LTPA authentication

Security Access Manager supports authentication using an LTPA cookie received from the client. This section contains the following topics:

LTPA authentication overview
Various IBM® servers provide support for the cookie-based lightweight third-party authentication mechanism (LTPA). Among these servers are WebSphere® and DataPower. To achieve a single signon solution to one or more of these servers, you can configure WebSEAL to support LTPA authentication.
Enabling LTPA authentication
The ltpa-auth stanza entry is located in the [ltpa] stanza of the WebSEAL configuration file. It enables and disables the LTPA authentication method.
Key file information
The LTPA token is encrypted by a password-protected secret key. The key itself is generated by WebSphere and is contained in a key file. This key file is password-protected by a clear text key.
Specifying the cookie name for clients
You can configure the name of the cookie containing the LTPA token that WebSEAL issues to clients.
Specifying the cookie name for junctions
You can configure the name of the cookie that contains the LTPA token for junctioned web servers.
Controlling the lifetime of the LTPA Token
Disabling LTPA authentication

Parent topic: Authentication methods

Related concepts:

Related reference: