Customize portal "Help" link based on user roles

Is there a chance to customize the Help link URL in Masthead iView based on user roles? The use case we have is that the "Help" should be different for users of the purchasing company from those of the supplying company.
Thanks.

Hello Jay.
This is a multi step process.
Step 1 : Create 2 desktops with everything as same but different mastheads.
- Copy your existing desktop and paste it in your working folder in PCD (Not select Delta link)
- Now download masthead par file.
- Modify your masthead par file where you will disable help link. Rename you masthead file (newMasthead.par) and export it from NWDS. Now import it in portal.
- open your framework page in desktop2. Just add your new masthead in it. Enable the new one and disable the existing one.
Step 2 : Create 2 groups of users. (First one belong to users who wish to see help link . i.e existing desktop) (Second of thoese users who do not have to see help link i.e. newDesktop)
- Assign users to appropriate groups.
- Assign same roles to both groups.
Step 3 : Modify main rule section in PCD.
- If group = HelpLinkUsers Then Desktop1
If group = NoHelpLinkUsers Then Desktop2.
You may find above process bit tedious and lengthy.
But if you wish to further customize your portal then this will be needed one day.
If you find problems in implementing any step then please search in google or SDN.
Please revert back on any specific question on above approach you may face while implementing.
Thanks

Similar Messages

  • Content delivery in portal based on user roles ?

    Portal Server new bee...
    Please can anyone point me to guides/url where i can look to enable content delivery in a portal based on user roles and how to establish SSO.
    I have installed Portal Server6.0 and iplanet Directory Server Management Edition installed.
    I did go through PS Development guide and got some sample containers up and running in the portal.
    Thanks.

    For the role-based delivery, Comment 1 sends you in the right direction. Here are a couple things to keep in mind as you read through the customization guide.
    The basic gist of what you need is to define your organization profiles with all the services defined at the org level. Then you can define simple profiles at the role level. These will probably focus around the selected and available attributes on the table containers.
    Then you might want to pay particular attention to the merge, lock, and propogate attributes. These will allow you to define how the role affects the availability of channels (does the role add, remove, or force the channel?). The easiest thing to do is probably to start with a core group of channels, and then have each role define additional channels that are of interest and should be added to the selected/available lists.
    Having roles remove channels will make matters a little more confusing and harder to maintain.

  • Display interactive report rows based on user role.

    Hello,
    Can anyone please help me out with this issue. i have an interactive report and now i want to make this report as conditional based on user role. Like i want to dispaly all the report rows for an Admin user role and for a developer I want the report to display only his/her rows. Can anyone please help me how can I resolve this issue.
    Do I need to have two separate reports for each role or can we make achieve this with only one report.
    thanks,
    Orton

    Here is a possible answer.. Build your Interactive report off of a collection. And when you build the collection you can build an if statement to either build your select with or without the filtering of user_id..
    See this blog entry for how to build a interactive report from a collection: http://www.oracleapplicationexpress.com/tutorials/71-oracle-apex-interactive-report-based-on-plsql-function
    Thank you,
    Tony Miller
    Webster, TX

  • Rename the portal Help link in the portal

    I need to rename the help link in the portal masthead to some other name. Is there any option to change with out import the masthead par fil in to NWDS and hardcoding the  help link name.

    Hi Bris ,
    you can do that ...open the Default Framework
    Which is available at
    Navigate to Content admin–> Portal Content -> Portal User ->Standard Portal User
    Refer to this also
    MastHead Change & Portal Desktop
    Now open the masthead from tyhe framework https://weblogs.sdn.sap.com/weblogs/images/251750294/framework_laout.jpg , there in the properties you will find an entry called as help link , change it over there it works fine .I have tested that for any issues please let me know
    Thanx
    Pankaj

  • Custom plugin based on user role membership

    Hi all,
    I would like to develope a custom plugin that generates account userid (on process form) with different syntax against role membership.
    With "syntax" I mean name.surname.random_number for employee users and surname.company.random_number for example.
    I'll try to explain the scenario more in details:
    1. I create a user identity through a request
    2. After user identity has created successfully, I assign a role to the user. Since roles are associated with access policies, role assignment triggers provisioning on target system.
    3. The custom plugin that I would like to develope shuold be able to generate proper userid against role membership. For example if I assigned the role "Project Manager" the custom plugin should generate the account userid with name.surname.random_number format; viceversa if I assigned the role "External Reseller" the custom plugin should generate the account userid with surname.company.random_number format.
    Looking for custom plugin based on role membership in forum, I found a couple of threads about this subject:
    - Email notifications after role grant
    - Re: OIM 11g Role Membership Event Handlers.
    I tried to implement what explained in the threads, but I would be sure about what I've done.
    Here what I've done:
    1. created plugin.xml file
    2. created EventHandler.xml metadata file
    3. developed a java calss for testing pourpose
    4. copied the custom plugin class to OIM server for example in $MIDDLEWARE_HOME/OIMPlugins/lib
    NOTE: during this operation I have exactly mantained the same directory structure of custom java package.
    For example custom plugin class is under my.custom.plugin java package and I have copied custom java class under $MIDDLEWARE_HOME/OIMPlugins/lib/my/custom/plugin folder
    5. created a zip file containing custom plugin class (always with its directory structure) and plugin.xml file
    6. copied the zip file to $OIM_HOME/server/plugins
    7. edited ant.properties file (under $OIM_HOME/server/plugin_utility) setting wls.home and oim.home variables
    8. built the wlfullclient.jar (only the first time)
    9. registered the custom plugin
    10. created the custom plugin dataset file
    11. imported it in OIM database using "weblogicImportMetadata" utility
    12. purged cache using "PurgeCache" utility
    NOTE: all the steps above was executed using the system user running OIM process
    test java class
    package com.zeropiu.sky.custom.eventhandlers;
    import java.io.Serializable;
    import java.util.HashMap;
    import com.thortech.util.logging.Logger;
    import oracle.iam.platform.kernel.spi.ConditionalEventHandler;
    import oracle.iam.platform.kernel.spi.PostProcessHandler;
    import oracle.iam.platform.kernel.vo.AbstractGenericOrchestration;
    import oracle.iam.platform.kernel.vo.BulkEventResult;
    import oracle.iam.platform.kernel.vo.BulkOrchestration;
    import oracle.iam.platform.kernel.vo.EventResult;
    import oracle.iam.platform.kernel.vo.Orchestration;
    import oracle.iam.platform.context.ContextManager;
    import java.util.Set;
    public class TestUserAnonimi implements PostProcessHandler, ConditionalEventHandler {
         private static final Logger logger = Logger.getLogger("com.zeropiu.sky.custom.eventhandlers");
    private static final String className = "TestUserAnonimi";
         @Override
         public void initialize(HashMap<String, String> arg0) {
              // TODO Auto-generated method stub
              String methodName = "initialize";
              System.out.println("###### " + className + " - " + methodName);
         @Override
         public boolean isApplicable(AbstractGenericOrchestration abstractGenericOrchestration) {
              // TODO Auto-generated method stub
              String methodName = "isApplicable";
    System.out.println("###### " + className + " - " + methodName + " - STARTED");
    System.out.println("###### " + className + " - " + methodName + " - ContextManager.getContextType(): " + ContextManager.getContextType());
    System.out.println("###### " + className + " - " + methodName + " - ContextManager.getContextSubType(): " + ContextManager.getContextSubType());
    System.out.println("###### " + className + " - " + methodName + " - abstractGenericOrchestration.getOperation(): " + abstractGenericOrchestration.getOperation());
    System.out.println("###### " + className + " - " + methodName + " - Printing ContextManager parameters");
    HashMap allContextManagerPairs = ContextManager.getAllValuesFromCurrentContext();
    Set<String> allContextManagerParams = allContextManagerPairs.keySet();
    String[] parameters = allContextManagerParams.toArray(new String[allContextManagerParams.size()]);
    for (int i = 0; i < parameters.length; i++) {
              System.out.println("###### " + className + " - " + methodName + " - Context parameter " + i + ": " + parameters[i] + " - Object type is: " + Utils.getObjectType(ContextManager.getValue(parameters)));
    System.out.println("###### " + className + " - " + methodName + " - ENDED");
    return true;
         @Override
         public boolean cancel(long arg0, long arg1,     AbstractGenericOrchestration arg2) {
              // TODO Auto-generated method stub
              String methodName = "cancel";
              System.out.println("###### " + className + " - " + methodName);
              return false;
         @Override
         public void compensate(long arg0, long arg1, AbstractGenericOrchestration arg2) {
              // TODO Auto-generated method stub
              String methodName = "compensate";
              System.out.println("###### " + className + " - " + methodName);
         @Override
         public EventResult execute(long arg0, long arg1, Orchestration orchestration) {
              // TODO Auto-generated method stub
              String methodName = "Eventresult execute";
              System.out.println("###### " + className + " - " + methodName);
              return null;
         @Override
         public BulkEventResult execute(long arg0, long arg1, BulkOrchestration arg2) {
              // TODO Auto-generated method stub
              String methodName = "BulkEventResult execute";
              System.out.println("###### " + className + " - " + methodName);
              return null;
    plugin.xml file
    <?xml version="1.0" encoding="UTF-8"?>
    <oimplugins xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <plugins pluginpoint="oracle.iam.platform.kernel.spi.EventHandler">
    <plugin pluginclass="com.zeropiu.sky.custom.eventhandlers.TestUserAnonimi" version="1.0" name="TestUserAnonimi">
    </plugin>
    </plugins>
    </oimplugins>
    EventHandler.xml metadata file
    <?xml version='1.0' encoding='UTF-8'?>
    <eventhandlers xmlns="http://www.oracle.com/schema/oim/platform/kernel" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.oracle.com/schema/oim/platform/kernel orchestration-handlers.xsd">
    <action-handler class="com.zeropiu.sky.custom.eventhandlers.TestUserAnonimi" entity-type="RoleUser" operation="CREATE" name="TestUserAnonimi" stage="preprocess" order="1007" sync="FALSE" />
    </eventhandlers>When I assign a role to a user through OIM web interface, I can see in OIM log file all System.out.println contained in initialize(), isApplicable() and BulkEventResult execute() methods. Is it correct? Can I implement my custom plugin logic now, or my starting point is wrong?
    ###### TestUserAnonimi - initialize
    ###### TestUserAnonimi - isApplicable - STARTED
    ###### TestUserAnonimi - isApplicable - ContextManager.getContextType(): ADMIN
    ###### TestUserAnonimi - isApplicable - ContextManager.getContextSubType():
    ###### TestUserAnonimi - isApplicable - abstractGenericOrchestration.getOperation(): CREATE
    ###### TestUserAnonimi - isApplicable - Printing ContextManager parameters
    ###### TestUserAnonimi - isApplicable - Context parameter 0: origuser - Object type is: java.lang.String
    ###### TestUserAnonimi - isApplicable - Context parameter 1: oimuser - Object type is: java.lang.String
    ###### TestUserAnonimi - isApplicable - Context parameter 2: RESOLVED_LOCALE - Object type is: java.lang.String
    ###### TestUserAnonimi - isApplicable - Context parameter 3: counter - Object type is: java.lang.String
    ###### TestUserAnonimi - isApplicable - Context parameter 4: TIME_ZONE - Object type is: java.lang.String
    ###### TestUserAnonimi - isApplicable - Context parameter 5: ipaddress - Object type is: java.lang.String
    ###### TestUserAnonimi - isApplicable - ENDED
    ##### TestUserAnonimi - BulkEventResult execute
    Thanks,
    Daniele
    Edited by: 886636 on Jan 24, 2012 2:53 AM
    Edited by: 886636 on Jan 24, 2012 2:53 AM

    Probably I don't explain myself clearly....sorry for that!
    Anyway you are right, the role of the user can change after the user is initially provisioned.
    I'll try to summarize to be sure to have understood your answer and to explain my scenario more in details:
    1. After user identity creation, I'll assign the role "Project Manager". Before role assignment the user has not any role. So using a pre-populate adapter I can retrieve the assigned role and compose the right userid.
    2. After step 1, I need to assign another role to the user, the new role should be "External Reseller" for example. In this case the user has a role already. What I would is: basing on the role that I'm assigning (External Reseller), the pre-populate should compose the right userid. Obviously this second userid will be different from the first one and this means a new account will be created for the user. At the moment I don't care to deprovisioning the first userid.
    Is it possible with pre-populate adapter?
    Sorry again for my not very clear explanations.
    Daniele
    Edited by: 886636 on Jan 24, 2012 4:10 AM

  • Restricting values of a dropdown based on user roles

    Hi,
    Is it possible to restrict the values of a custom metadata dropdown based on the user roles (assuming only 1 role is assigned to each user)? Say, based on the role assigned to a user, he/she should see only 3-4 values out of 10 values in a dropdown on the checkin page. Please suggest.
    Thanks.

    You can get pretty close out of the box using some configuration manager applet voodoo
    1)First off create a Table that will contain the options for your list. Create the columns e.g. label and id and then also create a column called dSecurityGroup
    2)Add a view based on the table you just created, choose the Security tab and select "Use standard document security"
    3)Add some values to your view - make sure that you populate the dSecurityGroup column with real values of security groups
    4)Once it is all published, have a look at the checkin and search screens. You should find that UCM will evaluate the options in the same way it would documents - based on the dSecurityGroup value you applied to the row - e.g. you will see an option on the search screen if you have at least R permissions, you will see an option on a checkin screen if you have at least RW permission
    Try it out :-)

  • Usage of Different Prompt based on Users Role in OBIEE

    Hi
    I have a requirement(OBIEE Reports) as below.
    The Dashboard page will have a Prompt(Drop Down) Say for Geography where it will list all the countries available.When a global user(Role) logs in to the application he should see all the list of available countries along with "All Choice" option in the prompt.But when a Country user(Role) logs in he should see only the country available for him in the prompt without "All Choice" Option.Also if the Country user(Role) belongs to more then one country he should see all countries he belongs to along with the "All Choice" option in the prompt.
    Any help on this is Appreciated.
    With Regards
    Subhadipta Samantray
    Edited by: user635206 on Jun 11, 2009 10:22 AM
    Edited by: user635206 on Jun 11, 2009 10:23 AM

    Hi
    Like David points, you may use Security Groups to display 1 or more Countries to the User depending upon 'Global' or 'Country'. You will have to use content filters to reflect the scope of the user in session.
    Then 'All Choices' is a prompt front-end feature. You cannot restrict to 'Country' but 'Country' anyway cant see more rows that he is eligible. So, you may consider 'All Choices' for all users.
    Try and tell us if this worked for you

  • Navigation link based on user

    Hi All,
    I would like to give the navigation to column based on users login in a dashboard report. Suppose I have 5 users. 2 Should have navigation and 3 shouldn't have navigation when they login.
    Could anybody suggest on this how to achieve? I'm using obiee 11.1.1.6.

    Open Column properties -> 'Interaction' tab.
    Add new action link to one of two interactions (for column heading or value)
    and choose in radio-button 'Show link' value 'Conditionally' - you can add any dummy condition... it's no matter.
    After all - select 'Advanced' tab of your answer.
    Look at Analysis XML and search tags of dummy condition. Replace it with something like this:
    <saw:condition>                                   
                               <sawx:expr xsi:type="sawx:list" op="in">                                         
                                  <sawx:expr xsi:type="sawx:sqlExpression">'@{session.currentUser}'</sawx:expr>                                         
                                  <sawx:expr xsi:type="xsd:string">weblogic</sawx:expr>                                         
                                  <sawx:expr xsi:type="xsd:string">demo</sawx:expr></sawx:expr></saw:condition> Press button 'Aplly XML'
    This is example of conditions for enabling navigate link only for 'weblogic' and 'demo' users. You can extend it.

  • IBrowser to setup default based on user role or group

    Hi all
    Need assistance or guidance with ibrowser
    Q1 :I have  Html  droplist    with the following  options
    <Select>
    <option value=" HR">HR</option>
    <option value="FI">FI</option>
    <option value ="QM">QM</option>
    </select>
    Now i need  to select the value  based on user group lets say if user belongs in HR  the  the default option is  HR with user  log in
    can some one assist if possible
    Q2 :How do you  set up  ibrowser  to have the above options without  using  query template

    HI
    Q1: Check the role of user in IllumLoginRoles and set the value in html dropdown as
    document.getElementById("ID").value = "HR"
    write this code in onload event of page.
    Q2: You can add items in iBrowser on creation event via javascript code.
    but for this option also you have to use ant dummy query in background.
    Regards
    Anshul

  • Show link based on user permission

    hello ,
    i have a user control that display a simple link to a list and i would like to show link only for users who have access to the list.
    if the user has not access to list , he should no see the link.
    How to reach my goal ? 
    Thanks

    You can use JavaScript client object model code to check the permissions of the user on the list. Specifically, you will need to check for viewListItems permissions. Here is a smple code to get permissions of the user on the list.
    Note that this code will retrieve the current user's permissions. 
    var list
    function getUserPermissions() {
    var clientContext = SP.ClientContext.get_current();
    list = clientContext.get_web().get_lists().getByTitle('L5'); clientContext.load(list, 'EffectiveBasePermissions'); clientContext.executeQueryAsync(onQuerySucceeded, onQueryFailed);}
    function onQuerySucceeded() {
    if(list.get_effectiveBasePermissions().has(SP.PermissionKind.viewListItems)) {
    //Show link
    else {
    //Don't show link
    function onQueryFailed(sender, args) {   
    alert('Request failed. ' + args.get_message() +  '\n' + args.get_stackTrace());
    SP.SOD.executeFunc('sp.js', 'SP.ClientContext',getUserPermissions);
    However, if you are comfortable with Server side object model code, you can use:
    var currentUser = SPContext.Current.Web.User;
    SPList.DoesUserHavePermissions(currentUser, SPBasePermissions.ViewListItems);
    See this for more information: http://www.mindfiresolutions.com/Checking-current-users-permission-on-a-SharePoint-list-using-C-1642.php
    Nadeem Yousuf

  • Is it possible to change submit button's URL link based on user input?

    I have a separate html page that does this with a php script, but I had help creating that php file which is just a form that allows users to enter a passcode that I provide them which will then simply link them to an external html page.  Since I don't know about php, I am thinking a possible work around would be to have a text input box which would allow a user to enter (passwordA) then click Submit to load (pageX.hmtl) or they could enter (passwordB) and Submit would load (pageY.html).  
    If anyone knows how I could link my new flash project with my .php file, that would be great, or if there is AS3 code that would do this I would love that!

    I have the php file on my server and the correct path in my as3 now.  Here are the exact codings I'm using:
    AS3:
    stop();
    import flash.events.*;
    import flash.net.URLLoader;
    import flash.net.URLLoaderDataFormat;
    import flash.net.URLRequest;
    submit_btn.addEventListener(MouseEvent.CLICK, btnDown);
    function btnDown(event:MouseEvent):void {
    var variables:URLVariables = new URLVariables();
    var varSend:URLRequest = new URLRequest("http://www.jmusicphoto.com/flashClient.php");
    var varLoader:URLLoader = new URLLoader;
    varSend.method = URLRequestMethod.POST;
    varSend.data = variables;
    passcode_txt.text = "";
    submit_btn.addEventListener(MouseEvent.CLICK, passcodeSend);
    function passcodeSend(event:MouseEvent):void{
    variables.key = passcode_txt;
    varLoader.load(varSend);
    flashClient.php:
    <?php
    if($_REQUEST['key']) {
    $key = $_REQUEST['key'];
    $key = strtolower($key);
    switch($key) {
    case 'home':
    header('Location: http://www.jmusicphoto.com/index.php');
    break;
    default:
    echo "Oh noes!  You got something wrong.  You typed " . $key . " maybe there is a mistake?<br><br>";
    break;
    ?>
    Practically same php code is working here: http://www.jmusicphoto.com/EOSlogin.php   "home" 

  • ISupplier Portal : Display Link based on specific supplier

    I have a requirement of adding a link to the isupplier pages facing the supplier and the link opens an XLS file.
    I was able to add the link through personalization and now every supplier sees this linked file.
    How do I restrict only few suppliers to see this.
    for example, we want only supplier - A, B and C to see . P, Q, R should not see it.
    Any directions would be helpful.
    Thanks

    Followed your suggestion, but I dont know how to pull the supplier name. There is no VO behind this page that has the VendorName as a view attribute.
    Here is what I did:
    My page I am trying to extend is :
    /oracle/apps/pos/home/webui/PosHomeMainPG
    CP : oracle.apps.pos.isp.webui.PosPgImgHelperCO
    extended CO : oracle.apps.pos.isp.webui.XXPosPgImgHelperCO
    Viewed AM attached with the page : "oracle.apps.pos.isp.server.PosHPageAMImpl"
    here is the list of all the pos related VOs attached to it. None of them have suppliername/vendorname as an attribute.
    "oracle.apps.pos.isp.server.PosHpageSearchVO"
    "oracle.apps.pos.isp.server.SecureAttrVO"
    "oracle.apps.pos.isp.server.AttribValuesVO"
    "oracle.apps.pos.isp.server.PmntHPageVO"
    "oracle.apps.pos.isp.server.InvHPageVO"
    "oracle.apps.pos.isp.server.PosHpOrdersVO"
    "oracle.apps.pos.isp.server.PosHpAsnVO"
    "oracle.apps.pos.isp.server.PosHomeQuickSearchVO"
    "oracle.apps.pos.isp.server.PosHomePendingVO"
    Although this information is present in Orders tab, but I need it on Home Tab.
    How do I go about it ?
    Thanks a lot.
    Edited by: OAF-dev on Aug 7, 2009 3:18 PM

  • How to disable options on Navbar in OBIEE based on user roles?

    Hello All
    Navbar is basically the header space in OBIEE application that contents stuffs like 'Dashboard', 'Signed in As....', 'Favorite', ''Home" and so on.. I know a lot of these stuffs can be hidden or removed from viewing.. But is there a way to do it to all user group 1 but keep it on for user group 2?
    Please shed some light
    Thank you

    Hi
    Have you tried this.
    Steps:
    1.Edit Dashboard->Add Text from Dashboard Object,write the following code inside that and Tick "Contains HTML Markup"
    <script type="text/javascript">
    var tds = document.getElementsByTagName('table');
    for (var td = 0; td < tds.length; td++) {
    if (tds[td].className != 'HeaderTopBar' && tds[td].className != 'HeaderSecondBar' ) {
    continue;
    if (tds[td].className == 'HeaderTopBar') {
    //alert (tds[td].className);
    var x = tds[td].parentNode;
    //alert (x.className);
    x.removeChild(tds[td]);}
    if (tds[td].className == 'HeaderSecondBar') {
    //alert (tds[td].className);
    var x = tds[td].parentNode;
    //alert (x.className);
    x.removeChild(tds[td]);}
    </script>
    2.Give Section level Permission->Group 1 Denied and Group 2 Granted.
    Plz mark if it helpful

  • Display menu based on sharepoint user roles

    Hi,
    Could anybody please help me how to display custom navigation menu in sharepoint master page based on user roles
    Eg: supose the loggedin user belongs to approver group then it should display entire menu,
    if logged in user belongs to designer group it should hide some "ui item" (ex: Report)
    Thanks in advance
    Rasna

    Hello,
    If you are using sharepoint server/enterprise then you can also consider audience targetting for the links. You just need to enable publishing feature then set target audience from site action-->site settings-->navigation.
    See this to enable publishing feature:
    http://office.microsoft.com/en-in/sharepoint-server-help/enable-publishing-features-in-sharepoint-2010-HA010378243.aspx
    Hope it could help
    Hemendra: "Yesterday is just a memory,Tomorrow we may never see"
    Whenever you see a reply and if you think is helpful, click "Vote As Helpful"! And whenever
    you see a reply being an answer to the question of the thread, click "Mark As Answer
    Please feel free to unmark answer if does not resolves your problem.

  • Federation, remote role assignment based on ABAP roles on producer

    Hi all,
    We have implemented the federated portal solution for our ESS users. We use the ABAP stack of the producer portal as user store for consumer and have no problems in assigning portal roles on our consumer based on ABAP roles in the backend (displayed as groups in the portal).
    Now we want to add some extra functionality (eg SRM and eRec) and we encounter some problems. These systems all have their own ABAP stack as user store. We have maintained the functional authorization model in the ABAP roles for instance in SRM. So an example:
    System I: ABAP + JAVA --> ECC 6.0
    Here we have the standard R/3 functionality and the producer portal (A) installed. Roles created on producer portal and assigned based on ABAP roles.
    System II: JAVA --> NW 7.0 Portal
    Our consumer portal (B) where we use roles created on the producer portal (A) on System I.
    System III: ABAP + JAVA --> SRM
    Our SRM system with SRM producer portal (C). In the ABAP stack of this sytem the functional SRM roles have been assigned to the users. We have created functional SRM Portal roles in order to use remote role assignment on consumer portal (B).
    +PROBLEM+
    We want to remotely assign portal roles created on the SRM Producer (C) to users on the consumer portal (B), based on the ABAP role assignment in the backend of system III. How can we achieve this in a fast and efficient way?
    Looking forward to your ideas. Anything helpfull will be gladly awarded with SDN points.
    Best regards,
    Jan Laros

    Jan,
    Interesting question. Let me share my experience and hope that's of some use to you.
    We started off federating corporate NetWeaver Portal (lets say B, parallel to your convention) as consumers to BI Portals (Lets say A).
    - B's UME points to Active Directory
    - A's UME points to BI ABAP user store
    - User ids are identical in both systems
    We ran into the problem of dual administration ((de)assigning portal role on both portals instead of just one) for a long time. The issue was because of different reasons at different times as we patched B's and A's. At one point we were on SP15 on both portals and we were told by SAP that RRA can be done on B for remote roles and the assignment propagates to A automatically if the following configuration is set up on both A and B.
    - A's permissions are relaxed allowing "Everyone" group checked for "End User" access as per ([http://help.sap.com/saphelp_nw04s/helpdata/en/43/2236fc0b413fe1e10000000a11466f/content.htm|http://help.sap.com/saphelp_nw04s/helpdata/en/43/2236fc0b413fe1e10000000a11466f/content.htm]
    However, we chose not to do the permission relaxation as enabling "Everyone" group with "End User" access can allow anyone to launch an iView (if the URL is known somehow) and the user would be able to see the layout of the iView, which can include text, etc. The user won't be able to access any data though, however, there is certain compromise on security which we decided that its not okay. So, we digressed in SAP's suggested practice because of security reasons.
    Today we, manage security on B using Active Directory groups and on A using Java groups (ABAP roles).
    In your case, I suggest investigating the option of relaxing the security on producer portal like in the above link. If you think its okay, all you have to do is, provision users on B by assigning remote roles from C and A.
    Either my story is applicable or I must have got you totally wrong,
    Kiran

Maybe you are looking for

  • Can I connect 2 sony bravia's, a sony home theatre, 2 macbooks, 2 ipads, 3 iphones and a dell laptop and stream media from my apple devices to my tv?

    Can I connect 2 sony bravia's, a sony home theatre, 2 macbooks, 2 ipads, 3 iphones and a dell laptop and stream media from my apple devices to my tv? I have a sony bravia 600 series and 700 series and a home theatre( sony 7100 series)

  • Quick background image question

    I think this is a simple question, but maybe it's not. Basically I want an image to behave like the background images on Prada.com. It scales based upon width and crops the height. It seems to be anchored to the top-right corner, unless you get fairl

  • Can i search through the URL box?

    I know you can on Firefox, I'm not sure if there's a way to do it in Safari. I want to be able to type in "apple" in the URL box and then have that go to google or directly to apple.com instead of going in the google search box... I know, I'm strange

  • Close Window doesn't work in all browsers

    I have set a basic JavaScript to close an open browser window. It works with Safari, IE and Opera (on Mac OSX and Windows XP) but not Firefox or Netscape Navigator (on either platform) I have tried three variations (Button with "javascript:self.close

  • TO priority no populated

    Hi, We have a custom program to create transfer Orders using the <b>L_TO_Create_Multiple</b> function module for  grouping multiple deliveries with same delivery priority into one TO. The TO gets created, but with out the trasnfer order priority info