How do you use SSO on a website to log a user into STLinks?
Category Sametime Technote
This is a question I get quite often and there are a few answers. The answer in the STLInks manual is to use various WQO Agents that Lotus ships in a sample database, where you pull out the LtpaToken and submit that to STLinks to login. This often creates issues for people that struggle to sign the database design etc. and for most applications within a company intranet this is overkill, as typically the page that contains STLinks has been accessed from another page where the user had authenticated to access it.
So knowing that the user is already authenticated, and you've configured your Sametime server as part of your Domino Community with Multi Server Single Sign-on, you'll know that the LtpaToken is stored in a document cookie. Then with the knowledge that writeSTLinksApplet has a parameter to specify that the login is with a token, it's pretty easy to pull out the token and pass that into the writeSTLinksApplet function. Here is the code I use for getting a user logged into STLinks on an authenticated page, if the user isn't authenticated then this page will still try and give a user access anonymously.
Where <COMPUTED TEXT> contains the formula "@UserName". If you're using LDAP you'll probably want a formula of "@ReplaceSubstring(@UserName;"/",",")"
This is a question I get quite often and there are a few answers. The answer in the STLInks manual is to use various WQO Agents that Lotus ships in a sample database, where you pull out the LtpaToken and submit that to STLinks to login. This often creates issues for people that struggle to sign the database design etc. and for most applications within a company intranet this is overkill, as typically the page that contains STLinks has been accessed from another page where the user had authenticated to access it.
So knowing that the user is already authenticated, and you've configured your Sametime server as part of your Domino Community with Multi Server Single Sign-on, you'll know that the LtpaToken is stored in a document cookie. Then with the knowledge that writeSTLinksApplet has a parameter to specify that the login is with a token, it's pretty easy to pull out the token and pass that into the writeSTLinksApplet function. Here is the code I use for getting a user logged into STLinks on an authenticated page, if the user isn't authenticated then this page will still try and give a user access anonymously.
<html>
<head>
<LINK REL=STYLESHEET HREF="http://<<STSERVERNAME>>/sametime/stlinks/stlinks.css" TYPE="text/css">
<SCRIPT src="http://<<STSERVERNAME>>/sametime/stlinks/stlinks.js"></SCRIPT>
<SCRIPT>
setSTLinksURL("http://<<STSERVERNAME>>/sametime/stlinks");
</SCRIPT>
<SCRIPT>
function getCookie(name) {
var dc = document.cookie;
var prefix = name + "=";
var begin = dc.indexOf("; " + prefix);
if (begin == -1) {
begin = dc.indexOf(prefix);
if (begin != 0) return null;
} else {
begin += 2;
}
var end = document.cookie.indexOf(";", begin);
if (end == -1) {
end = dc.length;
}
return unescape(dc.substring(begin + prefix.length, end));
}
if (getCookie('LtpaToken') == null) {
writeSTLinksApplet("Anonymous User","",false);
}else {
writeSTLinksApplet("<COMPUTED TEXT>",getCookie('LtpaToken'),true);
}
</SCRIPT>
</head>
<body>
<SCRIPT>
writeSametimeLink("CN=Carl Tyler/OU=US/O=Instant","Carl Tyler",false);
</SCRIPT>
</body>
</html>
Where <COMPUTED TEXT> contains the formula "@UserName". If you're using LDAP you'll probably want a formula of "@ReplaceSubstring(@UserName;"/",",")"
Comments
Posted by null At 01:51:05 AM On 01/26/2008 | - Website - |
Posted by Johann echavarria At 02:30:16 PM On 09/27/2010 | - Website - |
Posted by Christine At 03:09:27 PM On 02/15/2011 | - Website - |
Posted by Christine At 03:16:23 PM On 02/15/2011 | - Website - |
Posted by nikeshoes At 11:20:23 PM On 03/07/2011 | - Website - |