Parameter:
HTTPNoSessionShort description: Prevents the creation of server-side HTTP sessions – thereby disabling session-/SSO-based authentication on the HTTP task.
Profile
Parameter | HTTPNoSession |
Category | HTTP / Web |
Component | Server |
Available since | 9.0 |
Supported versions | 9.0.1, 10.0, 11.0, 12.0, 14.0, 14.5, 14.5.1 |
GUI equivalent | Web Site / Internet Site document |
Possible values | 0 = sessions active (default), 1 = no sessions |
Description
During HTTP operations, Domino creates sessions per logged-in user and references them via session cookies (
DomAuthSessId, LTPA tokens, or similar). HTTPNoSession=1 switches this mechanism off completely – applications that rely on session cookies or LTPA SSO will no longer work afterwards. Useful, for example, on pure API servers or for reverse-proxy architectures in which session management happens upstream of Domino.Example configuration
HTTPNoSession=1
Notes & pitfalls
- Classic web applications (iNotes/Verse, Domino web apps) require sessions – check compatibility beforehand.
- With both
HTTPDisableAuthBasic=1andHTTPNoSession=1active, only SSO via an upstream proxy / SAML remains – plan the auth strategy carefully.
- Takes effect after an HTTP restart (
tell http restart).
- For single sign-on (LTPA/SAML/OIDC),
HTTPNoSession=0must be set.