Category Archives: Domino

IBM Verse on Premises Integration with Connections and Docs issue with iNotes_WA_Security_NonceCheck

During the week we integrated IBM Connections and IBM Docs in our test environment and everything worked fine. Then we moved the configuration to production and most of the stuff was working, like showing Business cards, profile pictures and Connections files to add into mails. Docs Viewer and uploading files from a mail to Connections generated an error: “because of an internal server error”

I digged into it with Burpsuite and Fiddler4, in the meantime a customer called me and described the same symptoms. Within the traces I found that the systems which didn’t upload the files had following header set:

X-IBM-INOTES-NONCE: <none>

and the working one had:

X-IBM-INOTES-NONCE: 2640941AE5454F5853E6732F79E7D2F5

So i searched a little bit on X-IBM-INOTES-NONCE and found that is introduced in Notes/Domino 8.5.2 and shall prevent XSS.

You can disable this with iNotes_WA_Security_NonceCheck=0 and this is mentioned in a technote, that sometimes proxies or F5 needs this setting. First we tried that on our testsystems and we seemed to be right, the upload was broken too.

We removed the notes.ini entry (or set it to 1) and after a http restart the file upload from VOP and the IBM Viewer worked!

Thanks to Thomas who digged into this with me today.

Update 2017-11-20

IBM released a technote on this.

IBM Connect 2017 – slides, news and so

This year I attended IBM Connect in San Francisco. In my eyes it was a great event and I enjoyed it very much.

Some announcements are very important for the future and evolution of the IBM portfolio:

  • IBM Connections Pink – Jason Gary and the IBM Development team showed the future of IBM Connections. The basis will be Docker and a lot of other Opensource products. I see forward to work with a complete new stack and be very curious on deployment, migration and scaling. It is a complete rewrite and will not longer need DB2 or WebSphere. A good summarize was written by Glenn Kline.
  • panagenda ApplicationInsight – all IBM Domino customers with valid maintenance will get ApplicationInsights to analyze the code and usage of their Domino databases
  • IBM Domino will be updated through feature packs, we will get Java 8 and other long awaited functionality
  • IBM announced a new lifetime IBM Champion: Julian Robichaux, big congrats to him and well deserved

Just a few session slides are available through the official conference page (we provided them, but they are still not available), so we uploaded ours to slideshare:

Best and Worst Practices for Deploying IBM Connections


IBM Connections Adminblast


All other session slides of my panagenda colleagues can be found in the panagenda slideshare account.

Update

During the 11 hour flight to San Francisco I used the time to update the XPages and Generic HTML Widgets (OpenNTF) for IBM Connections 5.5 CR2. Frank van der Linden uploaded the changes today.