Computer Architechs International Corporation has been working with IBM since the year 2000 to build the online system for its premier IBM Lotus software conference called Lotusphere. The purpose of the online system, aptly named Lotusphere Online, is to provide a way for registered attendees to create their schedules, connect, interact and to get the chance to experience the latest that the Lotus Software portfolio had to offer in a real world user environment. Every year our team was challenged to do our best to seamlessly integrate the latest IBM Lotus software into Lotusphere Online which sometimes required us to introduce beta software into the mix for maximum impact. This meant that one year we needed to introduce the Lotus Notes 8 client with Composite Application technology prior to its GA release for use by attendees on the Lotusphere Online workstations available throughout the conference hotels. This also meant integrating the recently introduced Lotus Connections 1.3 as part of the Lotusphere Online offering to showcase IBM's latest foray into the world of Social Business applications. Every new Lotusphere meant new software releases and new challenges for our team to overcome. This last Lotusphere Online (renamed in 2012 to Social Business Online) was no different. Our goal this time was to seamlessly integrate XPages (IBM Lotus Domino 8.5.3) with the latest releases of other IBM Collaboration Solutions products including IBM Sametime 8.5.2 and IBM Connections 3.0.1 by providing a Dashboard type interface that harmoniously pulled together the different social business applications into one easy to navigate interface.
Our goal was to leverage the APIs of the various products to exchange data with the XPages dashboard to provide this seamless experience for every user. The dashboard would consist of widgets with the ability to provide two way population of data among the various products so that attendees could, not only see all important conference related information in one clean interface pulled in from various sources, but also send data updates to those same sources. For example, with Connections, we wanted to show users the most recent updates going on inside Connections such as the latest Status Updates, most recent postings in Communities, newest Bookmarks, etc.... At the same time we also wanted to give the attendee the ability to type in a Status Update on the dashboard which would then automatically populate that status update into the attendee's Connections profile.
Although the XPages Extension Library did provide a way for developers to store user credentials so that XPages could access other websites without requiring users to login each and every time (i.e. XPages accesses Connections via the API), we felt that storing a user's credentials as is on our site was a little cumbersome and not the most secure way of achieving our goal to have true Single Sign-on (SSO) among the various platforms behind the scenes. So we tried to come up with a way to make this process more seamless and, for all intents and purposes, more secure.
After some extensive research, we found a posting in the IBM Connections Wiki about using the IBM Connections API in different programming languages. This posting described how to use the AbderaClient's addCredentials function to pass user credentials using Java. Using that function as a reference we created a new function that would "stuff" the token generated from the user's credentials into the LTPAToken cookie, the same cookie IBM uses to provide SSO among its suite of web applications. Once the LTPAToken got populated we were able to create the desired back-end SSO environment that we needed to pull off the integration with the desired results.
Some time after shutting Social Business Online down we were approached by IBM to contribute the LTPAToken SSO code to OpenNTF to be added as part of the XPages Extension Library for the benefit of other developers. We gladly agreed and hope that this code helps other developers with their integration projects moving forward.
On May 4, 2012 Niklas Heidloff of OpenNTF kindly posted a blog entry on OpenNTF.org about the code that our company contributed called SSO between XPages and IBM Connections. We want to thank Niklas Heidloff for the "plug" and we hope that others will find the code useful. You can find the code snippet here on OpenNTF.org.
Just today, June 6, 2012, Philippe Riand, chief software architect at IBM, posted a revision update to the IBM XPages Extension Library adding in support for SSO between XPages and Connections.
Furthermore, Niklas Heidloff of OpenNTF also recently blogged on his personal blog site how he used the code snippet as a reference point to successfully build SSO between XPages and Connections for the XPages Social Enabler. One blog entry called "SSO Setup between IBM Connections and XPages" and other called "Access IBM Connections via REST APIs from XPages using SSO through LTPA" describe this in detail including a very thorough and informative Youtube video. It is important to note that Niklas Heidloff was able to accomplish the SSO integration without using the AbderaClient.
Leave a Reply