Taurus
asked on
Need help with Domino DB security issue
Domino Database security seems to be bypassed by Lotus Sametime's (Sametime is an app. that runs on Domino) "Add invitee" Java applet. I can't keep the applet from being able to browse the secondary directory no matter what ACL settings I use. This is a problem since I want to use a secondary directory for each company accessing the server but I don't want them seeing each others directories.
Example case:
Suppose I create a secondary domino directory, "secondDir.nsf" . I next create/install a directory assistance DB and add secondDir.nsf to it. Finally, I create a group, SecondDirGroup, and add to it a few person names.
Now, if I set secondDir.nsf's ACL to allow only access by SecondDirGroup (removing all other entries and setting "enforce a consistent ACL..."), I can still access secondDir.nsf from Sametime's invite attendee Java applet using a login that is not anyone in SecondDirGroup. That is I can see everyone and every group listed in secondDir.nsf.
Any ideas?
Example case:
Suppose I create a secondary domino directory, "secondDir.nsf" . I next create/install a directory assistance DB and add secondDir.nsf to it. Finally, I create a group, SecondDirGroup, and add to it a few person names.
Now, if I set secondDir.nsf's ACL to allow only access by SecondDirGroup (removing all other entries and setting "enforce a consistent ACL..."), I can still access secondDir.nsf from Sametime's invite attendee Java applet using a login that is not anyone in SecondDirGroup. That is I can see everyone and every group listed in secondDir.nsf.
Any ideas?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.