LTPA authenticator
Description and syntax for the LTPA authenticator.
Description
Use the Lightweight Third-Party Authentication authenticator to integrate with the WebSphere® Application Server LTPA mechanisms.
Note: This authenticator is supported
only on WebSphere Application Server.
To avoid unnecessary errors on other application servers, the authenticator
is commented out in the default authenticationConfig.xml file
that is created with an empty MobileFirst project.
To use it, remove the comments first.
This authenticator can be used with the WASLTPAModule login module.
Class Name
com.worklight.core.auth.ext.WebSphereFormBasedAuthenticator Parameters
The adapter authenticator class has the following parameters:
| Parameter | Description |
|---|---|
| login-page | Mandatory. The login page URL relative to the web application context. |
| error-page | Optional. The error page URL relative to the web application context. If this parameter is not set, the URL from the login-page is also used for the error-page. |
| cookie-domain | Optional. A String such as example.com,
which specifies the domain in which the LTPA SSO cookie applies. If
this parameter is not set, no domain attribute is set on the cookie.
The single sign-on is then restricted to the application server host
name and does not work with other hosts in the same domain. Note: This
parameter is deprecated. Define this parameter in the <loginModule> entry
for the WebSphereLoginModule instead. If the parameter
is defined in both places, the value in the <loginModule> entry
takes precedence.
|
| httponly-cookie | Optional. A String with a value of either true or false,
which specifies whether the cookie has the HttpOnly attribute set.
This attribute helps to prevent cross-site scripting attacks. Note: This
parameter is deprecated. Define this parameter in the <loginModule> entry
for the WebSphereLoginModule instead. If the parameter
is defined in both places, the value in the <loginModule> entry
takes precedence.
|
| cookie-name | Optional. A String that specifies the name of
the LTPA SSO cookie. If this parameter is not set, the default cookie
name is LtpaToken. Note: This parameter is deprecated.
Define this parameter in the <loginModule> entry
for the WebSphereLoginModule instead. If the parameter
is defined in both places, the value in the <loginModule> entry
takes precedence.
|
Example
<realm name="WASLTPARealm" loginModule="WASLTPAModule">
<className>com.worklight.core.auth.ext.WebSphereFormBasedAuthenticator</className>
<parameter name="login-page" value="/login.html"/>
<parameter name="error-page" value="/loginError.html"/>
</realm>