Lightweight Third Party Authentication (LTPA) is a single-sign on (SSO) protocol. WebSphere uses LTPA tokens for SSO. As an example, when you sign into the WebSphere admin console, an LTPA token will be issued. The LTPA token will remain active for a period of time (120 minutes by default). For the duration of the LTPA token, when you navigate to the dmgr home page, you will not need to authenticate again by providing a username and password. Instead, you will automatically be authenticated via the LTPA token.
Configure WebSphere to use LTPA
By default, at Security > Global Security, WebSphere is configured to use LTPA. Selecting LTPA will let you configure LTPA.
Muliple Websphere servers
If you have two or more WebSphere servers, and can get an LTPA token for one of WebSphere servers and then use the LTPA token to be automatically authenticated to the other WebSphere servers.
By default, the LTPA timeout is 120 minutes.
By default, LTPA tokens are encrypted using a public certificate and private key. In this example, the ltpa.jceks file is the keystore that contains the public certificate and private key used to encrypt LTPA tokens.