IBM Lightweight Third-Party Authentication

Lightweight Third - Party Authentication ( LTPA, " lightweight authentication by third parties " ) is an authentication technology that is used in the software products IBM Websphere and Lotus Domino. When accessing web servers that use LTPA, it is possible for a user to use his user application across servers, which is also known as single sign-on.

Operation

A configured for LTPA authentication Lotus Domino or WebSphere server prompts the user to enter username and password. If the user has been authenticated so, the server sends the user's browser a cookie, which is valid for the current browser session of the user. The cookie itself is a record that is the LTPA token.

If the user then another server responds in the same browser session, which is a member of the same authentication configuration as the first server, then the user is automatically authenticated there and not be prompted to enter a username and password.

The format of the LTPA token was not published by IBM and, provided only IBM business partners who have signed a confidentiality agreement available. It contains, in coded form, among others, the authentication information of the user, the network domain in which it applies, and an expiration date.

History

IBM introduced a LTPA with Websphere 3.0.