What's So Great About Domino?
So why has Domino endured the test of time and continued to be relevent after 20 years on the market? Domino has a proven track record as a mature application platform, providing a rich, flexible, and secure environment for developing and distributing applications. Here are some of the features that Domino is well-known for and that make it stand out from other platforms.
Security Ad Infinitum
Domino security stands out from other application development platforms for several reasons. First is certificate-based identification. Every identity is based on certificates that are currently 1024 bits strong.
To set up a Domino Server, you must either join an existing Notes Domain (a trusted Domino Server network) or create a new one. All certificates have to be created using a known Certifier ID. The Domain Certifier ID is the underlying certificate containing the encryption keys that uniquely identify your Notes Domain. If you are creating a new Domain, you can create a new Certifier ID. The server domain, Domino servers, and users all must have valid certificates that match what the server has on record and are certified by a known and trusted Certifier. A server cannot claim to belong to a domain if it doesn't have the right certificate. Users cannot claim an identity if they don't present the certificate that the server has on record for the user.
Certificates are stored in ID files that are encrypted and password-protected. So simply getting an ID file is not enough to be able to utilize a certificateyou need to know the password for the ID file as well. It's impossible to generate a duplicate certificate. If you set up two Domino networks at the same time, with the same name and the same server domain name, they will not be able to live in the same domain because the certificates will not match. Every identity and certificate that is generated is impossible to duplicate. Thus, your server network can't be breached by impostor servers or impostor users.
In addition to the power of certificate-based identification, access to databases is controlled by the Access Control List (ACL). The ACL is used to secure access to the entire database by specifying which individual users, user groups, servers, and Domino domains can open the database. You can specify whether the access being granted is for depositing data, reading and/or editing records, viewing, creating or modifying design elements, or even modifying the ACL. Such rights are granted on an entry-by-entry basis in the ACL.
The concept of "depositor" privilege is akin to the "write-only" privilege in some operating systems. With depositor access, you can create records but cannot read any records, not even the records you created. This is useful for secure collaboration in which information can be gathered from many sources while preventing access to reading any data.
Beyond the database-level access controlled by the ACL, every individual document within a database can have its own access control. Documents have the same access control flexibility as that provided by the ACL. Thus, you can specify which users, user groups, servers, or ACL roles can access the records for reading and/or editing.
And if that weren't enough, individual fields on a record can be given an encryption key that is shared only with users with whom you want to share visibility of the data element.
Domino servers can be configured to accept only encrypted network connections. As a result, your data is secure in transit, even when connecting over the Web. Secure transit effectively makes your Domino server network as secure as any VPN without the need for any other software or hardware. This is impressive given that Domino server has been providing transit security for free, even before VPNs were a gleam in Cisco's eyes!
Domino security has a long-proven track record, so much so that the CIA and the U.S. military prefer to use Notes Mail and Domino as the platform of choice for some of their applications.
Replication: There's Only One of Me Until Suddenly There's Two of Me!
Database replication was a standard feature in Domino when no one else knew what replication meant. Domino replication is another mature, industry-leading, rock-solid feature that serves as the foundation for other Domino features. Replication is a process in which an exact duplicate of a database can be created, and the two "replicas" can be separated from each other in time and space, operated on independently, and brought back into perfect synchronization at a future date. This means that applications can be distributed throughout a network of multiple servers around the country or around the globe. Thus, all copies of the application will have the same data after replication has done its magic.
This also means that an application can be used offline, completely detached from the server in which it originated. Domino's offline capabilities allow a user to create and modify data while away from the Domino server network. Later, a user can have edits automatically added to the server's copy of the application. Also, upon reconnection Domino gives a user access to all the records that were created while they were offline.
Replication is what makes DOLS (Domino OffLine Services) possible. DOLS is a relatively lightweight software that you can install on a client system. DOLS enables you to have what is effectively a local Domino server that can host Notes and web applications. A properly designed application can be replicated onto a DOLS client and used locally as a Notes or web application. (DOLS includes an HTTP server.)
Figure 2 Replication and DOLS let you use your Domino applications anywhere, any time.
When the DOLS client gets back in contact with the system from which it retrieved the DOLS application, the client and server replicate their copies of the databases and re-synchronize them.
Watch these demonstration videos for a good explanation of Domino replication and examples of various replication scenarios:
This is a great option for distributing applications to a small, remote location with limited connectivity, for workers needing to create or modify data while disconnected from the corporate network, or for users who have to do their work on-site without any network connectivity at all.
One Platform, Many Languages
Creating Domino applications can be done utilizing a wide variety of programming languages. There are C and C++ API libraries that you can use to create Domino applications and Notes client tools. In fact, if there isn't a product out there that gives you the additional functionality you want, you can create an add-on using the API libraries. The APIs may be a bit much for most programmers, but they do give you access to the lowest level of functionality provided by the Domino platform.
Depending on your needs, an application will most commonly be created using a combination of the Lotus "@Commands (at commands)", LotusScript (very much like Visual Basic), and Java. @Commands are the simplest "higher-level" methods. They don't require much programming knowledge to use. LotusScript will be used for more complex development needs because it is a full-blown, object-oriented programming language.
For maximum flexibility, you have the option of using Java to do your development, allowing you to incorporate a broad variety of third-party and Open Source APIs if necessary. To take advantage of the power of @Commands, programs written in either LotusScript or Java can utilize them using the "evaluate()" method. For example, your LotusScript or Java program can invoke evaluate(@DBname) to get the name of the currently opened Domino Database and the server name in which it is currently hosted.
When programming with LotusScript or Java, you need to utilize the Domino application object model. This object model has been in place for years and originated when LotusScript was introduced into the product. When Java was added as a development option, the same object model was implemented in Java, so programmers familiar with the LotusScript object model were able to leverage their experience to easily convert their LotusScript code into Java code.
The Domino Server and Notes Client share a large portion of their internal code. This is required for the Domino Server to able to support web applications, where it is the Domino Server that must execute Notes client application code and must create web pages from the results. From my experience as a developer, I have learned that anything that the Notes client can do, your Domino server can do as well.
When you write code that will be run on the server, there are not a lot of special considerations that need to be made or restrictions that are imposed on your code.
Combined with the Domino Server's scheduling mechanism, it's a slam-dunk to create programs that run automatically at desired intervals without the need for a Notes Client. In terms of development environment, one size really can fit all. The variety of languages available to write Domino code leverages your developer's time and experience in more ways than one. The ability of the server and client to run the same code gives you more options in how work is accomplished by your Domino applications.