User registration and licencing

hcl-bot · June 27, 2003, 5:41am

HiDue to IBM’s riduclous licencing costs for web users!!! I am looking for alternative ways to register and control users without using the NAB.

Has anyone been having a similar issue and found a viable solution? Maybe a registration app that registers users in a seperate db. Not sure of the security implications of this.

Thanks in advance

hcl-bot · June 27, 2003, 10:49am

Subject: Licencing is not specific to the Directory

1.) Can you please explain a bit more about you comment “IBM’s riduclous licencing costs for web users!!!”.

2.) “I am looking for alternative ways to register and control users without using the NAB.” How do you view this as a way to not pay for licenses?

Alan

hcl-bot · June 27, 2003, 4:25pm

Subject: I think he means compared to a regular ASP/JSP/PHP app

The typical design paradigm in those environments is that login info is stored in the current web session, but all access to relational databases is as an “anonymous” user so you don’t trigger per-user licensing costs on the RDBs. I’ve also worked on RDB apps that were designed securely that use actual logins to the RDB, but those trigger per-user licensing costs. The former method mostly works because the web server app is the one entry point, but if a hacker gets through it, he can look at everything

Both paradigms exist in the Domino world. As I understand it, as long as Domino thinks your user is still logged in as Anonymous, you are not responsible for licensing fees. That means if you use DSAPI to implement custom logins using another database, LDAP, etc., instead of the DD/NAB you still get hit with per-user licensing fees.

If you use the other paradigm of using Domino similiarly to a relational DB by leaving the web users as Anonymous by doing a pseudo-login by looking up logins and setting a cookie, you don’t seem to be hit by the licensing fees. There’s a Domino forum app vendor who is using this technique and claiming no license fees. The downside, of course, is that you can’t use a lot of Domino features to make life easier by managing users, groups, roles, hide-whens, etc. easily (similiar to using declarative security in a J2EE server vs. using session-variables in a J2EE app).

Life would be a lot easier as a Domino developer if you buy the Utility Server for $12K so you really should balance initial costs vs. additional development time…

hcl-bot · June 27, 2003, 11:02am

Subject: I do not think he realizes that IBM Folk read this forum:-)

hcl-bot · June 27, 2003, 5:48am

Subject: User registration and licencing

Hi

You can use cookies, that works fine too.

hcl-bot · June 27, 2003, 7:42am

Subject: User registration and licencing

Skirting a gray line here. An authenticated user is an authenticated user. Why don’t you look at the Domino Utility Server for Web Apps?