Get started Bring yourself up to speed with our introductory content.

How can COM help us secure our apps against hackers?

We have Notes applications in use within our company (not Web-enabled) that might be vulnerable to hacker-type employees. Could these DBs be updated by the use of COM by employees who have legitimate author access in the ACLs? Would access behind the scenes via COM be subject to the same Notes security as users on the workspace? Is there a way to track users who may be trying to view confidential info via COM? If you could point me to more info on this topic, I'd appreciate it.
I forwarded this question to Bob Balaban, Notes programming wizard, at Looseleaf.net. His answer:
COM programs can get access to Notes databases via the COM API "back-end classes," which are very similar to the LotusScript classes. There are no security issues with COM access, though, because COM (say, VB) programs will either run under the authority of an existing Notes ID (for which the user will have to supply a password) or by supplying a Web username/password combination. Once the COM session has been established and authenticated, that session only has the access the authenticated user should have to any Notes database (i.e., ACL protection still works). $Revision fields and other tracking mechanisms also work normally.

Dig Deeper on Lotus Notes Domino Access, Permissions and Authentication

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.




  • iSeries tutorials

    Search400.com's tutorials provide in-depth information on the iSeries. Our iSeries tutorials address areas you need to know about...

  • V6R1 upgrade planning checklist

    When upgrading to V6R1, make sure your software will be supported, your programs will function and the correct PTFs have been ...

  • Connecting multiple iSeries systems through DDM

    Working with databases over multiple iSeries systems can be simple when remotely connecting logical partitions with distributed ...