SSO between XPage App, Notes client and Connections

Question

Has anybody had any success creating an XPage application that includes SSO so that the user logs into notes client and is able to open an XPage application (Database) which uses the Social Enabler to integrate Connections data into the XPage? The key to my projects success is to not need to prompt the user for their username and password (The user has just logged into notes!).

I have seen @nheidloff blog about SSO using the LTPA token between an xpage and connections, however I need this to work within the notes client. If anybody has any success in creating this, can you share any tips please.

Answer 1

I have blogged about a technique...

http://lotusnotus.com/lotusnotus_en.nsf/dx/authenticating-notes-users-for-web-apps-automatically....htm

To sum up, we need a LtpaToken for web-based authentication. We have ability to create an LtpaToken inside Notes client using a Java method of the session object. So my solution has two parts.

A java agent that produces a valid LtpaToken for the authenticated user on the client side. We are calling this java agent from any Lotusscript routine.

The second part is a redirection web page on any database that can be accessed anonymously. This might be a Lotusscript agent, servlet or XAgent. It will get LTPAToken and a target URL from a GET request, add the LTPAToken into cookies and redirect the user back to the target URL.

In Lotus Notes client, any Lotusscript action might call the Java agent, acquire a valid LTPAToken and launch a constructed URL which points to the redirection web page with necessary parameters.

There is a couple of bugs I have detected on Domino Web server. For details of the technique and workarounds about these bugs, you might refer to my blog entry.