As discussed in the Design Partner forum, our use case for DOTS is to rebuild the same functionality with OSGi plugins that scheduled agents provide in the "pre-OSGi Domino era". With DOTS, as well as with our own scheduler plugins running in the HTTP OSGi container, we can execute Java code on a schedule.
Currently, this code is running with server ID privileges when it accessed Lotus Notes data. Since we expect that a few customer administrators do not like this "openness" (by default, the server ID can open any database, although it cannot access encrypted data), we would like to be able to execute the code under a different security context (Notes session of a different user).
This is currently only possible with workarounds/hacks. For example, we could create a session with NotesFactory.createSession(host, user, password), but that would required that the user's password is stored somewhere.
Another workaround is to sign an XPage with the right Notes ID, open it from OSGi via http request and pass the sessionAsSigner back to OSGi through the XPages extensibility APIs. If the XPage is configured for anonymous access, this workaround would work without storing a password, but might lead to further security concerns.
It would be great if DOTS could address this issue and provide a way to execute code under a different user ID.
And to make it easier to deploy DOTS on customer servers, the project definitely needs to become a supported part of the standard Domino server.