Websphere Application Server 7.0 for Developers has just been released. It is a free download for development purposes – making it possible to develop and test on your desktop using a runtime environment that is identical to the production runtime environment your applications will eventually run on.
Thanks to Davanum Srinivas for the heads up on Twitter.
I have previously blogged about how to create a LTPA session cookie for Lotus Domino and now I am finally able to present the code for creating this LTPA cookie that can be implemented on the F5 BIG-IP platform using the F5 iRules Control Language (which builds upon the Tcl scripting language). I created the code by going through a Java library for creating a LTPA cooke created by Miha Vitorovič.
The F5 iRule code is available for you to download – you just need to add the code necessary to do authentication of the user. Check F5 DevCentral for examples on this – for instance this iRule example that does reverse proxy with basic SSO.
Update: Based on this blog post I have created an article on this in the Lotus Notes & Domino wiki per request from Joyce Davis.
The following shows the actual code:
when RULE_INIT {
set cookie_name "LtpaToken" # Don't change this
set ltpa_version "\x00\x01\x02\x03" # Don't change this
set ltpa_secret "b64encodedsecretkey" # Set this to the LTPA secrey key from your Lotus Domino LTPA configuration
set ltpa_timeout "1800" # Set this to the timeout value from your Lotus Domino LTPA configuration
}
when HTTP_REQUEST {
#
# Do your usual F5 HTTP authentication here
#
# Initial values
set creation_time_temp [clock seconds]
set creation_time [format %X $creation_time_temp]
set expr_time_temp [expr { $creation_time_temp + $::ltpa_timeout}]
set expr_time [format %X $expr_time_temp]
set username [HTTP::username]
set ltpa_secret_decode [b64decode $::ltpa_secret]
# First part of token
set cookie_data_raw {}
append cookie_data_raw $::ltpa_version
append cookie_data_raw $creation_time
append cookie_data_raw $expr_time
append cookie_data_raw $username
append cookie_data_raw $ltpa_secret_decode
# SHA1 of first part of token
set sha_cookie_raw [sha1 $cookie_data_raw]
# Final not yet encoded token
set ltpa_token_raw {}
append ltpa_token_raw $::ltpa_version
append ltpa_token_raw $creation_time
append ltpa_token_raw $expr_time
append ltpa_token_raw $username
append ltpa_token_raw $sha_cookie_raw
# Final Base64 encoded token
set ltpa_token_final [b64encode $ltpa_token_raw]
# Insert the cookie
HTTP::cookie insert name $::cookie_name value $ltpa_token_final
}
# Remove Authorization HTTP header to avoid using basic authentication
if { [HTTP::header exists "Authorization"] } {
HTTP::header remove "Authorization"
}
}