Portal authorization is accomplished
by controlling access to the content that is added to the SAS Information
Delivery Portal. Portal authorization concepts include the following:
-
Portal administrator. The SAS Trusted User (sastrust)
is the portal administrator that is responsible for managing and troubleshooting
the portal, and creating users, groups, and group content administrators.
-
Portal users and groups. Carefully
consider the types of content that you plan for the portal, and which
groups you should create for that content. See
Planning for Portal Users and Groups .
-
Group content administrators.
A group content administrator is delegated to managing content for
a particular group of users. Group content administrators assume responsibility
for creating and sharing portal content with their respective groups.
For details, see
Group Content Administrator and
Sharing Content in the Portal .
-
Portal content. In addition to sharing content, there
are other ways to control access to portal content. After you have
organized your users into groups, you can configure authorization
for portal content in order to allow or restrict access for members
of these groups. See
Understanding Portal Authorization.
-
SAS Content Server. To authorize access to content on
a SAS Content Server, users and groups that are defined in a SAS Metadata
Repository can be defined. See
Using the SAS Content Server Administration Console in SAS Intelligence Platform: Middle-Tier Administration Guide.
-
Permission trees. The portal stores
all permissions in SAS metadata, and displays the permissions in Authorization
Manager in the SAS Management Console. The resources for which a portal
user or group has permissions are all grouped under a folder that
is designated for the user or group. These folders are called permission
tree folders. Permission trees are created for groups when the portal
administrator logs on to the portal, or the Web application server
is restarted. You can also create permission tree folders manually
by running the
initPortalData.bat file
on Windows or the
initPortalData.sh file
on UNIX and
z/OS. This option is recommended when you have a large
number of new groups that require permission tree folders.
-
Unchallenged portal access. With
SAS Information Delivery Portal 4.3 or later, you can choose to enable
unchallenged access to the portal. Users can then access the portal
and interact with selected content without providing a user ID and
password. The option is similar to the Public Kiosk feature in the
SAS 9.1.3 release of the SAS Information Delivery Portal. See
Enabling Unchallenged Portal Access.