« SmartDraw |
The Lotusphere 2010 Opening General Session (OGS) »
An interesting question landed on my desk: "In a web application you use extensive agents to prepare or render content. When the user is authenticated you want that agent to run in the user's context. For anonymous users you want the agent to run in the agent signers security context, so you don't need to expose your resources to anonymous browsing. How to do that?
- Write all your business code in functions in a script library. Have one function as entry point. It is a matter of taste to use the documentContext as parameter or to retrieve that inside the function.
- Write two agents that both call that function: "agAnonymous" and "agUser". Configure the first one to run with the signer access, the second one to run as web user.
- In your WebQuer[Open|Close] use this formula:
agentToRun := @if(@UserName = "Anonymous";"agAnonymous";"agUser");
As usual: YMMV.
This site is in no way affiliated, endorsed, sanctioned, supported, nor enlightened by Lotus Software nor IBM Corporation. I may be an employee, but the opinions, theories, facts, etc. presented here are my own and are in now way given in any official capacity. In short, these are my words and this is my site, not IBM's - and don't even begin to think otherwise. (Disclaimer shamelessly plugged from Rocky Oliver)
© 2003 - 2013 Stephan H. Wissel - some rights reserved as listed here:
Unless otherwise labeled by its originating author, the content found on this site is made available under the terms of an Attribution/NonCommercial/ShareAlike Creative Commons License, with the exception that no rights are granted -- since they are not mine to grant -- in any logo, graphic design, trademarks or trade names of any type. Code samples and code downloads on this site are, unless otherwise labeled, made available under an Apache 2.0 license. Other license models are available on written request and written confirmation.