I’m wanting to have a user click a link with a special token in it and have the token in the url checked against a field in the document being opened. If the tokens don’t match the user is denied access to that document.
Currently the only way I see of doing this is by using the WebQueryOpen event to run an agent that checks the tokens then sets the readers field to allow access or not.
Is there a better way of doing this?
Subject: Restrict document access based on URL parameter
The WebQueryOpen call is probably the most secure. Most of the other solutions will require some sort of Javascript which can be easily bypassed. It also allows you to always control access to the form in case the user bookmarks the page.
If you’re ok with using JavaScript. One of the easiest ways would be checking for the token in the onLoad event of your document. If it doesn’t pass… send the user to another page with a “document.location” call.
Subject: Restrict document access based on URL parameter
Rather than restrict access, why not just hide a bunch of fields (or load a different subform containing a “You can’t see this” message) depending on a computed for display field that checks the url parameter?e.g. if your token in the url is “&T=XYZ” then the computed field would be: display_T and its formula would be: @If(@Contains(Query_String; “&T=”; @Word(@Right(Query_String;“&T=”); “&”; 1); “”)
The field display_T will then contain the value “XYZ” and you can use that to define which subform to load or which fields to hide.
NB Don’t “Generate HTML for all fields” on the form (in the form properties) as this shows all fields on the form to all users who care to view the page source.
Subject: RE: Restrict document access based on URL parameter
Hmmm loading a different subform might work, but ideally I would like to have the server return a not authorised error when trying to access the document.
It needs to be as secure as I can get it.
Subject: RE: Restrict document access based on URL parameter
There are lots of ways to get information from a Domino server, and if the user technically has access to a document, it will be very hard to block off all of them.
However, I really don’t like the idea of making modifications to a document every time a user tries to view it.
Why don’t you set the access so that they do not have access, and use the url of an agent that runs with the signer’s privileges, accesses the document, and “prints” the HTML?