Thursday, March 22, 2007

Securing Views

As within any Notes applications, a good Notes programmer tries to minimize the number of views in a database. Regardless of the database there will be views and some are hidden. However, hidden view are really not hidden and an experience Notes user can use the Goto Shift Control and all the hidden views can be listed and accessed which is really no security at all. We wanted to prevent users or any other unwanted individuals to open the document or even right click on the document to open the document properties box and look at the content of the field. We decided to research want we could do to prevent unwanted individuals to access the information. We tried hiding the columns, but you could still right click and get the document properties box. If you place continue=false in the queryopendocument in the view that would prevent users from double clicking to open the document but users could still right click and get the document properties. However, if you place continue=false in the queryopen of the view, the view itself can never be open and users can never see the document. You can use this method to determine who can have access to the view. This method seems to work well. If anybody have an comments on how secure this is let me know.

No comments: