You retrieve the WebSphere LTPA key from the IBM® Lotus® Quickr™ for WebSphere Portal server so that you can use the key on the IBM Lotus Domino® server that runs IBM Lotus Sametime®.
If you have already retrieved the WebSphere LTPA key for another application (for example, IBM Tivoli® Access Manager for e-business) you can skip this procedure.
If the release of IBM WebSphere® Application Server configured in your site is 126.96.36.199 or later, before retrieving the LTPA key for single sign-on, make sure the Web inbound security attribute propagation
option is disabled as described in the procedure below. For details on this feature, see Implementing single signon to minimize Web user authentications
, as well as the section on Horizontal propagation
in Security attribute propagation
, both in the WebSphere Application Server Information center.
Perform the following steps:
- On the WebSphere Application Server, start the administrative console and log in.
- Select Security -> Secure administration, applications, and infrastructure.
- Under Authentication, click Web security.
- Click Single signon (SSO).
- Ensure the Domain name is correct and starts with a period. For example: .org.yourco.com
- Make sure Web inbound security attribute propagation is deselected. If you must make a change to it, click Apply.
- Under Authentication, click Authentication mechanisms.
- Type a password in the Password field and enter a name, path, and file name in the Key File Name field.
Tip: Make a note of the password; you will need it during your next SSO task when you import the LTPA key into the Lotus Domino server.
- If you have multiple repositories, make sure the realm name points to the LDAP repository which the Sametime Server is using.
- Click the Export Keys button.
- If you made changes, click Save to apply the changes to the master configuration, then Save again on the next screen.
- Log out from the administrative console.
- Copy the key file that was created during the export process to a location that is accessible to the Lotus Domino server.
Parent topic: Configuring single signon between Lotus Quickr and Lotus Sametime: qp85