Solved

@Userroles is not working

Posted on 2004-04-14
27
641 Views
Last Modified: 2013-12-18
I am using @UserRoles. It works fine in client. But it is not working in web. It only shows $$WebClient not any roles assigned. What may be wrong?
0
Comment
Question by:small_doubts
  • 10
  • 10
  • 3
  • +2
27 Comments
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
Are you using Preview in a web browser on a local database? Probably not. I never had any problems with @userroles. What versions are you using, in what environment?
0
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
Some code to review would be nice :)
0
 
LVL 13

Accepted Solution

by:
CRAK earned 30 total points
Comment Utility
Did you login or are you "anonymous" user (without roles)?
To make sure append "&login" to your url, some place after "?open...".
0
 
LVL 19

Expert Comment

by:madheeswar
Comment Utility
very quick guys
0
 

Author Comment

by:small_doubts
Comment Utility
Thank you for your suggestiongs. Truely quick. But I solved it.

It is for web. My nsf is on the server. There are a few roles. I was just trying to extract the available roles for a user. My ID has manager access and a few roles enabled. I did some research and found that it was showing me "Anonymous" and the role was "$$Webclient". So, I felt it was an authentication problem. I added "Anonymous" with "No Access" and as of now it is working fine.

I think I have a different question now. It must have been due to authentication. Because, earlier it was not asking for username/pwd. After adding anonymous it asked for a password and it is working fine. Is this ok? If I close the window and reopen it is not asking for password. It is more secure than earlier but is it really secure. Can you help me?

I think is is not required but this simple line was the problem.

@If(@implode(@UserRoles) = ""; "NO Access";@Implode(@UserRoles))
0
 
LVL 19

Expert Comment

by:madheeswar
Comment Utility
What u have done is correct.

And for authnticatoin, u have to change Server document. Change session based authentication to Multiserver
0
 

Author Comment

by:small_doubts
Comment Utility
I did not get it. What should I do? I want to make it it ask for password everytime it opens the form? It should either ask everytime, or it should not ask at all.
0
 
LVL 19

Assisted Solution

by:madheeswar
madheeswar earned 20 total points
Comment Utility
it should ask everytime. Inorder to implement this, you need to enable session based authentication in your server document.
0
 

Author Comment

by:small_doubts
Comment Utility
Can I put this code in a .js file and include it with script tag before using?
0
 

Author Comment

by:small_doubts
Comment Utility
Sorry. Wrong place.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
1. You're asking two questions for the price of one
2. The browser stores the current user's info, so when you load or refresh a page on the same site you won't be asked for name/password unless the database you're trying to gain access to is not accessible by you; with session-based authentication you will have to login once, and as long as the session lasts you won't be asked to login again
0
 

Author Comment

by:small_doubts
Comment Utility
sjef, actually I solved my problem myself. But I wanted to give points anyway than request for a refund. Thanks for your explanation. But my problem remains there. Can you tell me how to make the browser either ask for password all the time or never.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
Re 1: CRAK was on the dot, wasn't he? ;)
Re 2: what do you mean with "never"? Maybe SSL could be the solution for you, if you need proper authentication
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:small_doubts
Comment Utility
CRAK was heading in the right direction, although not a solution to my problem. That's why I thought of accepting his comment as a B but I thought It would be nice to see if i could do better.

Is it possible to use @Userroles or some alternative mechanism without authenticating the user?
0
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
Let me answer with another question: Without knowing me, would you trust me with your credit card?

If you don't authenticate users, they are all the same: unknown human beings, who might be honest in telling you who they are but you'll never be sure. Even with authenication you cannot be absolutely sure, for passwords can be stolen, codes can be cracked, even fingerprints and retinas are copied.

Why do you want to authenicate your user? Are there different user-types? With different privileges?
0
 
LVL 24

Expert Comment

by:HemanthaKumar
Comment Utility
"Without knowing me, would you trust me with your credit card?"

Nice arguement sjef ...

I would trust you for my visiting card ;-)

0
 

Author Comment

by:small_doubts
Comment Utility
Nice jokes :) I can also trust sjef with my visiting card :-)

I know what you mean. But I need to have different user goups. User groups can be flexible. Flexible in the sense physical entities and user goups may map one to one or one to many or many to one. And these relationships are likely to change often. Thats what the user group called admin is for.

What were you suggesting about SSL? I am not sure what you meant.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
SSL (secure socket layer) is a means of identification, with personal and public keys. Most Internet security is based on SSL, although I put more faith in Notes' security. If you intend to use SSL, you have to set up a Secure Key generation, using a database supplied with Domino. Or you have to be able to import Internet-keys they send you. In this way you could have thorough authentication.

Are you thinking of giving the users separate names? Or how are you going to differentiate them?? Are all your users known to your organization?
0
 

Author Comment

by:small_doubts
Comment Utility
I think SSL is not something we would prefer immediately. This might conflict with the way existing applications work.

All users are known, but no coding is to be done using person name/ids. Only roles. Users use individual ids. Sometimes, they will act on the group's behalf, but individual identity still needs to be maintained for the sake of ownership of actions.

May be some kind of OS integration? Fetch the domain and username from OS in order to authenticate automatically? Otherwise, i have to go with authentication.

I think I should ask a seperate question about authentication.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
If they all have a Notes-id, you could use a Java-based application. Is it your private Intranet or is it an Internet application, that even I could reach if I had name/password? By the way, it seems that theft happens more often inside companies than by people from outside... Beware of the reliable user myth!
0
 

Author Comment

by:small_doubts
Comment Utility
This is an Extranet application and probably will be used on Internet too. We can and are supposed to work on making it unbreakable against common/obvious threats only. Aftreall, who knows when do crackers sleep?
0
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
Then you most definitely need some good form of authentication. There's a good book on this subject, an IBM RedBook "Lotus Security Handbook", http://www.redbooks.ibm.com/abstracts/sg245341.html

I'm not sleeping ;)
0
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
Actually, the link above refers to a book "Lotus Notes and Domino R5.0 Security Infrastructure Revealed". The book mentioned above can be found at http://publib-b.boulder.ibm.com/redbooks.nsf/redbookabstracts/sg247017.html?Open
0
 
LVL 13

Expert Comment

by:CRAK
Comment Utility
Thanks for the points small_doubts.
I knew that was causing the problem, but before I'd make you change the ACL, I felt that I had to make sure first. The "&Login" can be used as a (temporary) workaround.

Quite a discussion guys! Nice comment Sjef.... I might quote you one day (the credit-card thing)!
0
 
LVL 46

Expert Comment

by:Sjef Bosman
Comment Utility
If you want me to send you all some business cards? Guaranteed mine... Bwahahahah!

Sjef ;)
0
 
LVL 13

Expert Comment

by:CRAK
Comment Utility
Feel free, and don't forget to include your credit-card..... you know me, don't you?
Don't need your whole wallet; you may not know me that well.... <GRIN>

(Sigh..... so I finally get to buy this home cinema set after all!)
0
 

Author Comment

by:small_doubts
Comment Utility
Thanks sjef, I will download and see the book you referred me to. Very helpful tips from all of you, thanks for them.

CRAK, to get to sjef's credit card you will have to work in the help desk of sjef's bank ;) BTW, am I invited to watch a movie on your new cinema set :)
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

This is an old article, please see an updated version of this article, located here: http://www.experts-exchange.com/articles/23619/Notes-8-5x-Windows-7-Notes-info-and-tips.html
For beginners of Lotus Notes user this is important to know about the types of files and their location supported by IBM Notes. Mostly users are unaware about how many file types are created and what their usages are. This Article is fully dedicated…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now