTPA token. I'm able to reverse that and create all of the necessary elements except for the digital signature. I need some more information on this last piece in order to complete the integration code.The server I wish to integrate is custom code, so there are no integration libraries available for it. We are writing it ourselves.
Shadowman  2010-05-25 14:26:05
Hi,I wanted to emphasise the fact that this is not a public API. If you are using it from the blog, you are taking a risk. If IBM expected you to use the LTPA token then they would publish ways and means to do that.Sorry i am not able to assist you here.Thanks,Manglu
Manglu  2010-06-01 02:23:35
A: 

Just because you use WebSphere and WebSphere uses LTPA for some forms of SSO, doesn't mean that you need to use LTPA on your non-WebSphere server. There are many standard ways to accomplish Single Sign on with WebSphere and other products. Can you provide more information about how this server is used in your environment? Does it host web applications? web services? J2EE RMI/EJBs? Does this other server need to communicate with end users directly? Does it just need to communicate with a WebSphere server acting as a client?

Gary  2010-08-10 05:54:23

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java