With single signon support, Web users can authenticate once when accessing both WebSphere resources (such as JSP files, servlets, HTML files) and Domino resources (such as documents in a Domino database), or when accessing resources in multiple WebSphere domains. This authentication is supported only when LTPA is the authentication mechanism. Single signon uses HTTP cookies to achieve this functionality.
When single signon is enabled, a cookie is created with the LTPA token in it. When the user accesses some other Web resource or Domino resource in any other WebSphere or Domino process in the same DNS domain, the cookie is sent in the request. The LTPA token is then extracted from the cookie and is validated. For more information, see Prerequisites and conditions for single sign-on.
The LTPA authentication mechanism requires that single signon is enabled if any of the Web applications use form login as the authentication method.
Configure single signon between multiple WebSphere Application Server domains
Complete these steps to configure single signon for multiple WebSphere Application Server domains:
Configure single signon between WebSphere Application Server - Express and Lotus Domino
Complete these steps to configure single signon for WebSphere Application Server and Domino:
For more information, see Troubleshooting single signon configurations.