How can I secure a blog application?

You control access to the blog using an Access Control List (ACL) for the blog application, just as you would any for IBM® Notes® database or application.

  1. Open your blog application (myblog.nsf for example).
  2. Click File > Application > Access Control.
  3. Use these settings to allow people to read or create documents:
    Table 1. Blog application access levels



    Allow anyone to read the blog

    Specify Reader access for Anonymous

    Allow anyone with Web access to post comments

    1. Specify Author access for Anonymous.
    2. Enable the Create documents attribute.

    Allow only specific individuals to post comments

    1. Add each individual to the ACL.
    2. Give each individual Author access.
    3. Enable the Create documents attribute for each individual.
  4. (Optional) Assign any of these ACL roles that are specific to the blog template:
    Table 2. Blog template roles




    Edit all documents even if not listed as an editor


    View and use the blog template web client


    Submit content through the blog template web client

  5. Click OK.

The blog application must be signed with a user ID that is allowed to run agents on the IBM® Domino® server.

The ACL can also be used in conjunction with Security Groups so that you can also secure individual documents or categories of documents as well as defining access to the application as a whole.