Enabling SSO between WebSphere Portal and Domino

You configure the single sign-on (SSO) feature between the IBM® WebSphere® Portal server and the IBM Lotus® Domino® servers so that authentication works the same way for all Domino and Extended Products Portlets. A user can log into WebSphere Portal and then access portlets that contain information from a Lotus Domino application or service without having to enter additional credentials for authentication.
A best practice is to install and configure all Lotus Domino servers and then enable single sign-on for them all. For example, install and configure Lotus Domino messaging/applications servers, and servers for Lotus Sametime, before you enable single sign-on.

  • All servers participating in single sign-on must be in the same Internet domain.

  • To enable single sign-on, you must enable the IBM LTPA capabilities included in both WebSphere Application Server and Lotus Domino. The WebSphere LTPA token generated by WebSphere Application Server is imported into Lotus Domino, and this token can be used for all servers within the Lotus Domino domain. Verify that automatic LTPA key generation is disabled on each node of the single sign-on domain. For instructions, see Retrieving the WebSphere LTPA key.

  • All servers participating in SSO must have same user registry

  • Client browser should not have cookies disabled