Skip to main content

HCL and Domino and the Rest API - 1 Installation

I've been meaning to write this post for at least a year but these days I'm always too busy for blogging. Last year, we embarked on a project in which we wanted to regularly exchange data between Domino and a SQL server database on Azure. 


We looked at several third party options before realizing that HCL Domino had what we needed built-in and out of the box - even better, HCL also had a "codeless" solution (Foundry) available to us to do the whole transfer. 

This post will most likely be the first part of a series that covers the REST API and a bit of Foundry. I'm no expert on either but there's not a lot of information out there so anything is better than nothing. 

Prepping the Environment

Before embarking on our API journey, we upgraded our servers to Domino 12.0.2. It's something of a sore point with me that people think that it's fine to leave Domino on much older versions, for example, release 9. It isn't. Old versions of any software have security holes and Domino is no exception. Unless you're happy working on Windows 95 and Word 97 and you don't have any internet services, you should always be on the latest. 

Just consider how you will explain your "cost cutting" to your board of directors when your systems have been hacked. Don't take the risk, stay up to date. 

Installing the REST API

You can find HCL's REST API Documentation here. It took me a little while to figure out how to install it. Essentially, you need to add Java to your file path and use a command line installer to get the REST API running. It was quite a while ago but our command line was something like this.

C:\Users\adminauspay>d: 

D:\>cd D:\Install\07 REST API 1.0.3 

D:\Install\07 REST API 1.0.3>java -jar restapiInstall.jar -d="D:\Lotus\Domino\data" -i="D:\Lotus\Domino\notes.ini" -p="D:\Lotus\Domino" -r="D:\Lotus\Domino\restapi" -a 


At the time, we were installing REST API 1.0.3 but we quickly upgraded to 1.0.4.

Once the command line has run and things are set up correctly you can get to the REST API using a command line similar to this.

https://ourserver.ourdomain.com:8880/

If https isn't working for you, try http. Essentially, you' re looking for a screen similar to the following:



Port 8880

One of the first things you need to be thinking about at this point is -- "What do I do about Port 8880?"
You can change this port if you want but it's worth remembering that any hacker with a port scanner will still be able to find it. The answer to the security questions will depend on your server setup.
  • If your server only has publicly accessible materials on it, You might consider allowing the port to stay as is but you should at the very least have some very responsive firewalling around it. 

  • If your server has a mix of public and private information on it, then you should consider replicating the public material to a new server that will become your Public REST API server (assuming you're making those APIs public) and then setting up replication for the data on that server to be available on whatever other servers you need it on.  Those other servers should be behind firewalls.

  • If your API service is entirely for internal use, then you might want to consider firewalling that port so that it's only available to certain endpoints. This could force users to have a VPN or if it's talking to an application, such as a HCL Foundry server or other service, you could have the port locked to a single set of IP Addresses. 
If in doubt, call in some network experts.

In my next post, I'll cover some basic API calls and testing.
Labels:

Comments

Post a Comment