Skip to main content link. Accesskey S
  • HCL Logo
  • HCL Notes and Domino wiki
  • THIS WIKI IS READ-ONLY. Individual names altered for privacy purposes.
  • HCL Forums and Blogs
  • Home
  • Product Documentation
  • Community Articles
  • Learning Center
  • API Documentation
Search
Community Articles > Lotus Domino > Domino server tasks > DIIOP Usage and Troubleshooting Guide
  • Share Show Menu▼
  • Subscribe Show Menu▼

Recent articles by this author

DIIOP Usage and Troubleshooting Guide
This provides the pertinent information required by current and future users of the Domino Server's DIIOP task
Community articleDIIOP Usage and Troubleshooting Guide
Added by ~Manny Elnumannivu | Edited by ~Manny Elnumannivu on September 5, 2014 | Version 13
  • Actions Show Menu▼
expanded Abstract
collapsed Abstract
This provides the pertinent information required by current and future users of the Domino Server's DIIOP task
Tags: DIIOP, CORBA, SSL, IOR, NotesFactory, Lotus, Domino

What is DIIOP?

Domino is able to allow external programs to execute on the server through the DIIOP task. DIIOP stands for Domino Internet Inter-ORB Protocol. DIIOP is Domino's implementation of CORBA.

 

Configuring security settings

The rights to execute a program that uses DIIOP is controlled by security settings on the Security tab of the server document:

Under Server Access, "Access server," "Not access server," "Create new databases," and "Create replica databases" must be set to provide the ID executing the code the necessary server access rights.

Under Programmability Restrictions, "Run unrestricted methods and operations" and "Run restricted LotusScript Java agents" must be set to allow the ID executing the code the necessary rights to run the Java program.


Configuring the DIIOP port

In order to connect to Domino, the DIIOP port must be enabled on the server. This is set on the server document on the Ports - Internet Ports tab. If the server is set to use internet site documents, a DIIOP site document is used instead of the server document for each internet site requiring access over DIIOP.

Controlling the DIIOP task


The DIIOP task is started like any other Domino server task - you can add it to the ServerTasks= line of the server's notes.ini if you wish the task to load at server startup. You can start the task manually with the console command "load diiop", stop the task with "tell diiop quit", and restart the task with "restart task diiop"


Creating Java programs that use DIIOP

A program that uses DIIOP makes a connection to the server with a call to the NotesFactory createSession method. One the session is established, the Java program can access Domino objects on the server as if they were local to the program.

NotesFactory class documentation in Domino Designer Help
http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=%2Fcom.ibm.designer.domino.main.doc%2FH_NOTESFACTORY_CLASS_JAVA.html

 

For an overview of coding Java programs that use DIIOP, there are many good references:

"Java access to the Domino Objects" IBM developerWorks http://www.ibm.com/developerworks/lotus/library/ls-Java_access_pt1/index.html

"Examples: Running a Java program" Domino Designer Help, example DIIOP programs start with Example 7 http://publib.boulder.ibm.com/infocenter/domhelp/v8r0/index.jsp?topic=%2Fcom.ibm.designer.domino.main.doc%2FH_EXAMPLES_COMPILING_AND_RUNNING_JAVA.html

"Writing standalone Java code that connects to IBM Lotus Domino" Domino wiki http://www-10.lotus.com/ldd/dominowiki.nsf/dx/06082009125716amweb7tu.htm

 


Retrieving the IOR

The IOR is a file named diiop_ior.txt that is created automatically in the server's data/domino/html directory by the DIIOP task. Before a Java program can run over DIIOP, it must retrieve the IOR from the server. This is done automatically by the createSession method through a connection to the server's HTTP port. However, this cannot be done over SSL through the HTTPS port.

If using Internet Sites, the IP address or host name of the site providing the IOR may need to provided by setting DIIOPIORHost in the server's notes.ini.  See http://www-10.lotus.com/ldd/dominowiki.nsf/dx/diiopiorhost and http://www-01.ibm.com/support/docview.wss?uid=swg21236597 

SSL and IOR retrieval

If the HTTP port is set to redirect all traffic to SSL, (seton the server document's Ports - Internet Ports tab) you must do one of the following:

- Explicitly connect to the server with the createSession method using the DIIOP port, which is by default set to port 63148. The DIIOP port can be used instead of the HTTP port to retrieve the IOR.
- or -
- Connect to the server using the getIOR method first, and then create the session using the method createSessionWithIOR, for example:

String args[] = new String[1];
args[0] = "-HTTPEnableSSLSecurity";
String ior = NotesFactory.getIOR(host,args);
s = NotesFactory.createSessionWithIOR(ior, userName, password);
   

Program execution over an SSL connection

If an SSL connection is required for DIIOP, the external code must reference the TrustedCerts.class, which is found in the server's domino/java directory. Copy the file from the server to a location which can be accessed by the external program. Domino Designer Help provides the documentation on this requirement.

For remote (IIOP) applications, the client must have access to the server's trusted root certificate, stored in TrustedCerts.class in domino/java in the server's data directory. This file is generated by the DIIOP task when it starts and is enabled to listen on the SSL port specified in the server document. The HTTP task delivers TrustedCerts.class to applets. For other applications, ensure that TrustedCerts.class is on the classpath.

 

Troubleshooting DIIOP

Data on pressing by the DIIOP task can be written to the console log by enabling debug notes.ini parameters. It is necessary to restart the DIIOP task for these settings to take effect.  

The following setting will write all DIIOP operations to the server console and the console log 

DIIOP_DEBUG_ALL=1

 

To reduce the amount of data logged, you may wish to use a less verbose setting.  DIIOP_DEBUG_ALL is a shortcut equivalent to setting the following debug notes.ini parameters:

 

DIIOP_DEBUG_INVOKE=2
DIIOP_DEBUG_CONNMGR=1
DIIOP_DEBUG_SSLCERT=1
DIIOP_DEBUG_CONFIG=1
DIIOP_DEBUG_CWBASE=1

Accessing a configuration summary

You can determine the server's current configuration for the DIIOP task by issuing the console command "tell diiop dump config" A text file containing all server DIIOP settings will be written to diiopcfg.txt, which will be in the data directory of the server. 

 

If you need to contact a support professional for a DIIOP issue, you should be prepared to provide the console log, the Java program, the server's notes.ini, and the DIIOP configuration. 

 

 

Domino's DIIOP task opens a wide range of possibilities to fully exploiting your Domino's server potential.   We hope this guide makes your use of it as easy and effortless as possible.

 

 






 

 

  • Actions Show Menu▼


expanded Attachments (0)
collapsed Attachments (0)
Edit the article to add or modify attachments.
expanded Versions (1)
collapsed Versions (1)
Version Comparison     
VersionDateChanged by              Summary of changes
This version (13)Sep 5, 2014, 7:11:14 PM~Manny Elnumannivu  Minor change
expanded Comments (0)
collapsed Comments (0)
Copy and paste this wiki markup to link to this article from another article in this wiki.
Go ElsewhereStay ConnectedAbout
  • HCL Software
  • HCL Digital Solutions community
  • HCL Software support
  • BlogsDigital Solutions blog
  • Community LinkHCL Software forums and blogs
  • About HCL Software
  • Privacy
  • Accessibility