Secure Java Servlet

5 pts.
Tags:
Domino
iSeries
Java
Lotus
Servlet
Hi, is there any way to secure the execution of Java Servlets on Lotus Domino 7.x ? I used the Realm document and does not ask for user and password. For Databases it does. It is about Lotus Domino on iSeries machine. Thanks and best regards.

Software/Hardware used:
Lotus Domino 7 on iSeries 5

Answer Wiki

Thanks. We'll let you know when a new response is added.

Hi,

Did you issue the “tell http refresh” or “tell http restart” command after setting your realm ?

Realm is a way to secure access so something else is wrong. I would check the following.

The realm applies if the HTTP query contains the path defined in your realm. If the realm is not in the HTTP query, the default protection applies.

Also, make sure that your servlet is not accessed through another mean.
For instance, you included your servlet into an HTML file and restricted access to the servlet. Since authentication occurs only for the HTML file (which is unprotected), your servlet is unprotected.
I assume it works the same when accessing the servlet through a db. In this case though, you could restrict access to the servlet by restricting accesss to the note containing the servlet.

Lastly, You could also create a file protection document for you specific servlet.

Regards

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following