Domino 9 and Apache Tomcat SSO - very nice project called ’DominoTomcatSSO’

David Marko  24 May 2013 07:00:00
I was trying to accomplish the Domino and Apache Tomcat integration recently and found out very interesting project from Brian Green hosted on OpenNTF http://www.openntf.org/internal/home.nsf/project.xsp?action=openDocument&name=DominoTomcatSSO . The project called 'DominoTomcatSSO' solves the authentication integration (SSO) between these two worlds and must say the solution works like a charm.

*** Description from project page ***
Lotus Domino uses cookie-based authentication. When you authenticate with a Domino web server, an Ltpa Token is stored in your web browser as a cookie. Apache Tomcat uses its own form of authentication and can not reuse the Domino Ltpa Token for authentication. (LTPA is light-weight third party authentication) It's possible to "integrate" the web servers. The user will authenticate only once, and may then access the Domino and Apache Tomcat web servers.
* * * * * * * * * * * * * * * * * * * * * * * * * *

To setup just simply follow the very nice documentation. Its very, very nice written and things are smooth and straightforward.

Image:Domino 9 and Apache Tomcat SSO - very nice project called ’DominoTomcatSSO’

When I setup everything the authentication in my tomcat (Apache Tapestry framework used here) application was expected to work but it didn't. I tried this and that but could not see any error on Domino console just getting error in Tomcat about the non-valid Cookie. I just put a little question on Stackoverflow here http://stackoverflow.com/questions/16667001/anyone-having-experience-with-dominotomcatsso-project and after some digging google I found the following technote on IBM: http://www-01.ibm.com/support/docview.wss?rs=899&uid=swg21202709  The problem was in Web Site document and its naming that must match certain criteria. The point was in paragraph that says this: "1. Create a Web Site document with a Descriptive name entry such that alphabetically, in the Internet Sites view , it is last among all the Web site documents for that organization." I simply renamed the WebSite document  accordingly, refreshed http and SSO got working as expected !! Very nice solution and big thanks to Brian Green for great project and huge documentation written.

Comments

1Patrick Kwinten  24.05.2013 10:47:08  Domino 9 and Apache Tomcat SSO - very nice project called ’DominoTomcatSSO’

great project, indeeed!

TOPlist