How can I secure a blog application?

You control access to the blog using an Access Control List (ACL) for the blog application, just as you would any for HCL Notes® database or application.

  1. Open your blog application (myblog.nsf for example).
  2. Click File > Application > Access Control.
  3. Use these settings to allow people to read or create documents:
    Table 1. Blog application access levels

    Access

    Setting

    Allow anyone to read the blog

    Specify Reader access for Anonymous

    Allow anyone with Web access to post comments

    1. Specify Author access for Anonymous.
    2. Enable the Create documents attribute.

    Allow only specific individuals to post comments

    1. Add each individual to the ACL.
    2. Give each individual Author access.
    3. Enable the Create documents attribute for each individual.
  4. (Optional) Assign any of these ACL roles that are specific to the blog template:
    Table 2. Blog template roles

    Role

    Access

    admin

    Edit all documents even if not listed as an editor

    webadmin

    View and use the blog template web client

    webcompose

    Submit content through the blog template web client

  5. Click OK.

The blog application must be signed with a user ID that is allowed to run agents on the HCL Domino® server.

The ACL can also be used in conjunction with Security Groups so that you can also secure individual documents or categories of documents as well as defining access to the application as a whole.