Subscribe via FeedJeremy Hodge, Jul 14, 2009 7:20:12 PM
When you are designing with the "old" forms, you are able to restrict access to it using the security tab of the form properties, setting who had reader access, who had could create forms, etc, and you could use readers fields as well.
in XPages, you have something similar with the ACL, located in the data section of the xPage's All Properties. Here you can create aclEntries that can give Reader, Editor, or Deny Access to an user, group, Role or OrgUnit.
With this, you can control who sees what xPages, and what they can do with them. Remember, this is a refinement of the database's Access Control List, so you can't grant access to someone to view the page unless they have access to the database (but you can further restrict them).
Happy Coding!
9 responses to Controlling Access to an XPage with the XPage's ACL
Daivy Smith, March 31, 2011 2:50 AM
Hey! Interesting good...
I appreciate your insight, amongst pains, I asked for and bells.
buy Rolex Makers watches
Avi Tchiprout, January 24, 2011 10:48 PM
I have an xPages application which uses a Custom Control for authentication. I am now looking for a solution where if the client (browser) times out, instead of getting the Domino login screen I would like to go to a designated page which includes the login custom control.
So far I have tried lots of tricks but the only thing I managed to get to work is on pages that do not have a data source. There I simply check if the user in "Anonymous" and if that is correct I redirect them to my special page. On all other xPages I get the "standard" login screen.
Any ideas???
roopesh laxman, November 24, 2010 5:59 PM
hi i'm just new to xpage.in the xpage acl property i add a user with all the levels in the acl but it throwing me error "you are not authorized see this page.i'm i missed any xpage setting?.pls help me to sove this issue...:)
roopesh
yeppulis, October 29, 2009 4:17 PM
Thanks Brian for your comment, I ran into the same issue and now got it working.
Little addition, if you want to control access to data via an XPage through roles:
-create one aclEntry, and do define a name (compulsory, can be any string), right and type = Default
-create the actual aclEntry you are looking for, define the right and type = Role, and the name as defined in database's ACL (remember to put the name in squary brackets e.g. [Marketing]
Brian Hester, August 13, 2009 12:23 PM
Just wanted to add to this to maybe save someone else some time figuring it out. Apparently, if you do not include an entry for default in the acl, setting access for a group or role results in no access to the page at all.
Matt White, July 15, 2009 5:54 PM
@Rob - I changed my blog so you should now see a better description. Maybe google is caching the old title?
With regards to the reader fields, you need to remember there is a separation between the data and the UI. So documents can still have readers and authors fields as normal and that security is honoured in the XPages. All you need to do to store readers and authors fields is add them to your form as you always have done, and then when saving data with an XPage, set the data binding to do a computewithform, this will force any computed fields on the form to be calculated and stored on the document.
Matt
RobShaver, July 15, 2009 5:45 PM
By the way, did I mention that in Google Reader your blog name and Matt White's are identical? They both show the enlightening name of Blog.
RobShaver, July 15, 2009 5:40 PM
I'm a long time Notes developer but new to XPages. So new I don't even know if I can put a Notes field on an XPage. I find the use of Reader Fields to be very powerful and use them all the time. Does XPages have the equivalent of Reader Fields and Author Fields?
Paul Hannan, July 15, 2009 6:44 AM
This acl property is available too in a Panel and in a Include Page control, along with the XPage itself.
More here on how to get going.