This section walks through the
Act-as-User feature configuration. When you
complete these steps you will be able to run the
cfgtest application which shows these
- A Domino user accessing the Node.js application with a web browser.
- The application redirecting the user to the IAM Service, where the user authenticates and authorizes the application to act on behalf of the user.
- The application executing the following with the access rights of the authenticated user:
- Domino Access Service requests for calendar data from the user's calendar.
- Domino-Db requests to read/write documents in a Domino database.
The key points about this sample application are:
- The application does not have access to the user's password.
- The IAM service, as a central service to the Domino server:
- authenticates users and requires that each user decide whether to allow an application to act on their behalf.
- maintains a registry of approved applications on the Domino server.
The steps to configure Act-as-User are:
- Configure the credential store.
- Configure Proton as a resource provider.
- Configure the Domino web server as a resource provider.
Act-as-User operation Rules:
- Database level 'Act-as-User' operations are controlled by the database ACLs.
- Server level 'Act-as-User' operations are controlled by the 'Act-as-User Configurations' in the AppDev Pack configuration database.