We think we know how to trap a call to a particular URL and pass a logged in ID to Domino by using a plug-in that IBM provides that is loaded on the IIS server (WebSphere Application Server plug-in for Domino). The question is, can we change the login on the IIS box after the user logs in to another ID and passes to the Domino HTTP server? The proxy/single sign-on (SSO) method that we think we can use is the one I mentioned above (IBM plug-in).
There may also be a method defined by IBM/Lotus called DSAPI (Domino Web Server API). We believe the DSAPI allows us to change the user like we want, but we don't have a lot of C expertise.
I found most of what I know regarding proxy, SSO, etc., in the Lotus Security Handbook. I have searched the IBM, Microsoft and Domino third party Web sites for information and haven?t found anything yet.
Can you offer any advice?
Regarding changing the login on the IIS box after the user logs in to another ID and passes to the Domino HTTP server -- this seems like a question that is best suited for a Microsoft oriented message board. It has to be possible, but I'm not sure about what the overall negative consequences of doing so might be.
I am assuming that you're referring to the Lightweight Third-Party Authentication (LTPA) mechanism that IBM provides for SSO. You can indeed implement your own LTPA mechanism but this may result in an unsupported configuration from both IBM and Microsoft -- not a good place to be in.
I suggest running a Web search on "Writing DSAPI Filters", I found a number of resources that provide further information about how DSAPI works and how to create DSAPI filters.
Do you have comments on this Ask the Expert question and response? Let us know.
Dig Deeper on IBM WebSphere
Related Q&A from Tony Higham
For a WebSphere Portal 5.1 installation, are there any caveats to using RAD 6 and WAS 6 versus WSAD 5 and WAS 5? Continue Reading
Most of our projects are developed by building prototypes and refining them as requirements are being gathered. This approach works well for custom ... Continue Reading
We would like to add Lotus Notes e-mail and calendaring (version 6.5.4) into a portal environment. What are the key factors to be considered before ... Continue Reading