Administering Portal Authorization |
Portal authorization is accomplished by controlling access to the content that is added to the SAS Information Delivery Portal. Portal authorization concepts include the following:
Portal administrator. The SAS Trusted User (sastrust) is the portal administrator that is responsible for managing and troubleshooting the portal, and creating users, groups, and group content administrators.
Portal users and groups. Carefully consider the types of content that you plan for the portal, and which groups you should create for that content. See Planning for Portal Users and Groups.
Group content administrators. A group content administrator is delegated to managing content for a particular group of users. Group content administrators assume responsibility for creating and sharing portal content with their respective groups. For details, see Configure a Group Content Administrator and Sharing Content in the Portal.
Portal content. In addition to sharing content, there are other ways to control access to portal content. After you have organized your users into groups, you can configure authorization for portal content in order to allow or restrict access for members of these groups. See Understanding Portal Authorization.
SAS Content Server. To authorize access to content on a SAS Content Server, users and groups that are defined in a SAS Metadata Repository can be defined. See Using the SAS Content Server Administration Console.
Permission trees. The portal stores all permissions in SAS metadata, and displays the permissions in Authorization Manager in the SAS Management Console. The resources for which a portal user or group has permissions are all grouped under a folder that is designated for the user or group. These folders are called permission tree folders. Permission trees are created for groups when the portal administrator logs on to the portal, or the Web application server is restarted. You can also create permission tree folders manually by running the initPortalData.bat file on Windows or the initPortalData.sh file on UNIX and z/OS. This option is recommended when you have a large number of new groups that require permission tree folders.
Unchallenged portal access. Effective with release 4.3 of the SAS Information Delivery Portal, you can choose to enable unchallenged access to the portal. Users can then access the portal and interact with selected content without providing a user ID and password. The option is similar to the Public Kiosk feature in the SAS 9.1.3 release of the SAS Information Delivery Portal. See Enabling Unchallenged Portal Access.
Copyright © 2010 by SAS Institute Inc., Cary, NC, USA. All rights reserved.