Notes / Domino by Jesse Gallagher
Data Access With XPages JEE 
By Jesse Gallagher | 1/17/25, 6:25 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Though one day I'd really like to sit down and work on expanding and categorizing the documentation for the XPages JEE project, in the mean time I can at least put together some scattered info in the form of blog posts, webinars, and example apps. Add this post to the pile! Some of it will be a rehash of previous posts, but it doesn't hurt to see it rephrased.
Using Custom DNS Configurations With CertMgr
By Jesse Gallagher | 10/25/24, 3:10 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
The most common way that I expect people use Domino's CertMgr/certstore.nsf is to use Let's Encrypt with the default HTTP-based validation. This is very common in other products too and usually works great, but there are cases when it's not what you want. I hit two recently.
Domino's CertMgr can handle those DNS challenges just fine, though, and the HCL-TECH-SOFTWARE/domino-cert-manager project on GitHub contains configuration documents for several common providers/protocols.
For historical reasons (namely: I didn't like Network Solutions in 2000), I use joker.com as my registrar, and they're not in the default list. Indeed, it seems like their support for this process is very much a "oh geez, everyone's asking us for this, so let's hack something together" sort of thing. Fortunately, the configuration docs are adaptable with formula (and other methods) - I'll spare you the troubleshooting details and get to the specifics.
Pretty-Printing JSON in the (Desktop) Notes Client and Domino
By Jesse Gallagher | 7/29/24, 3:21 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
In the OpenNTF Discord (join if you haven't!), Daniel Nashed brought up a task he was facing: in the Notes client, writing pretty-printed JSON. LotusScript has its NotesJSON* classes that can process JSON in their stark way, but the stringify output is meant for machine reading and doesn't include whitespace and line breaks, making it ill-suited for things like configuration files or other things a human might read or edit.
Since the goal is to get it working in the full Notes client and not Nomad, Java is on the table, but Java - for dumb historical reasons - has no proper built-in JSON library. However, as of 12.something HCL shunted IBM Commons down to the global classpath in order to support the "share Java design elements between XPages and agents" feature. Among many other things, IBM Commons includes a JSON library that can suit.
I wrote a post almost a decade ago talking about this library and its limited nature, but it's nonetheless less limited than the LotusScript classes, and it's up to the task. There are a couple ways to go about this, depending on your needs, but for now I'll just cover the basic case here of "I have a string of JSON and want to format it".
NSF File Server 2.0
By Jesse Gallagher | 4/8/24, 12:49 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
A few years ago, I made a little project that hosts an SFTP server that stores documents in an NSF. I've used it here and there since then - as in the original post, I stashed some company docs in it to have them nicely synced among our Domino servers, and I've also had cases where clients use it to, for example, provide a way for their vendors to upload files in a standard way.
The other week, I decided to dive back into it to add some capabilities I'd wanted for a while, and the result is version 2.0.0. This version is a significant revamp that adds quite a bit.
New Tiny Project: Wink Chattiness Patch
By Jesse Gallagher | 9/19/23, 3:38 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
I've been using the Domino 14 betas for development for a while now, and one of the things that has driven me a little nuts is the way Wink spews a bunch of INFO-level logs to the server console when the XPages runtime initializes. You've probably seen it - this stuff:
It goes on for a while like that.
This isn't new with 14 as such - it's just that 14 now ships with Verse by default, and Verse uses the Wink distribution that came along with the Extension Library, and so now everyone sees this.
Dipping My Feet Into DKIM and DMARC
By Jesse Gallagher | 4/11/23, 3:19 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
For a very long time now, I've had my mail set up in a grandfathered-in free Google Whatever-It's-Called-Now account, which, despite its creepiness, serves me well. It's readily supported by everything and it takes almost all of the mail-hosting hassle out of my hands.
Not all of the hassle, though, and over the past couple weeks I decided that I should look into configuring DKIM and DMARC, first for my personal mail and (if it doesn't blow up) for my company mail. I had set up SPF a couple years back, and I figured it was high time to finish the rest.
As with any admin-related post, keep in mind that I'm just tinkering with this stuff. I Am Not A Lawyer, and so forth.
Overdue PSA: Reverse-Proxy Headers in Domino 12.0.1FP1 and Newer
By Jesse Gallagher | 1/25/23, 11:19 AM | Infrastructure - Notes / Domino | Added by Oliver Busse
Just over a year ago now, I wrote a blog post describing the sudden removal of my beloved HTTPEnableConnectorHeaders notes.ini parameter in the 12.0.1 release.
However, during the administration-focused OpenNTF Repair Café today, I was reminded that I never modified that post or made a followup to detail the changes since then. I plan to remedy that here!
Tinkering with Mastodon, Keycloak, and Domino
By Jesse Gallagher | 11/11/22, 4:00 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
Because of what I'll euphemistically call the current historical moment on Twitter, I (like a lot of people) decided to give another look at Mastodon. The normal way one would use it would be to sign up at mastodon.social and be on one's merry way, treating it just like a slightly-different Twitter.
However, Mastodon is intentionally designed to be federated in a way similar to email, and the software is available on GitHub complete with scripts for Docker Compose, Vagrant, and so forth. So I went and did that, setting up my currently-barely-used account at @jesse@pub.frostillic.us.
That on its own isn't particularly notable, nor are the specifics of how I set it up (it was a hodgepodge of a couple posts you can find by looking for "mastodon docker compose"). What I found neat for our purposes here was the way I could piggyback authentication onto stuff I had recently done with Keycloak. Keycloak, incidentally, was the topic of today's OpenNTF webinar, so, if you didn't see it, check back there for the replay when it's posted.
Rewriting The OpenNTF Site With Jakarta EE: Data Access
By Jesse Gallagher | 6/22/22, 3:08 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
In my last post, I talked about how I make use of Jakarta REST to handle the REST services in the new OpenNTF site I'm working on. There'll be more to talk about on that front when I get to the UI and my use of MVC. For now, though, I'll dive a bit into how I'm accessing NSF data.
PSA: Reverse-Proxy Regression in Domino 12.0.1
By Jesse Gallagher | 1/20/22, 1:23 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
For a good while now, I've been making use of the HTTPEnableConnectorHeaders notes.ini property in Domino to allow my reverse proxies to have Domino "see" the real remote system. Though this feature is coarse-grained and is best paired with some tempering, it's served me well when used on appropriately-configured servers.
Unfortunately, HCL saw fit to remove this feature in 12.0.1, declaring it a security vulnerability. I don't think this made it into the release notes as such, but did eventually get patched into the "Components no longer included in this release" page for V12.
Obviously, the true problem here is that it makes my blog entries retroactively less useful. However, a secondary issue is that it will damage your applications in two main ways if you were making use of these headers:
New Adventures in Administration: Docker Compose and One-Touch Setup
By Jesse Gallagher | 12/4/21, 1:42 PM | Infrastructure - Notes / Domino | Added by Martin Pradny
As I do from time to time, this weekend I dipped a bit into the more server-admin-focused side of Domino development. This time, I had set out to improve the deployment experience for one of my client's apps. This is the sprawling multi-NSF-plus-OSGi one, and I've long been blessed to not have to worry about actually deploying anything. However, I knew in the back of my head the whole time that it must be fairly time-consuming between installing Domino, getting all the Java code in place, deploying the DBs, and configuring all the documents that associate them.
CollabSphere 2021 Slides and Video
By Jesse Gallagher | 10/22/21, 12:44 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
This year, I presented a session at CollabSphere that was essentially a whirlwind overview of the tools I use and have written to go with my large client project to do automated builds and CI/CD servers.
Thanks to the Zoom-based nature of the conference, the video is already up and available:
A Simpler Load-Balancing Setup With HAProxy
By Jesse Gallagher | 2/8/21, 2:47 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
...where by "simpler" I mean relative to the setup I detailed six years ago.
For a good long time now, I've had a reverse-proxy + load balancer setup that uses nginx for the main front end and HAProxy as an intermediary to do the actual load balancing. The reason I set it up this way was that I was constrained by two limitations:
nginx's built-in load balancing didn't do sticky sessions like I needed, which would break server-side-state frameworks like XPages
HAProxy didn't do HTTPS
In the intervening half-decade, things have improved. I haven't checked on nginx's load balancing, but HAProxy sprouted splendid HTTPS capabilities. So, for the new servers I've been setting up, I decided to take a swing at it with HAProxy alone.
A Partially-Successful Venture Into Improving Reverse Proxies With Domino
By Jesse Gallagher | 2/2/21, 5:19 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
I've long been an advocate for Domino's HTTPEnableConnectorHeaders notes.ini setting. That's the one that lets you pass some WebSphere-derived headers like $WSRA and (particularly-dangerously) $WSRU to Domino and have them fully override the normal values for the incoming host, user, and more.
I'm still a big fan of it, but it always come with the irritating absolute requirement that Domino not be publicly-accessible, lest any schmoe come along and pretend to be any user on your server. That's fine and all, but sometimes it's useful to have Domino be accessible without the proxy, such as for troubleshooting. What I really want it selective enabling of this feature based on source IP. So I set out this weekend to try to implement this.
Notes From A Week in Administration-Land
By Jesse Gallagher | 1/27/21, 1:33 AM | Infrastructure - Notes / Domino | Added by Roberto Boccadoro
This past week, I've been delving back into the world of Domino administration for a client and taking the opportunity to brush up on the niceties we've gotten in the past few releases. A few things struck me as I went along, so I'll list them here in no particular order.
Executing a Complicated OSGi+NSF+Surefire+NPM Build With Docker
By Jesse Gallagher | 8/14/20, 1:40 AM | Infrastructure - Notes / Domino | Added by Andi Kress
The other month, I got my feet wet with Docker after only conceptually following it for a long time. With that, I focused on getting a basic Jakarta EE app up and running with an active Notes runtime by way of the official Domino-on-Docker image provided by HCL.
Weekend Domino-Apps-in-Docker Experimentation
By Jesse Gallagher | 6/29/20, 5:05 AM | Infrastructure - Notes / Domino | Added by Oliver Busse
For a couple of years now, first IBM and then HCL have worked on and adapted community work to get Domino running in Docker. I've observed this for a while, but haven't had a particular need: while it's nice and all to be able to spin up a Domino server in Docker, it's primarily an "admin" thing. I have my suite of development Domino servers in VMs, and they're chugging along fine.
Domino 11's Java Switch Fallout
By Jesse Gallagher | 1/8/20, 1:36 AM | Infrastructure - Notes / Domino | Added by John Oldenburger
In Notes and Domino 11, HCL switched from using IBM's J9 Java distribution to using the OpenJ9 variant of AdoptOpenJDK. This is a lateral move technically - it's still Java 8 - and it's one presumably made in the short term to avoid licensing costs from IBM and in the long term to align better with AdoptOpenJDK.
Writing Domino JEE Apps Outside Domino
By Jesse Gallagher | 11/9/19, 10:59 AM | Infrastructure - Notes / Domino | Added by John Oldenburger
In my last post, I mentioned that I decided to write the File Store app as a Jakarta EE application running in a web server alongside Domino, instead of as an app running on the server itself. In the comments, Fredrik Norling asked the natural question of whether it'd have been difficult to run this on the server.
Implementing Cluster Replication From Domino to Darwino
By Jesse Gallagher | 3/19/19, 9:30 AM | Infrastructure - Notes / Domino | Added by John Oldenburger
Since its inception, Darwino has had two-way replication between it and Domino, and it's evolved over the years in fidelity and configurability. Recently, I was able to check an item off the to-do list that I've wanted for a while: "cluster-style" replication from Domino, where a document change immediately kicks off replication to Darwino.
XPages to Java EE, Part 3: Hello, World
By Jesse Gallagher | 1/22/19, 1:40 AM | Infrastructure - Notes / Domino | Added by Oliver Busse
I expect that I'll have some more theory and explanation to get to in future posts, but I think it will be useful to run through a quick example project. Unlike with my XPages/OSGi examples, there won't be anything in this one that you wouldn't find in any old Java EE tutorial - indeed, I'll be piggybacking on some existing ones to speed things along.
XPages to Java EE, Part 2: Terminology
By Jesse Gallagher | 1/18/19, 12:36 PM | Infrastructure - Notes / Domino | Added by Oliver Busse
Much like with my earlier series, I think it'll be useful to take a minute to go over some of the terms that we'll need to know for dealing with Java EE, beyond just the many names of the platform. Additionally, I think it'll be useful to go over some of the things we specifically need to not know when it comes to non-OSGi development.
Letting Madness Take Hold: XPages Outside Domino
By Jesse Gallagher | 1/8/19, 7:35 AM | Infrastructure - Notes / Domino | Added by Oliver Busse
Since I've been on a real Open Liberty kick lately, over the weekend I decided to go another step further and test something I'd been wondering for a while: whether it'd be possible to run the current form XPages outside of the Domino HTTP stack.
How Do You Solve a Problem Like XPages?
By Jesse Gallagher | 11/2/18, 12:57 PM | Infrastructure - Notes / Domino | Added by Oliver Busse
Fair warning: this is a meandering one and I'm basically a wet blanket the whole way through)
Last week, HCL held the third of their Twitter-based developer Q&As, with this one focusing on XPages and Designer. The majority of the questions (including, admittedly, all of mine) were along the lines of either "can we get some improvements in the Java/XPages stack?" or "is XPages still supported?". The answer to the latter from HCL, as it would have to be, is that XPages is still alive and "fully supported".
AbstractCompiledPage, Missing Plugins, and MANIFEST.MF in FP10 and V10
By Jesse Gallagher | 10/19/18, 7:36 PM | Infrastructure - Notes / Domino | Added by Oliver Busse
Since 9.0.1 FP 10, and including V10 because it's largely identical for this purpose, I've encountered and seen others encountering a couple strange problems with compiling XPages projects. This is a perfect opporunity for me to spin a tale about the undergirding frameworks, but I'll start out with the immediate symptoms and their fixes.
Domino 10 for Developers
By Jesse Gallagher | 10/9/18, 11:18 AM | Infrastructure - Notes / Domino | Added by Oliver Busse
So Domino 10 is upon us, marking the first time in a good while that Domino has had an honest-to-goodness version bump.
More than anything, I think V10 is about that sort of mark. Its primary role in the world is to state "Domino isn't dead" - not exactly coming from a position of strength for the platform, but it's the critical message that HCL has to sell if they're going to be viewed as anything but coroners.
Still, in addition to merely existing, V10 brings some changes that will help developers, particularly those - sadly - maintaining large legacy applications.
The State of Domino App Dev Post-Connect-2017
By Jesse Gallagher | 2/24/17, 10:07 PM | Infrastructure - Notes / Domino | Added by Oliver Busse
I'm en route back from this year's IBM Connect in San Francisco, and this plane ride is giving me a good chance to chew over the implications for Domino developers. First off, I'll put my bias in this matter right up front: Darwino, which I've been working on and discussing quite a bit, is one of the three "chosen" vendors for app enhancement/modernization/what-have-you.
Release Weekend: ODA and Darwino
By Jesse Gallagher | 8/2/16, 7:25 AM | Infrastructure - Notes / Domino | Added by Oliver Busse
This past weekend was a nice one for releases to a couple of the projects I work on: the OpenNTF Domino API and Darwino.
Change Bitterness and Accidents of History
By Jesse Gallagher | 6/17/16, 3:36 PM | Infrastructure - Notes / Domino | Added by John Oldenburger
It's pretty easy to see that change is in the air for Domino types. It's been taking a number of forms for a while now - the long delay since the release of 9.0.1 and associated aging of the tools and infrastructure have led to a series of forced adaptations for developers and administrators.
The Cleansing Flame of Null Analysis
By Jesse Gallagher | 5/21/16, 4:23 PM | Infrastructure - Notes / Domino | Added by John Oldenburger
Though most of my work lately has been on sprawling, platform-level stuff or other large existing codebases, part of it has involved a new small app. I decided to take this opportunity to dive more aggressively than previously into automated null analysis and other potential-bugs tools.