Can't create Public documents as Anonymous, even though ACL is set to allow it
Hi
I am building an online shopping solution, but intend to run more than one of them on the same server. I am currently working on the user registration part, but because there may be multiple instances, I don't want the users to be stored in the common Domino Directory, I'd much rather than each copy of the application managed its own users. As there will be no really sensitive information stored (like credit card numbers etc., as I will be using WorldPay), I am happy with the slightly less secure setup this would provide, so I'm writing an Agent to handle the Login/Registration process.
Here are my ACL settings:
-Default- - Author - Create documents / Read public documents / Write public documents / Replicate or copy documents
Anonymous - Author - Create documents / Read public documents / Write public documents / Replicate or copy documents
However, when I submit a completed Form, whose Security tab says All readers and above / All authors and above / Available to Public Access users, I am presented with the standard Login page.
Why is this? Am I missing something?
Thanks,
Paul
I am building an online shopping solution, but intend to run more than one of them on the same server. I am currently working on the user registration part, but because there may be multiple instances, I don't want the users to be stored in the common Domino Directory, I'd much rather than each copy of the application managed its own users. As there will be no really sensitive information stored (like credit card numbers etc., as I will be using WorldPay), I am happy with the slightly less secure setup this would provide, so I'm writing an Agent to handle the Login/Registration process.
Here are my ACL settings:
-Default- - Author - Create documents / Read public documents / Write public documents / Replicate or copy documents
Anonymous - Author - Create documents / Read public documents / Write public documents / Replicate or copy documents
However, when I submit a completed Form, whose Security tab says All readers and above / All authors and above / Available to Public Access users, I am presented with the standard Login page.
Why is this? Am I missing something?
Thanks,
Paul
In the form create a field by name $PublicAccess and make it computed when composed and give "1" as the value.
THe steps you have made just make the form available to public access users and not the documents created by them.
Partha
THe steps you have made just make the form available to public access users and not the documents created by them.
Partha
But it's not necessary to do so, because Anonymous = Author. so he can create documents no matter what $PublicAccess says. If Anonymous would be Reader, the $PublicAccess comes into play.
ASKER
Directory Assistance? So that's what that does - always wondered, but never thought I had a reason to find out!
Please bear with me for a day or three whilst I look into this new (to me) concept, & get my head around what I need to do.
Thanks to partha for explaining what is going wrong, but I feel that Bozzie4 is right in that now I know I can use a separate Directory for each instance of the application/website, I di indeed want to revert to using Domino security propoerly - I had convinced myself I didn't need to, but in reality, this was because I didn't think I could.
So, watch this space!
Paul
Please bear with me for a day or three whilst I look into this new (to me) concept, & get my head around what I need to do.
Thanks to partha for explaining what is going wrong, but I feel that Bozzie4 is right in that now I know I can use a separate Directory for each instance of the application/website, I di indeed want to revert to using Domino security propoerly - I had convinced myself I didn't need to, but in reality, this was because I didn't think I could.
So, watch this space!
Paul
Problem with DA is that it only supports a maximum of 4 other directories (I think).
This can be solved by using a server based Directory Catalog, while you are reading the help, check on that too....
cheers,
Tom
This can be solved by using a server based Directory Catalog, while you are reading the help, check on that too....
cheers,
Tom
ASKER
Ah, interesting. I will thoroughly check out both ideas in the Help/documentation.
Thanks again,
Paul
Thanks again,
Paul
Just a note: for every user of a Domino server, Web or Notes, you need a CAL...
ASKER
Client Access License - am I right in thinking that each & every registered user of a web application has to have a CAL, which costs in the region of (GBP) £46each?
I can see it now: "Before registering to use our online shopping site, please give us £46 for a license" - this is a complete show-stopper! It means we either can't use Domino, or if we do, we can't register the names in the Domino Directory, which is kinda funny, cos that brings me back to where I started this posting - trying to manually authenticate users in code, rather than using the Domino Directory & Domino's built-in security.
So, just to clarify, do I really have to pay IBM £46 per registered users, whilst having unlimited anonymous users for free? And is simply not listing them in the Domino Directory really a work-around for this?
Now I come to think about it, I have a really vague recollection of this being a factor in deciding not to use the Domino Directory before, I think I'd just forgotten that when starting this posting.
Thanks,
I can see it now: "Before registering to use our online shopping site, please give us £46 for a license" - this is a complete show-stopper! It means we either can't use Domino, or if we do, we can't register the names in the Domino Directory, which is kinda funny, cos that brings me back to where I started this posting - trying to manually authenticate users in code, rather than using the Domino Directory & Domino's built-in security.
So, just to clarify, do I really have to pay IBM £46 per registered users, whilst having unlimited anonymous users for free? And is simply not listing them in the Domino Directory really a work-around for this?
Now I come to think about it, I have a really vague recollection of this being a factor in deciding not to use the Domino Directory before, I think I'd just forgotten that when starting this posting.
Thanks,
If I remember well, there seems to be an Unlimited Web CAL, something like 60 and over. There's another snag: whatever registration you use on Domino, if your users have to identify themselves somehow (even without the NAB) you seem to required to have a CAL for them... Hey, I'm just a pianoplayer! Don't shoot me! Get the right info from your Lotus BP. Or from the Internet.
ASKER
Actually, it's probably fairer if I open a new question for the CAL issue, & keep this question on track for the allowing Anonymous users to create documents - see https://www.experts-exchange.com/questions/21201731/I-want-my-online-shopping-sites-to-allow-users-to-register-but-mustn't-need-a-CAL-for-each-user-is-there-another-way.html
sjef bosman - I'd really appreciate your thoughts on this matter in the other question - thanks.
As for this question, I'm now going to go back to trying to get an anonymous user to create a document.
sjef bosman - I'd really appreciate your thoughts on this matter in the other question - thanks.
As for this question, I'm now going to go back to trying to get an anonymous user to create a document.
ASKER
Having just added the $PublicAccess field, the site now allows me to create a document, but I've just noticed that there are already loads of these documents in existence, so I was previously adding them, I simply didn't know it, as it was displaying the doc that failed, not creating it.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
if you don't, and you give Anonymous Author access, with Create Documents, a user should be able to create documents using ALL forms, even the ones that are not Public access. However, there are some things to keep in mind:
- you need an Author field on the documents, with Anonymous in it, because if a user creates a document, saves it, and then tries to Edit it again, you will get a Login box.
- if you use Readers fields, the same goes (although I don't think you do)
- watch out for Agents (WebQueryOpen/WebQuerySave
You can't build a secure application using a login - agent alone! But if you use R6, you can take advantage of the new @sethttpheader stuff to read/write cookies with the authentication information. You would then create a Session, using cookies. In R5, this is a whole lot more labour-intensive.
cheers,
Tom