I would like to know what are the different kinds of security are there as far as the Portals are concerned. As a portal admin, what are the steps needs to be considered for efficient portal management and security.
Please do give a detailed description right from the basic level.
Daniel Wroblewski replied
Please take a look at How To Configure Permissions for Initial Content in SAP Enterprise Portal 6.0 SP9 and Higher.pdf at https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/b295ea90-0201-0010-a88f-bad11a9e5ac6.
Also look at the admin guide at How To Configure Permissions for Initial Content in SAP Enterprise Portal 6.0 SP9 and Higher.pdf.
Essentially, there are 2 levels of security.
Users, Groups and Roles
ACLs for individual content
If I log into the portal, I can only navigate to the navigation nodes to which I am assigned. I am assigned to roles, which contain specific worksets, pages and iViews.
In addition, the PCD assigns ACLs to each each workset, page and iView, and I must have permission to view them.
But I can also run the underlying portal application without going through the PCD or the navigation. To protect against this, we have security zones, to which each portal application is assigned to.
Hope this helps.