You can send Hybrid App DCN requests to users in other security configurations if you belong to the default security configuration.
If the Hybrid App DCN sender is authenticated against the default admin security configuration, they are automatically authorized to push data to all users regardless of their individual security configuration. If not, the sender can only push to users within the same security configuration.
For example, in the case of a non HTTP authentication request, this request is authorized to push data to users in other security configurations since the sender supAdmin, belongs to the admin security configuration:
http://host:8000/dcn/DCNServlet?cmd=wf&security=othersecurity&domain=default &username=supAdmin@admin&password=supPwd&dcn_filter=aa.bb&dcn_request=<request>
And this request is denied because supAdmin@mysecurityconfig can only push data to users in the same security configuration:
http://host:8000/dcn/DCNServlet?cmd=wf&security=othersecurity&domain=default &username=supAdmin@mysecurityconfig&password=supPwd&dcn_filter=aa.bb&dcn_request=<request>