Ticket Verifier Technical Components
The technical components of this solution consist of two parts:
- Runtime components (executed during operation)
- Security components (for information shared between SAP Enterprise Portal and Lotus Domino to safeguard security
The runtime environment of the Ticket Verifier consists of a Microsoft Windows DLL. The table below contains the libraries that are required.
| Library | Filename | Description |
|---|---|---|
|
Ticket Verifier for Lotus Domino R5/R6/R7 |
ds_ticket.dll |
Implementation of the Ticket Verifier for Lotus Domino |
|
SAP Seculib |
sapsecu.dll |
Functions for working with the verify.pse keystore (public key infrastructure) |
|
mySAP.com-SSO |
wpsso_v3.dll |
Implementation of mySAP.com logon ticket handling functions |
The server that runs the Ticket Verifier for Lotus Domino has to run all these libraries. The Ticket Verifier is registered on the Lotus Domino server and the other libraries are placed on the file system of the operating system.
The security of the Ticket Verifier solution is based on a public key infrastructure (PKI) and a trust relationship.
The trust relationship between SAP Enterprise Portal and Lotus Domino is established by copying the SAP Enterprise Portal certificate(s) from the portal to Lotus Domino.
Security is achieved through digitally signing the credentials of the portal user.
The Ticket Verifier has to have access to SAP Enterprise portal's PKI certificate/keystore that is stored in a file called verify.pse. As mentioned before, the Ticket Verifier does not affect Lotus Domino ACLs and user privileges.