This mini-tutorial shows you how to set up and configure the iNotes widget to work with IBM Mashup Center using single sign-on. In these steps, you will use the Domino administrative console to register test users and enable single sign-on between WebSphere Application Server and the Domino server.
Procedure
- Install Domino server and Lotus Notes 8.5.1. You can download these two products from Extreme Leverage.
Note: When installing Lotus Notes, be sure to select the Domino Admin component.
- Set up the Domino server. When you start the Domino server for the first time, let the wizard guide you through the configuration steps.
- Replace the iNotes files. Use the two NSF files in Forms851_251.zip to replace the files in the ${Domino Install Dir}/data/iNotes directory. Restart the Domino server.
- Use Domino Admin to connect to the Domino server, and register one or more test users. In this example, we register a test user named Alex Cheng. Now you should be able to access the user's mail file through a URL.
- Use your browser to access the URL http://localhost/mail/acheng.nsf. Now, iNotes should load. As shown in the following screen shot, the user's mail file name is acheng.nsf. The user name and password to access the mail file through a URL is the Internet address and and Internet password:
- Do the following steps to set up single sign-on between WebSphere Application Server and the Domino server:
- To enable single sign-on on WebSphere Application Server, open the administrative console, and select Security > Global security > Web and SIP security > Single sign-on (SSO). Confirm that Enabled is selected and that the domain name is correct, as shown here:
- To export the LTPA key from WebSphere Application Server, open the administrative console, and select Security > Global security. In the Authentication section, open LTPA. In the Cross-cell single sign-on section, type the password and export keys, as shown here:
- To import the LTPA key into Domino, first open the server configuration in Domino Admin by clicking Create Web... > SSO Configuration, as shown here:
In the SSO Configuration page, select Keys.. > Import WebSphere LTPA Keys, and specify the file path of the exported key in the previous step as shown here:
After the LTPA key is imported, you will need so perform some additional configuration steps. As you perform these steps, be sure that the value of the Map names in LTPA tokens field is set to Enabled and that the DNS Domain is set correctly.
- To configure the Domino Web Engine, open the server configuration by opening the Internet Protocols.. tab and then the Domino Web Engine sub tab. Be sure that the Session authentication field is set to Multiple Server (SSO) and that the Web SSO Configuration field is set to LtpaToken, as shown here:
- To create a corresponding user in WebSphere Application Server, do the following steps. In the following screen shot, note that the user alexcheng corresponds to the user Alex Cheng that we created in Domino in a previous step:
- Important: Copy the user's information in the Unique Name field, and replace the commas(,) with slashes(/). For example, the unique name uid=alexcheng,o=defaultWIMFileBasedRealm is now uid=alexcheng/o=defaultWIMFileBasedRealm.
- Open the user's configuration page in Domino Admin by opening the Administration tab and setting the LTPA user name field in the Client Information section to the updated unique name, as shown here:
Congratulations! You have now enabled sign sign-on between WebSphere Application Server and the Domino server. To confirm that you performed the steps correctly, open Mashup Center , log in, and access the mail file. You should not have to specify the user name and password again to access the mail file. |