I read your article "Controlling the agent in your system". It's very helpful.
But Running agent as web user seems not work as the way in Scenario three on my system.
I am using Domino 5.05 on solaris. I wrote an agent which the user need "run unrestrict agent" access to run.I checked Run as web user box in agent properties. I also added the invoker's name, IGreen, in the unrestrict field. But I didn't add the agent creator's name in this field.
Then I invoked it use URL command
as user IGreen.
But the server said:
HTTP Web Server: Lotus Notes Exception - Error
validating user's agent execution access
Possible cause: the agent signer may not be allowed to execute agents.
Then I added the creator's name to the unrestrict field. It worked.
It seems the server always user creator's name to check the agent restrictions.
In your article, You said,
On the Web client
On the Web client, as with the Notes client, the agent restrictions are determined by the !agent creator!. However,Notes uses either the database rights of the agent invoker or the agent creator to verify database access.
But in the Scenario three, Why user X, the invoker, is used to check the restriction?
Did I misunderstand something? Could you please give me some instruction?
Thanks a lot.