We think we know how to trap a call to a particular URL and pass a logged in ID to Domino by using a plug-in that IBM provides that is loaded on the IIS server (WebSphere Application Server plug-in for Domino). The question is, can we change the login on the IIS box after the user logs in to another ID and passes to the Domino HTTP server? The proxy/single sign-on (SSO) method that we think we can use is the one I mentioned above (IBM plug-in).
There may also be a method defined by IBM/Lotus called DSAPI (Domino Web Server API). We believe the DSAPI allows us to change the user like we want, but we don't have a lot of C expertise.
I found most of what I know regarding proxy, SSO, etc., in the Lotus Security Handbook. I have searched the IBM, Microsoft and Domino third party Web sites for information and haven?t found anything yet.
Can you offer any advice?
Regarding changing the login on the IIS box after the user logs in to another ID and passes to the Domino HTTP server -- this seems like a question that is best suited for a Microsoft oriented message board. It has to be possible, but I'm not sure about what the overall negative consequences of doing so might be.
I am assuming that you're referring to the Lightweight Third-Party Authentication (LTPA) mechanism that IBM provides for SSO. You can indeed implement your own LTPA mechanism but this may result in an unsupported configuration from both IBM and Microsoft -- not a good place to be in.
I suggest running a Web search on "Writing DSAPI Filters", I found a number of resources that provide further information about how DSAPI works and how to create DSAPI filters.
Do you have comments on this Ask the Expert question and response? Let us know.
Dig Deeper on IBM WebSphere
Related Q&A from Tony Higham
What approach would be the best to programmatically integrate a custom Domino DB with a JSR 168 portlet? I'm thinking about performance. Continue Reading
Can I install WPS 5.1 on an existing WAS 6 Notes/Domino system? I have a server that already has WAS6 Notes/Domino running. I also want to install ... Continue Reading
For a WebSphere Portal 5.1 installation, are there any caveats to using RAD 6 and WAS 6 versus WSAD 5 and WAS 5? Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.