The most important tool for controlling access to your application is the database's Access Control List (ACL). Within the database ACL, you define which people, groups, and/or servers have access to your database and what functions they can each perform.
Every Domino database contains an Access Control List. Users, groups, or servers with Manager access can add, modify, and remove users and groups, and they assign them specific access to the application. Whenever users attempt to access this database (from either a Notes or Web client), the ACL is used to determine their respective privileges.