We have been using the NotesFactory.createSession(null, String) method to create Session objects from Java servlets for a long time but for some reason it didn’t work under Domino 6.0.x when running Internet Sites so we gave it up and continued using Web Configuration where it worked flawlessly. Until now that is since we really needed some of the Internet Sites functionality so I gave it another try under 6.5.4 but without any success. I broke down and called Lotus Support.
Lotus support came back to me promptly with a solution. The solution was to use another method to create the Session objects. Instead of manually getting the LtpaToken cookie from the request and passing it to the createSession-method as mentioned above you should pass the HttpServletRequest to the method like NotesFactory.createSession(null, javax.servlet.HttpServletRequest).
Perfect!