With single sign-on (SSO) configuration support, web users can authenticate once when accessing Liberty profile resources such as HTML, JavaServer Pages (JSP) files, and servlets, or accessing resources in multiple Liberty profile servers that share the same Lightweight Third Party Authentication (LTPA) keys.
When a user passes authentication on one of Liberty profile servers, authentication information generated by the server is transported to the web browser in a cookie. The cookie is used to propagate the authentication information to other Liberty profile servers.
The LTPA is configured and ready for immediate use. The default cookie name used to store the SSO token is called ltpaToken2. If you want to use a different name for the cookie, you can customize the cookie name using the ssoCookieName attribute of <webAppSecurity> element. If you customize the cookie name, make sure that all the servers that participate in SSO use the same cookie name.
For more information about SSO, see SSO concept in the Liberty profile.
<webAppSecurity logoutOnHttpSessionExpire=”true” ssoCookieName=”myCookieName” />
For details of all the available SSO settings, see the <webAppSecurity> element in Liberty profile: Configuration elements in the server.xml file.