I see, now it is clear to me ;-) Thanks for the explanation!
In this case, logging in as a special user whose user account would be reserved for this purpose - just for querying other users' statuses.
The problem is that the "special user"'s name and password will have to be stored somewhere inside the configuration of our application, which means a credential store. That's what could be avoided by using the LTPAToken cookie to log on the Sametime Server.
However, I'm a'fraid that this will be the only suitable solution :-(
Carl and John, thank you a lot for helping me with this question!