already many documents about ltpa - domino 1) User logs into Apache/php server which is authenticated via ldap (domino). 2) links to domino site and need to logon ( need to use single sign on) create a valid domino token for the connection. Anyone having experience or tips and trics ? thanxs

If your users have the same username and password in both systems you could try the "low tech" approach and change the login form to post username and password to both systems.

It would probably mean some clever JavaScripts and some iframes.

You have several solutions to this.

Do you have something similar to Java EE "filters" in your php environment. If so, you could use such a thing to "trap" the apache/php loginpage, extract the credentials and programmatically "post" the login to domino and extract the LtpaToken cookie that you get in return and put this in your response header. This way, the user will be authenticated when he/she hits domino later on. (i've used this on Java EE by utilizing a servlet filter in combination with the apache HTTPClient open source project, emulating a browser session in code to login the user).

 

Another way would be to always reference your php pages by using a redirection url, thus forcing the users to always pass Domino (before autentication or if the LtpaToken cookie is not set, i.e):

 

http://Dominoserver/names.nsf?login&redirectto<your apache/php>/<resource>

 

If you hit your apache/php and don't have the LtpaToken set, you can always redirect the user using the technique above.

 

regards

 

Daniel