#dominoforever | Product Ideas Portal

 

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Allow servlet (in database) to create new <user> session (or open database as <user>)

In cases where we have a REST servlet (in database) that is using a 3rd party authorisation mechanism to validate tokens/apikeys, it would be nice if the servlet could create a new <user> session (instead of running as anonymous or as the code signer). This would enable us to link specific apikey identities to Domino web user accounts.

The newly created <user> session can then be used to open application database(s), views, documents etc. and thereby allowing all built in security functionality (database ACLs, reader/author fields, etc.) to be applied. Fields such as $UpdatedBy etc. would also then use the effective Domino web user name, etc.

Alternatively, if creating a new session for a specific <user> is not possible, would it be possible to offer an "as user" option when opening a database so that the <users> ACL permissions in the database are enforced instead of anonymous or the code signers?

Obviously the ID that signs the application design elements would need an applicable privilege/right (via the server document security settings) to be able to do this (like "run as user").

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Feb 21 2019
  • Needs review
  • Attach files