Setting PUBLIC Access

About PUBLIC Access
How to Enable PUBLIC Access in SAS Studio

About PUBLIC Access

PUBLIC access enables unregistered users to participate if they can authenticate to the metadata server (directly or through a trust mechanism). Unregistered users are referred to as PUBLIC-only users because their only SAS identity is that of the PUBLIC group. A PUBLIC-only user has the logons, permissions, and capabilities of the PUBLIC group. A PUBLIC-only user cannot belong to any other groups, or have any personal logons, or have any specialized (individual) access controls. Not all applications allow a PUBLIC-only user to log on.

How to Enable PUBLIC Access in SAS Studio

To enable PUBLIC access, complete these steps in SAS Management Console:
  1. Provide the necessary repository-level access.
    On the Plug-ins, tab, under Authorization Managerthen selectAccess Control Templates right-click the repository ACT (Default ACT) and select Properties. On the Permission Pattern tab, grant the ReadMetadata and WriteMetadata to PUBLIC.
    Note: Even users who only consume content need both of these permissions at the repository level, because some applications write system information about user activity, even during what appears to be a view-only transaction.
  2. Provide Read access as needed.
    On the Folders tab, grant the PUBLIC group Read permission for any information maps, cubes, and MLE data that you want to make universally available. A good approach is to create a folder branch for such content, set the grant on the top folder in that branch, and allow the grant to flow through the branch.
    Note: Users also need ReadMetadata permission to folders and content objects. In general, it is not necessary to grant specific permissions because this permission must flow through from the ACT into the public areas of the folder tree (for navigational purposes).
    Note: If you want to allow everyone (including unregistered users) to contribute content to a particular folder, grant the PUBLIC group WriteMemberMetadata permission on that folder’s Authorization tab.
  3. Review role assignments for the PUBLIC group.
    On the Plug-ins tab, under User Manager, right-click the PUBLIC group and select Properties. Review the PUBLIC group’s role memberships. Often, no adjustments are necessary, because the initial role assignments give the PUBLIC group basic capabilities.
  4. Ensure that the PUBLIC group can use servers.
    1. On the Plug-ins tab, under Server Manager, verify that the PUBLIC group has the ReadMetadata permission for any servers that the PUBLIC-only users access.
    2. If necessary, add one or more logons on the PUBLIC group’s Accounts tab (for example, to provide seamless access to a third-party DBMS).
    3. If you have configured client-side pooling, verify that PUBLIC is a designated puddle group.
  5. Configure middle-tier properties applications to accept PUBLIC-only users.
    1. On the Plug-ins tab, navigate to Application Managementthen selectConfiguration Manager. Select SAS Application Infrastructure, and then select SAS Studio Mid-Tier.
      Note: Not all deployments include and use all components.
    2. For SAS Studio, set the App.PublicIdAllowed property to true. (This property is on the Advanced tab of the properties dialog box for SAS Studio Mid-Tier.)
      Note: If the App.PublicIdAllowed property is not available, click Add to add it.
    3. In order for the changes to take effect, restart the SAS Web Infrastructure Services Application and then restart SAS Studio.
Copyright © SAS Institute Inc. All Rights Reserved.