Adding Custom Web Applications

Overview

Custom Web applications that are enabled for SAS can be accessed both from within the portal and from outside the portal. For examples that show how to add SAS Web applications to the portal, see Example: Adding SAS Web Report Studio .

The following sections describe the steps for adding Web applications to the portal.

Step 1: Design and Code the Web Application

Developers in your organization can design and code Web applications for some or all users. This step is not required for SAS Web applications, such as SAS Web Report Studio that have been developed to support single sign-on with all supported authentication providers. For more information about single sign-on, see SAS Intelligence Platform: Security Administration Guide.

Note: If your custom application sends data to the portal, then the application must set its encoding to UTF-8 when it sends the data.

Step 2: Ensure That the Appropriate User or Group Permissions Tree Is Created in the SAS Metadata Repository

If you are a group content administrator for specific groups, you can share a Web application with that user group (which is defined in SAS metadata). You can share pages with either of the following groups:

a PUBLIC group, which contains all portal users. It is convenient to share Web applications with the PUBLIC group because all users in that group, by default, have access to the Web applications.
A specific group that you define such as “Portal Web Report Studio Users.” In this case, the Web applications are shared only with that specific group that you defined.

For details about defining groups, see “User Administration” in the SAS Intelligence Platform: Security Administration Guide.

After you add the Web application's location metadata to the metadata repository (as described in Step 4), the group is granted ReadMetadata permission to enable the group members to view the content. Group members can also add the Web application to one of their collection portlets. Only the group that you specify can access the Web application.

If you add the Web application's location metadata by running a SAS program, you can associate the Web application with a user instead of a group. The user must have a permissions tree in metadata. To create a permissions tree for a user, log on to the portal as that user. When you run the SAS program, the user is granted ReadMetadata and WriteMetadata permissions to view and edit the content. You can later log on to the portal as the group content administrator in order to share the Web application with a group. (You might need to search for the Web application first.)

Step 3: Add the Web Application's Metadata to the SAS Metadata Repository

There are two ways to define a Web application's location in metadata:

Create the Web application in the SAS Information Delivery Portal. When you create a Web application in the portal, the portal adds the Web application's location metadata to the metadata repository. Here are the high-level steps:
1. Log on to the portal as the group content administrator for the group with which you want to share the Web application.
2. Either create the application and add it to a collection portlet, or create an application that is independent of any portlet.
3. When you create an application, you can share it with a group that is defined in SAS metadata. For general information about sharing portal content, see Sharing Content in the Portal .
Note: For complete instructions about creating and sharing Web applications, see the online Help that is provided with the portal.
Create the Web application by running a SAS program. To edit and run a SAS program that creates the application's location metadata to the SAS metadata repository, follow these steps:
1. Modify the SAS program LoadWebApplicationExample.sas, which is located in the SAS-configuration-directory\Lev1\Web\Applications\SASPortal4.3\sasJobs directory. In the LoadWebApplicationExample.sas file, specify the appropriate variables for your Web application.
2. After you have modified LoadWebApplicationExample.sas, save your changes and run the program.

Here are descriptions of the variables that are in LoadWebApplicationExample.sas:

options metaserver=“host”

Specify the host name of the SAS Metadata Server. Use the value of iomsrv.metadatasrv.host property in the configuration file located in the SAS-configuration-directory\Lev1\Utilities directory. For example: localhost machine machine.mycompany.com

metaport=port

Specify the port number of the SAS Metadata Server. This value is a number between 0 and 65536. Use the value of the iomsrv.metadatasrv.port property in the configuration file located in the SAS-configuration-directory\Lev1\Utilities.

metauser=“user ID”

Specify the user ID to connect to the SAS Metadata Server; this user ID is typically the SAS trusted user (sastrust@saspw).

metapass=“password”

Specify the password for the metauser.

%repositoryname=Foundation

Specify the name of the SAS Metadata Repository where your portal Web application metadata is stored, followed by a semicolon (;). Use the value of the oma.repository.foundation.name property in the configuration file located in the SAS-configuration-directory\Lev1\Utilities folder.

%let GroupOrUserName=SAS User or Group

Specify the SAS group or user that you want to add the data to, followed by a semicolon (;). Before you can run this program, the SAS group and user permissions trees must be created in the SAS metadata repository.

%let identityType=IdentityGroup | Person

Specify the type of identity, followed by a semicolon (;). Use IdentityGroup for a group and Person for an individual.

%let webappName=Web application name;

Specify the name of the Web application that you want to create, followed by a semicolon (;).

%let webappDescription=Web application Description

Specify the description of the Web application that you want to create, followed by a semicolon (;).

%let webappURI=Web application URI;

Specify a valid URL for the Web application, followed by a semicolon (;). For example:

%let
                                 webappURI=http://<hostName>:<Port>/SASWebReportStudio/logonFromPortalWRS.do;

If your Web application has request parameters, you must encode the parameters as HTML markup, add the parameters to the webappURI value, and enclose the entire string in single quotation marks ('). For example, a URL that takes the form: http://<hostName>:<Port>/webapp?param1=value1&param2=value2

is entered in LoadWebApplicationExample.sas as:

%let
                                 webappURI='http://<hostName>:<Port>/webapp?param1=value1&amp;param2=value2';

Note that & is replaced with &, and the entire URL string is enclosed in single quotation marks.

Here is an example:

options metaserver="localhost"
    metaport=8561
    metauser="sastrust@saspw"
    metapass="Password"
    metarepository="Foundation";

 %let groupOrUserName=PUBLIC;
 %let identityType=IdentityGroup;
 %let webappName=SAS Web Report Studio;
 %let webappDescription=The SAS Web Report Studio Web application;
 %let webappURI=http://localhost:8080/SASWebReportStudio/
       logonFromPortalWRS.do;

Step 4: Add the Permission Statements for the Web Application to the Required Policy Files

Add the Web application's codebase and permissions, and any additional permissions for the SAS Information Delivery Portal and SAS Services codebases to the required policy file. If the Web application uses the SAS Foundation Services API, you must add permissions to the SAS Services Application's policy file.

For more information, see “Middle-Tier Security” in the SAS Intelligence Platform: Middle-Tier Administration Guide.

Step 5: Implement Authorization for the Web Application

If you create the Web application by running a SAS program, access is limited to the user or group that you specify in LoadWebApplicationExample.sas.

If you create the Web application in the portal, a group's content administrator can share the application with a group of users. Only the users in that group can access the application.

In addition, if you configured Web authentication, access is controlled via a Web user role in the Web application's configuration XML file.

Note: When you implement authorization, access to content is controlled only from within the portal Web application. Users outside of the portal Web application can use the Web application's URL to access the Web application.

Step 6: Make the Web Application Available in the Portal

When you share a Web application with a group, the Web application becomes available to members of that group. Members can search for and add the Web application to their collection portlets.

Here are some other options for making your application appear in the SAS Information Delivery Portal:

You can edit a collection portlet in order to add the Web application to the portlet. You can share the portlet with a group, including the PUBLIC group. If the SAS Information Delivery Portal is installed, group members can search for and add the portlet to their pages.
After adding the Web application to a portlet, you can add the portlet to a page that has been shared or that you intend to share with a group. Depending on the page's share type, group members will either see the page the next time they log on, or group members can search for and add the page.

If you logged on as a portal administrator, you can edit any portlet or page in the portal. If you logged on as a group content administrator, you can edit only portlets and pages that you have created, or portlets and pages that have already been shared with the group for which you are administrator.

Note: All portal users can create and add Web applications to their collection portlets. Only users who are authorized as a content administrator for a group can share a Web application with the group or edit a shared Web application.

Step 7: Update or Remove the Web Application

After you have created a Web application, you can edit it, remove it from a portlet, and delete it permanently from metadata. From the SAS Information Delivery portal, you can edit or delete any Web application that exists in metadata.

Any changes that you make to a shared Web application are seen by all users who can access the Web application. If you permanently delete a shared Web application, that Web application is removed from all portal views.

For instructions about editing, removing, or permanently deleting a Web application, see the online Help that is provided with the portal. Deleting a Web application only removes the URL stored by the portal for the Web application. The Web application and any metadata that was created to deploy the Web application are not impacted.