As the LTPA Token version 2 is more secure than the LTPA Token version 1, it has become a new default for me. Lately I found out that the Sametime Meetings Server does not accept the LTPA Token v2 out of the box, more on that in the following. 🙂
After installing a brand-new HCL Sametime 11.5 environment, inclunding Sametime 11.5 IF1 Sametime Proxy server, importing the LTPA Key from Webphere Application Server and setting the Community Server to use the version 2 of the LTPA Token only, I found that the SSO between via LTPA was not working as expected.
HCL Sametime Proxy server was working as expected, it was accepting the LTPA Tokens and authenticating users by it. Users logged in to the HCL Sametime Proxy server could login into HCL Connnections and vice versa. But the Sametime Meetings component was not accepting the LTPA Token 2, users could login to the Sametime Meetings server, but the SSO functionality via LTPA was not working.
After a brief call with a good friend of mine, Herwig Schauer from HCL, I got the information that you need to set the LTPA Cookie name to “LtpaToken2”, which is the default name for LTPA v2 Token, on the Sametime Meetings server. For Sametime Meetings Docker deployment, this can be done in “docker-compose.yml” file. You have to add the “LTPA_COOKIE_NAME” parameter, in the “auth” section of the file, and set it to “LtpaToken2”.
After that just apply the standard procedure for changing the Sametime Meetings configuration files, and you should be good to go.
@Herwig Schauer, thank you very much for the information! 🙂