Our goal was to leverage the APIs of the various products to exchange data with the XPages dashboard to provide this seamless experience for every user. The dashboard would consist of widgets with the ability to provide two way population of data among the various products so that attendees could, not only see all important conference related information in one clean interface pulled in from various sources, but also send data updates to those same sources. For example, with Connections, we wanted to show users the most recent updates going on inside Connections such as the latest Status Updates, most recent postings in Communities, newest Bookmarks, etc.... At the same time we also wanted to give the attendee the ability to type in a Status Update on the dashboard which would then automatically populate that status update into the attendee's Connections profile.
Although the XPages Extension Library did provide a way for developers to store user credentials so that XPages could access other websites without requiring users to login each and every time (i.e. XPages accesses Connections via the API), we felt that storing a user's credentials as is on our site was a little cumbersome and not the most secure way of achieving our goal to have true Single Sign-on (SSO) among the various platforms behind the scenes. So we tried to come up with a way to make this process more seamless and, for all intents and purposes, more secure.
After some extensive research, we found a posting in the IBM Connections Wiki about using the IBM Connections API in different programming languages. This posting described how to use the AbderaClient's addCredentials function to pass user credentials using Java. Using that function as a reference we created a new function that would "stuff" the token generated from the user's credentials into the LTPAToken cookie, the same cookie IBM uses to provide SSO among its suite of web applications. Once the LTPAToken got populated we were able to create the desired back-end SSO environment that we needed to pull off the integration with the desired results.
Some time after shutting Social Business Online down we were approached by IBM to contribute the LTPAToken SSO code to OpenNTF to be added as part of the XPages Extension Library for the benefit of other developers. We gladly agreed and hope that this code helps other developers with their integration projects moving forward.
On May 4, 2012 Niklas Heidloff of OpenNTF kindly posted a blog entry on OpenNTF.org about the code that our company contributed called SSO between XPages and IBM Connections. We want to thank Niklas Heidloff for the "plug" and we hope that others will find the code useful. You can find the code snippet here on OpenNTF.org.
Just today, June 6, 2012, Philippe Riand, chief software architect at IBM, posted a revision update to the IBM XPages Extension Library adding in support for SSO between XPages and Connections.
Furthermore, Niklas Heidloff of OpenNTF also recently blogged on his personal blog site how he used the code snippet as a reference point to successfully build SSO between XPages and Connections for the XPages Social Enabler. One blog entry called "SSO Setup between IBM Connections and XPages" and other called "Access IBM Connections via REST APIs from XPages using SSO through LTPA" describe this in detail including a very thorough and informative Youtube video. It is important to note that Niklas Heidloff was able to accomplish the SSO integration without using the AbderaClient.
Leave a Reply