LTPA in a Domino®/iNotes®/Traveler server environment

If you use HTTP access services in an HCL Domino® or iNotes® environment, there are several notes to review about integration.

To use HTTP access services in a Domino®, iNotes®, or Traveler environment:
  • Use a RADIUS/SecureID or LDAP-bind authentication profile.
  • Set the LTPA token realm or domain to a domain common to the external address of the SafeLinx server and the internal address of the Domino® server.
  • For LDAP-bind authentication profiles, specify the LDAP user attribute to query in the LTPA token user identification field. Typically, the value of this field is set to distinguished name, but the values you use depends on your environment.
  • Select Enable SSO. Next, set the SSO domain to the fully qualified external address of the SafeLinx server. Optionally, to require the use of secure SSO connections, select Enable SSO over SSL connections only.
  • Export the key to a key file and import this key file on the Domino® server. You can use a key that you generate from SafeLinx, or import a key from another source, for example from WebSphere® Application Server.