Solved

@Userroles is not working

Posted on 2004-04-14
27
644 Views
Last Modified: 2013-12-18
I am using @UserRoles. It works fine in client. But it is not working in web. It only shows $$WebClient not any roles assigned. What may be wrong?
0
Comment
Question by:small_doubts
  • 10
  • 10
  • 3
  • +2
27 Comments
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 10821298
Are you using Preview in a web browser on a local database? Probably not. I never had any problems with @userroles. What versions are you using, in what environment?
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 10821325
Some code to review would be nice :)
0
 
LVL 13

Accepted Solution

by:
CRAK earned 30 total points
ID: 10821392
Did you login or are you "anonymous" user (without roles)?
To make sure append "&login" to your url, some place after "?open...".
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 19

Expert Comment

by:madheeswar
ID: 10821436
very quick guys
0
 

Author Comment

by:small_doubts
ID: 10821636
Thank you for your suggestiongs. Truely quick. But I solved it.

It is for web. My nsf is on the server. There are a few roles. I was just trying to extract the available roles for a user. My ID has manager access and a few roles enabled. I did some research and found that it was showing me "Anonymous" and the role was "$$Webclient". So, I felt it was an authentication problem. I added "Anonymous" with "No Access" and as of now it is working fine.

I think I have a different question now. It must have been due to authentication. Because, earlier it was not asking for username/pwd. After adding anonymous it asked for a password and it is working fine. Is this ok? If I close the window and reopen it is not asking for password. It is more secure than earlier but is it really secure. Can you help me?

I think is is not required but this simple line was the problem.

@If(@implode(@UserRoles) = ""; "NO Access";@Implode(@UserRoles))
0
 
LVL 19

Expert Comment

by:madheeswar
ID: 10821751
What u have done is correct.

And for authnticatoin, u have to change Server document. Change session based authentication to Multiserver
0
 

Author Comment

by:small_doubts
ID: 10821829
I did not get it. What should I do? I want to make it it ask for password everytime it opens the form? It should either ask everytime, or it should not ask at all.
0
 
LVL 19

Assisted Solution

by:madheeswar
madheeswar earned 20 total points
ID: 10821834
it should ask everytime. Inorder to implement this, you need to enable session based authentication in your server document.
0
 

Author Comment

by:small_doubts
ID: 10821961
Can I put this code in a .js file and include it with script tag before using?
0
 

Author Comment

by:small_doubts
ID: 10821964
Sorry. Wrong place.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 10822255
1. You're asking two questions for the price of one
2. The browser stores the current user's info, so when you load or refresh a page on the same site you won't be asked for name/password unless the database you're trying to gain access to is not accessible by you; with session-based authentication you will have to login once, and as long as the session lasts you won't be asked to login again
0
 

Author Comment

by:small_doubts
ID: 10822660
sjef, actually I solved my problem myself. But I wanted to give points anyway than request for a refund. Thanks for your explanation. But my problem remains there. Can you tell me how to make the browser either ask for password all the time or never.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 10822867
Re 1: CRAK was on the dot, wasn't he? ;)
Re 2: what do you mean with "never"? Maybe SSL could be the solution for you, if you need proper authentication
0
 

Author Comment

by:small_doubts
ID: 10822919
CRAK was heading in the right direction, although not a solution to my problem. That's why I thought of accepting his comment as a B but I thought It would be nice to see if i could do better.

Is it possible to use @Userroles or some alternative mechanism without authenticating the user?
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 10823031
Let me answer with another question: Without knowing me, would you trust me with your credit card?

If you don't authenticate users, they are all the same: unknown human beings, who might be honest in telling you who they are but you'll never be sure. Even with authenication you cannot be absolutely sure, for passwords can be stolen, codes can be cracked, even fingerprints and retinas are copied.

Why do you want to authenicate your user? Are there different user-types? With different privileges?
0
 
LVL 24

Expert Comment

by:HemanthaKumar
ID: 10823081
"Without knowing me, would you trust me with your credit card?"

Nice arguement sjef ...

I would trust you for my visiting card ;-)

0
 

Author Comment

by:small_doubts
ID: 10823145
Nice jokes :) I can also trust sjef with my visiting card :-)

I know what you mean. But I need to have different user goups. User groups can be flexible. Flexible in the sense physical entities and user goups may map one to one or one to many or many to one. And these relationships are likely to change often. Thats what the user group called admin is for.

What were you suggesting about SSL? I am not sure what you meant.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 10823341
SSL (secure socket layer) is a means of identification, with personal and public keys. Most Internet security is based on SSL, although I put more faith in Notes' security. If you intend to use SSL, you have to set up a Secure Key generation, using a database supplied with Domino. Or you have to be able to import Internet-keys they send you. In this way you could have thorough authentication.

Are you thinking of giving the users separate names? Or how are you going to differentiate them?? Are all your users known to your organization?
0
 

Author Comment

by:small_doubts
ID: 10823445
I think SSL is not something we would prefer immediately. This might conflict with the way existing applications work.

All users are known, but no coding is to be done using person name/ids. Only roles. Users use individual ids. Sometimes, they will act on the group's behalf, but individual identity still needs to be maintained for the sake of ownership of actions.

May be some kind of OS integration? Fetch the domain and username from OS in order to authenticate automatically? Otherwise, i have to go with authentication.

I think I should ask a seperate question about authentication.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 10823642
If they all have a Notes-id, you could use a Java-based application. Is it your private Intranet or is it an Internet application, that even I could reach if I had name/password? By the way, it seems that theft happens more often inside companies than by people from outside... Beware of the reliable user myth!
0
 

Author Comment

by:small_doubts
ID: 10823733
This is an Extranet application and probably will be used on Internet too. We can and are supposed to work on making it unbreakable against common/obvious threats only. Aftreall, who knows when do crackers sleep?
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 10824040
Then you most definitely need some good form of authentication. There's a good book on this subject, an IBM RedBook "Lotus Security Handbook", http://www.redbooks.ibm.com/abstracts/sg245341.html

I'm not sleeping ;)
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 10824081
Actually, the link above refers to a book "Lotus Notes and Domino R5.0 Security Infrastructure Revealed". The book mentioned above can be found at http://publib-b.boulder.ibm.com/redbooks.nsf/redbookabstracts/sg247017.html?Open
0
 
LVL 13

Expert Comment

by:CRAK
ID: 10824136
Thanks for the points small_doubts.
I knew that was causing the problem, but before I'd make you change the ACL, I felt that I had to make sure first. The "&Login" can be used as a (temporary) workaround.

Quite a discussion guys! Nice comment Sjef.... I might quote you one day (the credit-card thing)!
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 10824220
If you want me to send you all some business cards? Guaranteed mine... Bwahahahah!

Sjef ;)
0
 
LVL 13

Expert Comment

by:CRAK
ID: 10827279
Feel free, and don't forget to include your credit-card..... you know me, don't you?
Don't need your whole wallet; you may not know me that well.... <GRIN>

(Sigh..... so I finally get to buy this home cinema set after all!)
0
 

Author Comment

by:small_doubts
ID: 10830726
Thanks sjef, I will download and see the book you referred me to. Very helpful tips from all of you, thanks for them.

CRAK, to get to sjef's credit card you will have to work in the help desk of sjef's bank ;) BTW, am I invited to watch a movie on your new cinema set :)
0

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For Desktop Techs: How to retain a user's Notes configuration data when swapping out the end user's computer. (Assuming that you are not upgrading to a completely different version of Notes client) All you need to do is: 1) install Notes o…
Lack of Storage capacity is a common problem that exists in every field of life. Here we are taking the case of Lotus Notes Emails, as we all know that we are totally depend on e-communication i.e. Emails. This article is fully dedicated to resolvin…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question