Home
IBM® Domino 10.0.1 Documentation
Welcome to the IBM® Domino 10.0.1 Administrator Help.
Configuring
Use this information to configure an IBM® Domino® network, users, servers (including Web servers), directory services, security, messaging, widgets and live text, and server clusters. Also use this information to set up IBM iNotes® on a server using Domino Off-Line Services (DOLS).
Configuring Web servers
This section describes how to set up the IBM® Domino® Web server, the Domino Web Navigator, and other Web servers such as IBM HTTP.
The Domino® Web server
Domino® provides an integrated Web application server that can host Web sites that both Internet and intranet clients can access, and that can serve up pages that are stored in the file system or in a Domino database.
Setting up a Domino® server as a Web server
You can specify that you want to run the HTTP task on the Domino® server. Domino can then function as a Web server and allow browser clients to access databases on the server.
Example CORS JSON configuration
Here is example content for cors-rules.json.

IBM® Domino 10.0.1 Documentation
Welcome to the IBM® Domino 10.0.1 Administrator Help.
- What's new in IBM® Domino® 10?
  Learn about all of the new features for administrators in IBM® Domino® 10.
- Overview
  Welcome to IBM® Domino® Administrator Help.
- Installing
  Use this documentation to install the IBM® Domino® server and subsequently deploy the IBM Notes® client.
- Planning
  Use this topic as an overview of planning task.
- Configuring
  Use this information to configure an IBM® Domino® network, users, servers (including Web servers), directory services, security, messaging, widgets and live text, and server clusters. Also use this information to set up IBM iNotes® on a server using Domino Off-Line Services (DOLS).
  - Configuring a network
    This section presents the planning concepts and setup procedures necessary for a successful IBM® Domino® deployment over a network. It provides information on network protocols from a Domino perspective but does not attempt to provide general network information.
  - Configuring users and servers
    Topics in this section describe how to set up users and servers.
  - Editing the NOTES.INI file
    You should rarely, if ever, need to modify a server's or client's NOTES.INI file. The NOTES.INI file contains many settings that Domino® and Notes® rely on to work properly. An accidental or incorrect change may cause Domino or Notes to run unpredictably. Therefore, you should edit the NOTES.INI file only if special circumstances occur or if IBM® Support Services recommends that you do so.
  - Configuring directory services
    This section describes how to plan, set up, and use IBM® Domino® directory services.
  - Configuring messaging
    This section provides an overview of messaging and describes how to set up mail routing, how to set up and customize mail servers, and how to track mail.
  - Configuring iNotes®
    IBM® iNotes® (previously IBM Domino® Web Access) provides IBM Notes® users with browser-based access to Notes mail and to Notes calendar and scheduling features. Administrators specify mail policy and security policy settings as well as notes.ini file settings to complete the full implementation of IBM iNotes.
  - Configuring Web servers
    This section describes how to set up the IBM® Domino® Web server, the Domino Web Navigator, and other Web servers such as IBM HTTP.
    - The Domino® Web server
      Domino® provides an integrated Web application server that can host Web sites that both Internet and intranet clients can access, and that can serve up pages that are stored in the file system or in a Domino database.
      - Setting up a Domino® server as a Web server
        You can specify that you want to run the HTTP task on the Domino® server. Domino can then function as a Web server and allow browser clients to access databases on the server.
        Starting and stopping the Domino® Web server
        There are several different ways you can start and stop the Domino® Web server.
        Modifying Web server Internet port and protocol settings
        You can change default Internet port and protocol settings for the Web server.
        Configuring cross-origin resource sharing (CORS)
        Configure cross-origin resource sharing (CORS) to allow a web application from another origin to access resources on a Domino web server.
        CORS JSON configuration
        Configure CORS by editing the cors-rules.json file that you created.
        Example CORS JSON configuration
        Here is example content for cors-rules.json.
        Enabling CORS debug logging
        To debug incoming CORS requests, use the CORS_FILTER_TRACE setting to enable trace logging.
        Setting up protocol security for the Web server
        If you set up protocol security, you can filter out requests that may be potential attacks, such as probing for buffer overflows or request parsing errors. If you host third-party applications, set the limits to the most stringent values that still allow the applications to work normally. If the request exceeds the limit, the Web server discards the request and returns an error to the browser.
        Restricting access by IP address on the Web server
        You can determine the client machines that are allowed to access the HTTP and HTTPS ports of the Web server by specifying a list of IP addresses that have access, and a list of addresses that are denied access. You can also specify which list takes priority if an address matches both lists.
        Hosting Java™ applets
        Using the Java™ Notes® classes, application developers can create applets that perform server tasks, such as opening a session and retrieving information from a database access control list. The server can host the applet and when a client requests it, download the applet to the browser.
        Generating references to the Web server
        You can specify how other servers generate URL references to this Web server. This feature works only for servers that are in the same Domino® domain (share the same Domino Directory).
        Managing Java™ servlets on a Web server
        A servlet is a Java™ program that runs on a Web server in response to a browser request. Servlets for Domino® must conform to the Java Servlet API Specification, an open standard published by Oracle.
        Setting up and enabling WebDAV
        WebDAV (Web-based Distributed Authoring and Versioning) is a set of extensions to the HTTP/1.1 protocol which allow users to collaborate in the editing and management of files on remote Web servers.
        The browser.cnf file
        The browser.cnf file is installed automatically in the server data directory when you install Domino®. It contains configuration settings for browsers used to render Domino Web applications. Specifically, this file is used by @BrowserInfo to determine browser properties.
      - Hosting Web sites
        You can use Web Site documents to host Web sites on Domino®. The Web Site document is one type of Internet Site. Web Site documents contain Web site configuration information and are managed through the Servers\Internet Sites view along with other types of Internet site documents.
      - Custom Web server messages
        You can customize some of the error messages or responses that are generated by the Web server. If an Error & Response form-mapping document exists in DOMCFG5.NSF, then custom errors, not generic errors, are used.
      - Using gzip compression
        The Domino® Web server can serve files compressed by gzip (GNU zip). You must add the compressed file to the appropriate server directory. This feature is on by default.
      - HTML generation options
        The HTMLOptions capability was developed for the Web server as a general, extensible way for Web application developers to specify form and field specific options to control the Web engine's HTML generation. It allows users to select alternate behavior for the web server HTML generator, without requiring dedicated Domino® Designer events or info box controls.
    - The Web Navigator
      The Web Navigator lets Notes® workstations access the Web, without having a direct connection to the Internet. The Web Navigator server, which has a direct connection to the Internet, retrieves pages for users. The Web Navigator retrieves pages on Internet servers -- for example, servers that use Internet services such as HTTP, FTP, or Gopher.
    - Setting up Domino® to work with IBM® HTTP Servers
      You can install an IBM HTTP server module on the same computer as an IBM Domino server if the two servers must reside on the same computer and support TLS.
  - Setting up a cluster
    Setting up a cluster includes the tasks of creating and verifying that it is working correctly, and then setting up user access, mail, replications, size quotas, directory assistance, roaming, web navigation, and use of a private LAN in the cluster.
- Securing
  This section describes IBM® Domino® security features, including execution control lists, IDs, and SSL.
- Administering
  This documentation provides information about the administration tools for managing and monitoring IBM Domino® servers and databases.
- Tuning
  Use this information to improve IBM® Domino® server, Domino Web server, and messaging performance through the use of resource balancing and activity trends, Server.Load commands, advanced database properties, cluster statistics, and the Server Health Monitor.
- Troubleshooting
  This section describes how to find and solve problems with IBM® Domino® server and Administrator client.
- Glossary

Example CORS JSON configuration

Here is example content for cors-rules.json.

This sample JSON file content illustrates these important points:

Rules precedence Rules are evaluated in the order they appear in the file and evaluation stops once a match is found. In this example, the first two rules both apply to the origins http://this.example.com and http://that.example.com. The first allows read-only access ("GET") to resources that match /api/data/documents. The second allows read-write access to other resources that match /api/data. Since /api/data/documents is more specific than /api/data, it MUST come first. If the order of the two rules is reversed, the CORS filter ignores the /api/data/documents rule because requests for /api/data/documents match /api/data.
Credentials The first two rules allow credentials ("allowCredentials": true), but the third rule does not. Since the Domino Access Services (DAS) freebusy API is meant to allow anonymous requests, there is no need to accept credentials for requests matching /api/freebusy.
Default behavior Cross-origin requests are disabled when no matching rule is found for a resource. There is no rule for resources matching /api/calendar. Therefore the following configuration disables cross-origin requests for the DAS calendar API. The default is always to disable cross-origin requests.

{
  "version": "1.0",
  "rules": [
    {
      "resource": {
        "path": "/api/data/documents"
      },
      "allowOrigins": [ "http://this.example.com", "http://that.example.com" ],
      "allowMethods": [ "GET" ],
      "allowCredentials": true
    },
    {
      "resource": {
        "path": "/api/data"
      },
      "allowOrigins": [ "http://this.example.com", "http://that.example.com" ],
      "allowMethods": [ "GET", "POST", "PUT", "DELETE" ],
      "allowCredentials": true,
    },
    {
      "resource": {
        "path": "/api/freebusy"
      },
      "allowOrigins": [ "http://this.example.com" ],
      "allowMethods": [ "GET" ]
    }
  ]
}