Technical notes for LTPA single signon in IBM Security Verify Access for Web

Technical notes for LTPA single signon

The following technical notes apply to LTPA single signon.
The key file contains information about a specific LTPA enabled authentication server. A single key file is used by WebSEAL when generating/authenticating LTPA cookies and as such all of the LTPA enabled server must share the same key file. If we add more than one server to the same junction point, all servers share the same key file.
For single signon to succeed, WebSEAL and the LTPA enabled authentication server must share the same registry information.
The LTPA-enabled server is responsible for setting up LTPA and the creation of the shared secret key.
WebSEAL only supports LTPA version 2 cookies.
WebSEAL does not use WebSphere LTPA Security Attribute Propagation to include additional attributes within the LTPA token.

Parent topic: LTPA single signon