how to get LtpaToken in portlet?

[staranto]

I have a follow up to this. First off, my config is WPS/Express 4.1, Domino R5.09 LDAP. The portal is working fine. I can authenticate to the LDAP directory, etc - no problem.

However, I'm creating a portlet that is using the Domino API's found in NCSO.JAR. In the service() method of my portlet I work through the PortletRequest's cookies and find LtpaToken. I then do a --

lotus.domino.Session s = lotus.domino.NotesFactory.createSession("noteslab.abc123.com", ltpaTokenCookie.getValue());

I think this should work but it throws a NotesException with this stack --

lotus.domino.NotesException
at lotus.domino.NotesExceptionHelper.read(NotesExceptionHelper.java)
at lotus.domino.NotesExceptionHolder._read(NotesExceptionHolder.java)
at com.ibm.CORBA.iiop.RepImpl.invoke(RepImpl.java:325)
at com.ibm.CORBA.portable.ObjectImpl._invoke(ObjectImpl.java:36)
at lotus.domino.corba._IObjectServerStub.createSessionWithCookie(_IObjectServerStub.java)
at lotus.domino.cso.Session.OREFtoSession(Session.java:815)
at lotus.domino.cso.Session.<init>(Session.java:73)
at lotus.domino.cso.Session.createSession(Session.java:41)
at lotus.domino.NotesFactory.createSession(NotesFactory.java:267)
at com.foretek.test.Test.main(Test.java:13)

Not much help. I'm pretty sure SSO is configured properly on the WAS and Domino sides in that I've followed the documentation. DIIOP is also fine on the Domino server. I can hit it from a regular Java app just fine.

Anyone have any ideas? I know this may very well be a Domino question but I suspect not.

-Steve.