Technical notes for LTPA single sign-on IBM Security Verify Access for Web

Technical notes for LTPA single sign-on

Understand the technical notes that we must consider when you implement LTPA single sign-on.
The following technical notes apply to LTPA single signon:

The key file contains information about a specific WebSphere server. An LTPA junction is specific to one WebSphere server. If we add more than one server to the same junction point, all servers share the key file.
For single signon to succeed, WebSEAL and the WebSphere server must share the registry information.
The WebSphere server is responsible for setting up LTPA and the creation of the shared secret key. The WebSEAL participation involves the junction and cache configurations.
WebSphere version 5.1.1 and later support the new LTPA version 2 cookie (LtpaToken2). In these environments, use the -2 option to specify LtpaToken2 support.
WebSEAL does not use WebSphere LTPA Security Attribute Propagation to pass more attributes to the WebSphere server in the LTPA cookie.

Parent topic: LTPA overview