Learn About IBM Lotus Notes Domino 8 Developing Web Applications

  By Certification Magazine —

Objective: Security.
Sub-objective: Set database access: Use Maximum Internet name and password.

Single answer, multiple-choice

The following ACL settings have been configured for the HELPDESK.NSF database that resides on the AppServer1 Domino server:

Default entry = "Author"
Anonymous entry = "Reader"
WebUsers group entry = "Editor"

The "Maximum Internet name and password" field is set to "No Access."

John is a member of the WebUsers group. Assuming that server AppServer1 has been set up to allow anonymous access, what access level will John have when he accesses this database from a Web browser?

A.    Author.
B.    Reader.
C.    Editor.
D.    No Access.

Answer:
D

Tutorial:
John will have No Access when he accesses this database from a Web browser. To control anonymous access to a database, an ACL entry name of Anonymous should be added to the database ACL. The Domino server on which the database resides also must be configured to allow anonymous access. The access level assigned to the Anonymous entry in the database ACL should be set to the level required by users who should not have to authenticate in order to perform a database operation.

If a user is accessing the database anonymously and then attempts to perform an operation that exceeds the access level of the Anonymous ACL entry, Domino will challenge the user to authenticate before it allows the user to proceed with the database operation.

The Maximum Internet name & password Advanced ACL setting should be set to the highest level of access required by any Web-browser user, regardless of whether or not authentication is required. For example, if anonymous Web-browser users can read documents in the database and certain authenticated Web browser users must be able to create and edit documents in the database, the Maximum Internet name & password Advanced ACL setting should be set to Editor. Only then would the database ACL impose the proper access on the Web-browser user.

Reference:

Domino Designer 8 Help > Application Management > Security in an application > The database access control list > Acceptable entries in the ACL