on 12-03-2007 7:09 PM
I recommended this option ... can anybody find and faults with the recommendation below? What risk is there giving the super admin portal role to developers in a sandbox? I don't see any risk.
-
1) Install the Portal Development Kit (PDK) on the Sandbox portal and assign the Java Developer Role to developers.
- The PDK is a business package which adds 1 role to the portal: (com.sap.pct.pdk.JavaDeveloper role).
- SAP recommends to "install the Portal Development Kit (PDK) only* in a development or sandbox system."...in this case we install the PDK only on Sandbox.
- SAP built the PDK to provide valuable tools that help facilitate custom Java Development inside the portal.
- PDK provides detailed information and tools for API's necessary for java portal development.
2) Grant the following 2 portal roles to developers in Sandbox. The following 2 portal roles are required for users of the PDK as documented by SAP on page 7 in the following document: PortalDevelopmentKit - Installation.pdf :
- super_admin_role (*only in Sandbox)
- ContentManger role
This means that the tools inside the PDK (iviews in the Java Developer Role) will not work correctly without these 2 roles: super_admin_role & ContentManager. My guess is that SAP designed it this way because they knew there was no real risk in giving these 2 roles to developers in a Sandbox environment.
I think you need only system administration role to deploy your projects on the portal.
So I suggest you can give System administration role and Content administration role to the developers. Even I was having these roles only in one of my projects.
Please reward the points if it is helpful.
Thanks,
Pankaj
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
solved
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I am aware that super admin grants the 3 roles. However, what is the risk in a <b>SANDBOX</b>...sandbox is by definition untrusted. It is isolated from a productive environment.
System Administration role grants the user administration.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I do not see any risk in giving super admin to developers in Sandbox system. If developers do not have super admin rights, it will intoduce a bottleneck for the developer. ie., when the developer needs to check some settings , he/she needs an admin - Which is absoultely can be avoided by giving the developer full access.
For some reason , I have seen this issue with basis people, but once you educate them the difference between sap abap world and portal world , they are ok ( some agree reluctantly since they have no option !)
Regards,
Arul
Hi Kelley,
There is a huge risk if you are giving super admin role because one who is having super admin role he can assign all the roles to a particular user. If you are assigning super admin role to a particular user he gets three roles, System Administration, User Administration and Content Administration. If one is having User administration he can assign any role to any user.
Thanks,
Pankaj
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
85 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.