Increasing SSO security by preventing anonymous access to HTML files
We can modify notes.ini to prevent anonymous access to files in the HTML directory. The NoWebFileSystemACLs parameter, when set equal to 1 in notes.ini, prevents anonymous access to files served up in the HTML directory on the IBM Lotus Domino server, increasing security and reliance on the single sign-on method of authentication.Perform this task after configuring single sign-on for all the Lotus Domino servers in the site.
Perform the following steps:
- On the Lotus Domino server, using a text editor, open notes.ini in the /Lotus/Domino directory.
- Add the parameter NoWebFileSystemACLs=1 to the file. Do not place this as the last line of the file.
- Restart the Lotus Domino server.
Parent: Configure SSO between WebSphere Portal and Lotus Quickr services for Domino