"Is using XPages for a public-facing website a good idea?"
My answer is, "It depends." If it involves user submitted data then there are just too many issues with security on XPages. I gave a talk last year at UKLUG on Security on Domino systems. It wasn't very well attended, but those who did attend received some shocking information as to the extend of security loopholes that many people leave in their websites. XPages is superb for developing rich, interactive websites. But developers who fail to understand the security aspects of what they develop in leaves themselves (and their companies, and their users) at the mercy of people who will try all sorts of nasty tricks to get at the data behind the scenes.
XPages has a few flaws in it which allows "issues" if it's not developed properly. But I just can't get people to listen to these and thereby avoid the pitfalls.
"Is using XPages for a public-facing website a good idea?"
My answer is, "It depends." If it involves user submitted data then there are just too many issues with security on XPages. I gave a talk last year at UKLUG on Security on Domino systems. It wasn't very well attended, but those who did attend received some shocking information as to the extend of security loopholes that many people leave in their websites. XPages is superb for developing rich, interactive websites. But developers who fail to understand the security aspects of what they develop in leaves themselves (and their companies, and their users) at the mercy of people who will try all sorts of nasty tricks to get at the data behind the scenes.
XPages has a few flaws in it which allows "issues" if it's not developed properly. But I just can't get people to listen to these and thereby avoid the pitfalls.