IBM®
Skip to main content
    Country/region select      Terms of use
 
 
   
     Home      Products      Services & solutions      Support & downloads      My account     
 
developerWorks
AIX and UNIX
Information Mgmt
Lotus
New to Lotus
Products
How to buy
Downloads
Live demos
Technical library
Training
Support
Forums & community
Events
Rational
Tivoli
WebSphere
Java™ technology
Linux
Open source
SOA and Web services
Web development
XML
My developerWorks
About dW
Submit content
Feedback



developerWorks  >  Lotus  >  Technical Library
developerWorks

[back to "Troubleshooting agents"]

Agent security at a glance (sidebar)
Figuring out agent security is not easy because there are so many different situations that you need to consider while troubleshooting a problem. The following tables should help you identify when the agent security is enforced, and whose rights are used to authenticate the access rights. Note that the tables below apply to personal and shared agents.

Table 1. Where agents can run
This table identifies the four valid situations where agents can run. The rest of the tables expand on the information included in this first one -- that is, for where an agent can run (where the value is "yes"), the rest of the tables explain the corresponding agent restrictions, database ACL rights, embedded agent rules, and whether the agent can access databases on other servers.
Type of agent/Where agent runsServerWorkstationWeb
Backgroundyesyesno
Foregroundnoyesno
Webnonoyes

Table 2. Agent restrictions
This table identifies whose user ID is used to authenticate agent restrictions.
Type of agent/Where agent runsServerWorkstationWeb
Backgroundagent creatoragent creator no
Foregroundno not used no
Web no no agent creator
o
Table 3. Database ACL rights
This table identifies whose user ID is used to authenticate database ACL rights. (Note: Releases 4.61 and 4.55 will correct some inconsistencies in how these rules apply to the database where the agent resides.)
Type of agent/Where agent runsServerWorkstationWeb
Backgroundagent creatoragent invokerno
Foregroundno agent invokerno
Webno no agent invoker or agent creator*
* based on the setting of "Run as Web User" flag
o
Table 4. Embedded agent rules
This table summarizes the rules for embedded agents. (Note: Releases 4.61 and 4.55 will correct some inconsistencies introduced in 4.53 and 4.6 in how these rules apply to simple agents calling LotusScript agents.)
Security type/Where agent runsServerWorkstationWeb
ACLcreator of each agentagent invokeragent invoker or creator of each agent
Restrictioncreator of each agentcreator of each agent, or not usedcreator of each agent

Table 5. Access to databases on other servers
This table summarizes the rules for where agents can access databases on other servers.
Type of agent/Where agent runsServerWorkstationWeb
Backgroundnoyesno
Foregroundno yesno
Webno no no

    About IBM      Privacy      Contact