views:

691

answers:

2

I need to provide SSO for a Webpshere portal. The authentication process needs to be handled by a PHP site (which itself should authenticate a user against an Active Directory via LDAP - think I have this bit covered though). I have been told I need to create an LTPA cookie. How would I go about doing this? What information need to be set? Will Websphere be able to read this cookie and grant access to the user?

+1  A: 

Websphere comes with out-of-box support of proapgation of authentication using LTPA tokens (in web apps, these are usually stored in cookies named LTPAToken and LTPAToken2). In general, for this to work both the Websphere and your PHP app have to share the same LTPA keys (based on which the LTPA tokens are generated). In websphere administration, a little configuration is needed to enable LTPA and synchronize the keys.

However, I'm completely ignorant about PHP capabilities for this; don't know if there are any LTPA PHP libraries or a builtin Apache/PHP support for LTPA whatsoever. Googling IBM's infocenter (publib.boulder.ibm.com) may help.

david a.
+1  A: 

This ST Awareness on a PHP page article on IBM developerWorks may help you. There is also an example of adding awareness to an ASP page in chapter 12 of the Redbook Building Sametime Enabled Applications. It details a way of doing it if you don't have LTPA in your environment.