Writings mostly about Lotus Notes/Domino...by me :
Jesper Kiaer,Espergærde, Denmark

Looking for a Notes/Domino developer? I'm available

RSS 2.0 Feed
Bookmark and Share
The very important missing piece in the IBM Domino NSF database
There is a lot of good stuff implemented in the IBM Domino database and it is very stabile.

There is though a very very important piece missing.

There are so many ways to create and save documents in IBM Domino today, from a form, an agent, via DIIOP, via REST, from an XPage ... you name it!
If you don't have the gatekeeper watching at the document level it is impossible to audit and control what is going on.

IBM ..Please add events/hooks for when a document is saved, opened etc.

The NSF has some LS hooks/events (Database Script) for deletion of documents (and some other bizarre ones), so I would presume it would possible to add hooks/events for the rest too without to much effort.

This has a very high priority!

OrientDB is in some ways (and in others not) a more modern version of the Domino NSF.

It has 2 types of hooks (Dynamic and Java hooks) http://orientdb.com/docs/last/Hook.html

"onBeforeCreate, called before creating a new document
onAfterCreate, called after creating a new document
onBeforeRead, called before reading a document
onAfterRead, called after reading a document
onBeforeUpdate, called before updating a document
onAfterUpdate, called after updating a document
onBeforeDelete, called before deleting a document
onAfterDelete, called after deleting a document "

Published by: Jesper B. Kiær at 02-06-2015 22:56:00 Full Post

How to print a PDF file from Java
A customer of mine have a solution which creates Invoices in a PDF format.

They want a solution where for example twenty PDF Invoices are created, but they only want to print them not work with the PDF files themselves.

So a solution could be to create the PDF files and then send them to a printer in Java.

However since the PDF format is complicated stuff, so you really want use something that works no matter how complex the PDF file is.

That really rules out a lot of possibilities. There are java PDF librairies out there like Apache PDFBOX

but my advice is to use the PDF viewer "Sumatra PDF" as the solution. Forget about Adobe Reader if you are only viewing files, it is very bloated, go for the Sumatra PDF viewer.

I have used it for many years and it is really excellent.

If your users don't have Sumatra PDF installed, just use the Portable version instead.

To print is really easy via command line options :

This will print to the default printer.

String[] params = new String [3];
params[0] = "C:\\Program Files (x86)\\SumatraPDF\\SumatraPDF.exe";
params[1] = "-print-to-default";
params[2] = "c:\\test\\test.pdf";

If you want a named printer use

params[1] = "-print-to <printer-name>"

A printer dialog

String[] params = new String [4];
params[0] = "C:\\Program Files (x86)\\SumatraPDF\\SumatraPDF.exe";
params[1] ="-print-dialog";
params[3] = "c:\\test\\test.pdf";

See other command line options here https://github.com/sumatrapdfreader/sumatrapdf/wiki/Command-line-arguments

Published by: Jesper B. Kiær at 28-04-2015 13:10:00 Full Post

IBM Notes FP3 issue with error "LS2J Error With "Java Constructor Failed To Execute" and Eclipse Update Site can no longer import
Got this strange error today trying to import newest XPages Extension Library to Update Site: "LS2J Error With "Java Constructor Failed To Execute"

It seems related to FP3 only.


Published by: Jesper B. Kiær at 12-03-2015 15:00:06 Full Post

Lenovo Superfish malware opens big hole for hackers ...beware anti-virus program Avast uses the same trick !
UPDATED with Windows Certificate removal of AVAST trusted Root Certificate

As many have reported today Lenovo has installed a malware program called Superfish on it is products for some time.

Not to repeat what others have written about it, so get a quick update at::


In short it means that the Supefish malware can read alle data in an encrypted HTTPS connection, which of course should be confidential.
That is one issue.

The big issue is that it is an entrance for hackers to listen to the secure data as well.

Today I looked at my anti-virus program AVAST on my PC, and it certainly looks at is uses the dirty same trick of installing a root certificate in your browsers.

I use Firefox as my browser and it is not hit by the Superfish issue (it is said), however when looking in the list of Root certificates for the browser I suddenly see

I did not add this Certificate...

This is the same trick as Superfish uses.

Avast adds the certificate so it can listen to all encrypted HTTPS traffic, and it may open up to hackers as in the Superfish case.

It is really bad behavior from a security company not even to ask before adding the certificate and by default enabling this feature.

An encrypted HTTPS connection should be an "end-to-end" secure connection, with only two parties having access to the data.
AVAST may use a unique certificate and intentions may be good, but it is still a "man in the middle" (attack) and AVAST has access to all confidential data going through the connection.

You should disable it!

How to disable the feature:

1. First disable the feature in Avast

- Start the Avast interface in the taskbar in Windows

Goto settings

Select Active Protection and then Web Shield -> Customize

Disable "Enable HTTPS Scanning"

2. Remove Root Certificates

You need to remove the Root Certificates


In menu select "Options"

Select "Advanced" -> "Certificates" -> "View Certificates"

Goto "Authorities" and scroll down to the Avast Root Certificate and click button "Delete .."

Accept to remove and click OK.

Internet Explorer

It is a little more complicated since you will need to start Internet Explorer with Administrator rights.

- Right click on the Internet Explorer icon and select "Run as administrator"

An Access User Control dialogbox pops up ,,click on "Yes" button

In Internet Explorer select Internet Options

Select "Content" -> "Certificates"

Goto tab "Trusted Root..." and find Avast Root certificate and click the "Remove" button

Google Chrome

I have not installed Google Chrome but the procedures are the same as in the other browsers

UPDATED with Windows Certificate removal of AVAST trusted Root Certificate

Click on windows startbutton and write "Manage Computer Certificates" and and click on it

Open "Trusted Root Certification Authories" and select the Avast certificate.

Right click and select remove.

Published by: Jesper B. Kiær at 20-02-2015 00:14:00 Full Post

Come on IBM! ...XPages is still running on the 8 year old version 6 of Java!

Come on IBM! ...XPages is still running on the 8 year old Java version 6!

That is a problem since libraries more often are being compiled to minimum version 7.

IBM, we all know Notes and Domino are the kids you never found love for..but still.. please fix it

It should not be that hard ....and a Java runtime version 8 would be nice.

Published by: Jesper B. Kiær at 23-11-2014 12:10:00 Full Post

Webmin, fix to "Error code: sec_error_invalid_key" SSL error
If you are using Webmin as a way of administrating your servers you may be getting the error "Error code: sec_error_invalid_key" when try to log into your servers.

If is because newer browsers no longer accepts certificates with short keys ( 1024 bits or less).

It is easy solved.

Get access to the Webmin interface by using an older version of a browser.,

You can do that by for example running a "Live CD" of Ubuntu, Linux Mint or what ever.

Log into Webmin and goto "Webmin Configuration":

Click on "SSL Encryption"

Goto "Self-Signed Certificate" and create a new certificate with a key of 2048 bits

Click "Create Now" and you done.

Log into webmin administrator again by accept the new certificate in the browser first

Published by: Jesper B. Kiær at 02-11-2014 12:51:17 Full Post