Scenario:
User preview xpage for editing in web browser.
Developer replicate a local replica to the server.
User click save button and trigger save action partial/full refresh
In 8.5.2 crash the whole database based on can't find java design classes. In 8.5.3 no error CS/SS accrued but there are no changes applied to the document. Seems like if you replicate the sessionID is overridden. Is there a way to fix/detect it?
Any ideas?
thx
It relates to this effect: Meaning of java.lang.ClassCastException: someClass incompatible with someClass.
Simply said, every design change resets XSP engine. Since 8.5.3 you can control it by property "Refresh entire application when design changes" in XPage properties - turning it off (default since that version) will just "soft reset" XSP engine.
Anyway, you may loose some scoped variables and beans. This concludes to some rules to obey:
Do not allow developers to change design in production during working hours.
Notify users about the problem (onError event for partial refresh) - Tim's comment explains, that you won't get an error from partial refresh after design change, unfortunately. Simple CSJS code pinging app availability and report problem when app does not respond could work, but I don't advise that: we use "keep alive" control from ExtLib, and troubleshooting in domlog.nsf became a nightmare - it is full of pings (almost all the time - many users keep their browsers open overnight).
If data are very important, implement auto save mechanism similar to Google apps.
BTW: This effect is similar to time-outed session - partial refreshes will fail and user need to reload the page (and possibly loose edits).
Related
We have a (super)user who has been using VBA in an Excel spreadsheet to create and manipulate documents in a Domino database application.
The user has 'Editor' access to the application, and should normally be able to create/edit the document contents.
They have been, however, creating documents using VBA. That logic doesn't consider such important document fields as Readers, Authors, etc. .
We would like to restrict access to all Domino data so that it can only be created/modified using an IBM Notes client.
I have tried looking through the ECL, but that only restricts what 'others' do.
Since he has his Notes client available, the external logic is using his normal Notes credentials.
I have tried setting a hidden field with the Notes client and looking for that in the QuerySave event of the form design.
Unfortunately, the external code pays no attention to the form events and the save is executed despite the missing field.
Similarly, the Database Script has no bearing on the execution of external logic.
I was going to inspect the client version upon database open and restrict activity based on a variance in the version (I was hoping!).
I have de-selected the 'Don't prompt for a password...' option in the user security preferences, but that has no effect at all (suspected as much!).
The ONLY thing I have been able to suggest is to hide the database design... That's really only designed to thwart a user's efforts to understand the underlying design.
It won't prevent them from creating hundreds of thousands of documents with a fictitious form and throwing the app into disarray.
I'm hoping that there is a solution out there that I'm missing.
The user has been instructed not to undertake such activity in the future.
We were lucky that there really wasn't any malicious intent - "Just trying to be more efficient" we're told.
The effects of the activity have been remedied, and the user has been warned.
What I want to know is... how can I prevent this from ever happening again?
The circumstances are rare I know, but I would've thought there'd be a means of restricting the platforms used to manage Notes/Domino data.
Is there a way to ensure no external applications are able to access, create or modify Notes database documents?
I am currently focussing on access to Notes via COM.
I thought that, if I unregistered 'nlsxbe.dll' from the registry, that would prevent such activity - It has not.
I also tried removing the .TLB files from the Notes executable folder - removal of 'notes32.tlb' and 'domobj.tlb' have no effect at all. Removal of 'ltsci3.tlb' screws everything up (as expected!).
I'm really having no luck at all - Any/all suggestions would be most appreciated!
I'm not aware of any way to detect that a connection has been made by standalone code instead of by the Notes client, but you do have two paths available to you:
A Domino server add-in that prevents documents from being saved in that particular database if certain criteria aren't met.
An agent that is triggered to run shortly after documents are saved or modified in that particular database. The agent code can delete (or modify, if you prefer) the documents that don't conform to the required criteria.
The server add-in route would normally require coding in C, but thanks to the Open NTF Trigger Happy project, the hard part is done for you, and the rest can be filled in with either LotusScript or Java agent code that is "triggered" by the pre-written C code. You will need to have some basic knowledge of how the Notes Extension Manager interface works, but once you get past that and write your agent code to enforce your data consistency/integrity requirements, the only real hurdle is your willingness to host open source code on your server.
There may be two other possibilities, but I can't say if either will solve or deal with the issue...
In the ECL you can disable 'COM' access for the user (also known as OLE or ActiveX) automation since VBA access is usually via COM. This has stopped Notes using external COM access for me, but I don't know if also prevents VBA using Notes. Additional steps may be needed to enforce the ECL and apply to the specific users.
There is an (old) notes.ini 'DisableExternalApps' (or something similar) that disables some external access. This can affect many things (DDE/Prompts/#dblookups) but again I don't know if this will disable VBA/COM and its not user specific, but server wide.
I would have thought that removing the nlsxbe.dll or restricting access to execute it might work, but the ECL may be the best bet.
Alternatively, rather than add hidden flags to your design (and the documents), and then delete the offending documents, your agent could apply the correct author/reader fields to the documents instead.
Very tricky. Did you find a better solution?
I have a problem which I am struggling to identify. It may be a Sitefinity(CMS)-problem or it may be a IIS-problem.
Explanation:
I have a external database, where the user login-information is stored. When I change my information in the external database the changes does not affect the Sitefinity-page. But if I wait for many hours OR restart the website in IIS, the changes are made and affect the sitefinitypage.
So, as far as I can see this could be either Sitefinity or IIS.
I tried to disable the Sitefinity OutPut Cache, but it did not help.
Now I want to try to do something in IIS, but I am not very familiar with IIS. Do you hae any idea of what should I do/try?
Sitefinit has caching profiles. The standard (default) one should be 20 minutes, sliding expiration if I remember correctly. Go to the page, click Title & Properties. In the dialog scroll down until you see "Advanced" seection. It's probably collapsed by default.
Expand it and see if Caching profile is anything different than "No caching". If so - make it "No caching" and save. Re-test.
This is output cache. You can think of it as saving the html page on the first request and then serving this saved copy. The cache invalidates on multiple events. For example if you publish the page - it will invalidate the cache.
A business owner of my ticket tracking app in Xpages wants to track every change to the document. If a user opens the doc in edit mode but doesn't change anything, then no tracking. If, however, they open up a document and change one field, I have to capture that.
Here is my solution. When a user edits a doc, I create a "shadow document", which is a "before" vision. When the user saves I am comparing field for field for changes, and then acting appropriately.
Is there a better way to do this?
This is another good use case for Java beans. If you create a bean which sits between XPages-UI and Domino back-end document then you can easily track field changes.
Karsten Lehmann wrote a blog about it some time ago.
... and you could use the OpenNTF Domino API that has functions for exactly this. As far as I remember there is an example of this in the demo database. Not sure if it is also in the new version of the demo database - but then you may just need to find an older version (e.g. for milestone 4.5 where I saw this).
/John
We have a legacy Lotus Notes application that we want to see if we can make an improvement, first by making a test environment for this application. Currently the application is located on the main server and being replicated every 15 minutes to the web server. The replica on the web server has different forms and views since they are adjusted to display the information on the web browser (in my understanding)
I have made a new copy of the application that is on the main server without any problem. I had some problem replicating it to the web server since I do not understand what will happen to those element design that are not being used in the application on the web server. So what I did was replicating the application from the main server to the web server, then deleted all the design elements on the web test then copy all the design elements from the production environment to the web test.
By doing that I was able to get into the login page then log in. After I login, the frameset that suppose to display the default view giving this error message 'HTTP Web Server: Couldn't find design note'. First of all, I thought this is normal since I could not find the view in the database and that confused me since the live system works without that view present on the database BUT when I tried to access a view that I know present on the database, I still get the same error.
So after all that I opened the web test application on a Lotus Notes client. I can open the views that are exist. Now at this point there are 2 things that I am very frustrated about:
The live system works even when the code specifically mentions views that I cannot find from the Domino Designer. It just does not make any sense
As a test I created a 'Test' view on the web test application. Basically I just told it to fetch one of the form called 'WORec' that contains Work Order information. Into my surprise, the view opens up on the web browser but shows no result, which frustrates me even more since the view 'WOByName' gets all the Work Orders just fine. These 2 views have the same selection formula, so I really do not understand why 1 view is able to show data where the other does not. Moreover if I tell the test view to fetch all the documents in the database it only fetch those documents that are not 'WORec' form
I know this is long but if I can get some pointers on what I am doing wrong here. I am just trying to create a test environment. Unfortunately I never dealt with Domino web application or a replication that completely has different element design.
Let's start with the test view.
When you created the view, you need to first verify it is a Public view. Private views or Shared Private on First Use (SPOFU) views are not what you want here.
also, verify the name and alias of the view is unique to your database.
Next, verify your selection formula is correct.
use formula, instead of simple so you can actually see the formula. e.g.
SELECT #UpperCase(Form) = "WOREC"
Refresh your view designer (F9) - do you see your records coming through?
also, make sure the view is not hidden from Web clients... you will see this in the designer client, when looking at a list of views - a column indicating whether or not it is hidden from web clients, note clients, mobile clients, etc.
if not, open one of the documents up. Show properties, verify the form property in the box (2nd tab), matches the value "WORec". If not, correct your view selection with the correct form name spelling.
Next, you need to make sure you are allowed to view this from the web.
Open the Access Control List (ACL) and add "anonymous" as reader or above.
Open the view in Designer, and Preview it in web browser.
As for the "Couldn't find design note" message - that's not good. You definitely are missing design elements. Whether this is due to a selective replication formula issue, or acl issue, or whatever, is hard to tell. But if you have a Notes thick client and a separate web version, I would recommend different databases (or master templates) and not trying to use selective replication to handle that sort of thing.
As I understand it, you replicated the database then deleted all design elements and manually replaced them by copying from the production web replica. Instead, you should have made a template from the production web database (by doing a design-only copy), and then you should have used the 'Replace Design' feature to update the test web database from that template.
As an aside: an application built the way you describe (two replicas on separate servers, each with a different set of design elements) is a pretty bad implementation. It may have been done in the very early days of Domino, before the "Hide from Notes client" and "Hide from Web" properties were available at the design element level. Or it may have been done deliberately for "security purposes" (which I put in quotes because relying on Domino design element to enforce security on a Domino web application doesn't really make the application any more secure). You may be stuck with this... but you may not be. So before you try to improve or enhance this application, I think you should look into using the "Hide from... " properties on the design elements.
On the other hand, if you stick with the current design, I do want to mention that you're going to need to make sure the ACL settings and selective replication settings on your main and web test replicas match the ACL selective replications settings on the corresponding production replicas. Otherwise, you'll end up with a jumble of design elements when the test databases replicate across servers.
I suggest you to make a new copy of the Notes Database that is on your web server to your test server.
try to open in with your browser and check that all is OK.
open this copy in designer and check that it contains the views that you didn't see previously on test.
I'm not sure that you have really 2 different designs (one for webser different from the one of your main server) so:
- on the main server: open the File/Replication/Option for this application. In advanced, check When web server receives from .... if the design elements is checked.
if not it makes sense that there are TWO different design versions.
Maybe the view you didn't find (on the web server) restricts use? to check this:
- In the view (on the main server) check in the properties of the view the tab with a key "all readers and above". If it's uncheck THIS is the reason why they don't exist on the web server AND that you don't see them in the designer:
If your don't have the role or are not the person which can "who may use this view" you don't see the view and can't copy it.
To correct this simply enter the ACL (file/Application/Access Control) and grant you the corresponding role.
I hope I helped
I'm working on an XPages Mobile app using mobile controls from Extension Library.
My hope page is a menu leading to 4 different mobilePages.
I get this this is 1 XPage and we're dealing with "Virtual Pages". But is there a way to clear viewScope variables and document bindings as you go back and forth between virtual pages?
For instance. In one of my pages I ask the user for some data. 3 Fields stored in viewScope Variables. Using that I then have a button to Create a new document which gets bound to a panel and then I do things with it.
If the user hits "back" from the menu bar, to go to the Home screen and then goes back to the same page I want to clear everything and start all over.
setting resetContent= true doesn't do anything here.
My virtual page is a custom control and I tried to clear everything on beforePageLoad but that wiped it all during a manual refresh.
I tried hooking into the rendered property of the back button but that fired during a full page refresh. Possibly I could live with partial refreshes but someone might still manually refresh it.
Any way to get this ability inside the single page app mobile context?
Thanks!
See the following XSnippet on OpenNTF.org for your answer and a worked example - have fun! BTW: this is something we want to support on the Mobile App Page in an upcoming release - for now you can use the worked example I provide on XSnippets!
http://openntf.org/XSnippets.nsf/snippet.xsp?id=calling-server-side-jscode-during-mobile-page-transitions
Have you tried using requestScope for the virtual page bindings? From your description, it sounds like this would be the correct scope to use.