IBM Worklight v5.0.5 > Develop IBM Worklight applications > Authentication configuration

LTPA authenticator

Use the LTPA authenticator to integrate with the WebSphere Application Server

This authenticator can be used with the WASLTPAModule login module.

Class Name


Parameter Description
login-page Login page URL relative to the web application context.
error-page Error page URL relative to the web application context.
cookie-domain Domain in which the LTPA SSO cookie applies, for example, If not set, no domain attribute is set on the cookie and single sign-on is restricted to the application server host name and does not work with other hosts in the same domain. Optional.
httponly-cookie True/false. Whether the cookie has HttpOnly attribute set. Helps to prevent cross-site scripting attacks. Optional.
cookie-name Name of the LTPA SSO cookie. If not set, default cookie name is LtpaToken. Optional.


<realm name="WASLTPARealm" loginModule="WASLTPAModule">
    <parameter name="login-page" value="/login.html"/>
    <parameter name="error-page" value="/loginError.html"/>
    <parameter name="cookie-domain" value=""/>
    <parameter name="httponly-cookie" value="true"/>
    <parameter name="cookie-name" value="LtpaToken2"/>

Parent Authentication configuration