How to restrict Internet content access of SAP Portal applications !
- Ameya Pimpalgaonkar  
Netweaver Consultant  
Very recently i came across a scenario wherein we wanted to restrict the access to some of the application components of Enterprise Portal to internet users. That means some application should be accessed only by the internal users and not by internet users. Earlier i thought it is not possible but after having a brainstrom on it, i thoguht YES, it is possible. You can’t belive ha? Ok let us get started to see how can we achieve this.
Problem scenario:
Your company have implemented and using an Enterprise Portal and this portal is launched on Internet. In more technical terms, you have configured External Facing Of Portal. Now you want that some of the application that are on EP should be accessible only to the intranet users. But you have configured External Facing, How will you do this? Well, here is the answer..
Solution to problem Scenario:
I know this article is going little bit technical but i will try my best to explain each and every term in simpler way.
First thing you have to do is, determine which contents you want to show to only intranet users. Let us say you have a Role in Portal named “My Details” and you want the iviews or application assigned to this role to be executed only by intranet users. Solution in short - Using Master Rule Collection, Shifting your role and iviews from TLN (Top Level Navigation) to Left side Dynamic Navigation. If you implement these steps, your access restriction is achieved.
Step One:
In this step we will modify the master rule collection and set the URL alias. Master rule collection is the collection of accessibilty rules and URL alias means, if URL is http://<localhost>:50000/irj then show different desktop or say show different contents and if URL is http://internethost then show different desktop. To configure this setting you will have to have admin access to portal. Here are the steps
Go to System Administration –> Portal Display –> In left side detail navigation section, click on Desktop & Display Rules –> Portal Adminstrators –> Super Admnistrator –> Open Master Rule Collection.
Here click on Add IF Expression for URL alias, set IF URL Alias = http://hostname:50000/irj/portal Click on Apply, Then = <Portal content directory path to your desktop A>
Once configured this should look like this
Similarly repeat the steps for URL = http://internethost Then = <Desktop B>
Step Two:
Now most important step is creating Desktop A and Desktop B. Please note Desktop A is for internal Users and B is for internet users.
Go to System Administration –> Portal Display –> Desktop & Display Rules –> Portal Users –> Std. Portal Users –> Copy the default Desktop and save it as DesktopA. Similarly copy the light portal Desktop and save it as DesktopB. Now we need to add the framework page into these desktop.
Go to Content Administration –> Portal Contents –> Portal Users –> Std. Portal users –> Copy the default Framework Page and save it as FrameworkA. Once saved, open the framework and open the properties of Desktop inner Page. There you will find Dynamic Navigation Iview, now mark the Visibility Option - TRUE (Check box).
Similarly, repeat the steps for light Framework Page and now, Visibility of Dynamic Navigation Iview = FALSE (Check box).
After doing these changes, we will add our application or Iview or workset to Dynamic Navigation. For doing this, Open your iview and from the drop down select Dynamic Navigation. Now Right Click on your iview and choose “Add to Dynamic Navigation”. With this your task of restricting the application access for internet users is achieved.
To Summarize: We have configured two different URL for internet and intranet users. When user calles portal from intranet, Desktop A is shown to him. Desktop A contains Framework Page A wherein Dynamic Navigation is set to TRUE. Where as when user calls portal from internet, Desktop B is shown to him. Desktop B contains Framework B, wherein Dynamic Navigation is set as FALSE. That mean when user is accessing portal from intranet, Dynamic Navigation and in turn your application will be shown to user and when user is accessing portal from internet, Dynamic Navigation will not be shown to user, in turn your application is also not shown to user.
Hope i have made it clear and simpler. If you face any problem or doubt, post your comments. I will surely try to help you.
Regards,
Ameya
Hey Ameya!!
Excellent work..
Very Useful..
Thanks
Thanks a lot Chetna..Nice to know it is usefull..
Cheers,
Ameya
Hi ,
The above specified method is not working.Should we make any changes in the web.xml file??
Cheers,
Meena
Great work!!!.
We have a similar requirement, bit more complex!!!
We need to provide limited access for external users(vendors) to our BI portal.
Intranet users are not authorized to see their report from Internet.
Intranet Bookmarks should not our from Internet.
We created Portal Alias- but bookmarks are working from internet.
We also tried to configure proxy filtering, but able to hack the url and able to access reports.
Few Queries:
How we can deny login for intranet specific user from Internet?
new logon module?
How we can limit access to login users?
pcd object level security implementation?
Hopes you can guide me better.
Thanks in advance.
Regards
Baby
Leave a comment!
Web Content by Ameya Pimpalgaonkar is copyright protected & licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 India License.
Based on a work at www.madeitsimple.com.
Categories
Interactive SAP Training Manual
Archive
Blogroll
Tag Cloud
ABAP ABAP Simple abap simplified AIMCAT apple apple imac apple iPhone Aromatherapy career CAT CAT 2008 CAT 2009 Crack SNAP Economy English EP Essential oils GK for SNAP GMAT Grammar Holiday how to use essential oils IIFT GK list of essential oils MBA MBA in niche sector MBA opportunities Media money Netweaver Niche MBA degree parner Parnerkar Parnerkar Maharaj Poornawad prepare for SNAP GK Recession SAP SAP ABAP SAP ABAP Simplified SAP EP sap ep interview questions SNAP GK TIME VARecent Posts
Most Commented
About Ameya