CAS cookie and LTPAToken cookie format
Rolf Pfotenhauer
rolfpf at yahoo.com.au
Wed Feb 18 22:28:28 EST 2004
Hi,
Does anyone know what the difference is between the CAS cookie and the
LTPAToken cookie used by Lotus Domino.
The LTPAToken cookie is defined as (at least I am told):
· CookieName = "LtpaToken"
· CookieValue = Base64(LtpaToken)
· CookieDomain = Subdomain of server (i.e. "raleigh.ibm.com")
· LtpaToken = TokenHeader[4 BYTES] + HexEncoded((DWORD)TokenCreationDate)[8
BYTES] + HexEncoded((DWORD)TokenExpirationDate)[8 BYTES] + Canonicalized
username [variable] + SHA1(TokenHeader + TokenCreation + TokenExpiration +
Username+Secret)[20 BYTES]
· TokenHeader = First byte reserved, three bytes for secret sequence usage
· TokenCreationDate = A number representing the time and date of the token
creation. (TokenCreationDate is the number of seconds to elapse since midnight
(00:00:00), January 1, 1970) in GMT
· TokenExpirationDate = A number representing the time and date of the token
expiration. (TokenExpirationDate is the number of seconds to elapse since
midnight (00:00:00), January 1, 1970) in GMT
Find local movie times and trailers on Yahoo! Movies.
http://au.movies.yahoo.com
More information about the cas
mailing list