WDA + External Portal + Security

Hello friends!
@Moderator, sorry if I post it in a wrong forum, but I think the wda experts should have already faced this issue.
I've been reading all forums regarding to this subject. As you are going to see, I'm not used to work with WDA Portal integrations and I'm studying hard for it.
Could you please just guide me what I have be aware to connect WDA from a ERP server to another server, which has installed the Portal? (portal is accessed externally/internet)
I'm afraid about security, as the employees will access the portal by internet (it's already working fine, today they can access the portal externally and can use some Webdynpros Java) But for now, we are going to rewrite these WDJ to WDA.
1) The portal server connecting WDA's from a ERP server, isn't it a best practice?
2) As it is already working (external access to the portal), for now I have just to create the iViews to the WDA's from ERP server?
3) What would be the security risk when people access the external link to the Portal and the Portal redirected it to the ERP?
I would greatly appreciate your help in only guide me.
Thanks in advanced!

Hello Alexandre,
Please find the answers to your queries.
Alexandre Mendes wrote:
> 1) The portal server connecting WDA's from a ERP server, isn't it a best practice?
Not at all, The composition Environment CE is intended for this purpose only.
Alexandre Mendes wrote:
> 2) As it is already working (external access to the portal), for now I have just to create the iViews to the WDA's from ERP server?
First you need to create a system connection in portal to the ERP server.  Later you need to create the iViews
Alexandre Mendes wrote:
> 3) What would be the security risk when people access the external link to the Portal and the Portal redirected it to the ERP?
As per my knowledge there is no security risk involved because while accessing the WDA application from ERP the request will be authenticated again.
BR, Saravanan

Similar Messages

  • External Portal - Security Best Practice

    We will be initiating an external portal for ESS access. For those using ESS from home, what type of additional security access is anyone using if the person happens to lock themselves out of their ESS account? Do you have a security question built into ESS? Are you using a security grid to reset their password? I'm looking to see what other alternatives people are using.
    Thanks
    Pam Major

    Hi Tim: Here's my basic approach for this -- I create either a portal dynamic page or a stored procedure that renders an HTML parameter form. You can connect to the database and render what ever sort of drop downs, check boxes, etc you desire. To tie everything together, just make sure when you create the form, the names of the fields match that of the page parameters created on the page. This way, when the form posts to the same page, it appends the values for the page parameters to the URL.
    By coding the entire form yourself, you avoid the inherent limitations of the simple parameter form. You can also use advanced JavaScript to dynamically update the drop downs based on the values selected or can cause the form to be submitted and update the other drop downs from the database if desired.
    Unfortunately, it is beyond the scope of this forum to give you full technical details, but that is the approach I have used on a number of portal sites. Hope it helps!
    Rgds/Mark M.

  • DC for com.sapportals.portal.security.usermanagement .IUser

    Hello all,
    When developing a local application I can reference class com . sapportals . portal . security . usermanagement . IUser via NWDS local libraries using ECLIPSE_HOME variable and referencing jar file com.sap.security.api.ep5.jar.
    There is a standard DC that has this class or jar file?
    Or should I add this JAR to an external library.
    Regards,
    Mauricio

    Hi,
    You will have to add this jar as an enternal library.
    Ashu

  • Web dynpro URL in external Portal

    Hi Friends,
    when I call the web dynpro in portal iview the url is.
    http://server:8002/sap/bc/webdynpro/sap/zfind_material like the application server
    in the intranet.
    But when I call from external this URL does not work.
    How can I adapt the URL for external use?
    Thanks for you help.
    RG. Jimbob
    Edited by: jimbob on Feb 4, 2010 10:52 PM

    Hi,
    Yes that's right. Externally you cannot resolve the internal server host name. You will need to setup a secure reverse proxy that does URL rewriting in order to turn an external URL into the internal one after you have navigated the firewall and proxy. Check on SDN for information about implementing an external portal. There is a lot of information that should help you.
    BRgds,
    Simon

  • Oracle Forms and Portal. & Portal Security

    I need the following questions answered for a client who is
    trying to move from IIS to Oracle Portal. any pointers would be
    extremely helpful
    1. How to configure Oracle Forms to run with Portal.
    2. Is it possible to display forms inside a Portlet. If so, will
    the forms hold the same state when the page is refresed.
    3. Is it possible to display WORD/PDF/EXECL documents in their
    native format inside a Portlet.
    4. Any information on how IIS security integration is possible
    with POrtal. i.e ( if there are ASP pages running on IIS
    security, how to integrate it with Portal Security mechanism
    -Thanks
    ganesh

    You can create roles in Oracle with the appropriate privileges to access the application. For example,
    you could create a role that has only read access to all the tables in the database. You could assign this role to the menu. Also, you may want a role for a manager that whould enable him to insert data or to see a few special forms. You could assign this role to the menu associated with the form.
    Using Form Builder, you can manage menu security with Oracle server roles. After defining the roles to use for a menu module, you could then specify the roles that have access to each menu item. When you set the 'Use Security' property of a menu module to 'Yes', the form enforces security. After setting the 'Use Security' property to 'Yes', you can use 'Module Roles' property to construct the entire list of roles with access to that menu module.
    I hope it helps.

  • External portal capturing internal portal URL in Log and trace file

    Hi,
    We are facing one issue in portal like we have two portals for internal (Intranet) and external (Internet) users.
    Once users logged in the application and try to get the information about mylink from the external portal link (internet) they should not get any information about the internal portal.
    But in log and trace file we can see the external portal link capturing the internal portal URL.
    We need to find, from where system capturing the internal portal URL.
    Thanks.

    The tkproffed trace file is in seconds.
    "set timing" is in hh:mi:ss.uu format. So 00:00:01.01 is 1.01 seconds.
    You have to remember that most of these measurements are rounded. While your trace file says it contains one second of trace data, you know it's more.
    One excellent resource for trace files is "Optimizing Oracle Performance" by Cary Millsap & Jeff Holt. (http://www.amazon.com/Optimizing-Oracle-Performance-Cary-Millsap/dp/059600527X ) I thought I knew trace files before, but this book brings your knowledge to a whole new level.
    There is also an excellent WP by Cary Millsap ( http://method-r.com/downloads/doc_details/10-for-developers-making-friends-with-the-oracle-database-cary-millsap ) that gives you some insight.

  • How to get current IUser (com.sapportals.portal.security.usermanagement)

    Hi,
    does anybody know how to get IUser for the current user?
    I know how to get current IUser from com.sap.security.api package:
    IWDClientUser wdcu = WDClientUser.getCurrentUser();
    IUser sapUser = wdcu.getSAPUser();
    but I need to have IUser from com.sapportals.portal.security.usermanagement package.
    Regards,
    Ladislav

    Ladislav,
    Try this:
    Get the IUser uisng the API com.sap.security.api.IUser and store it in a variable, say <i>sapUser</i>.
    Then,
    // Convert the logged in user to old EP5 usermanagement API
    com.sapportals.portal.security.usermanagement.IUser user = null;
    try
         com.sapportals.portal.security.usermanagement.IUser user = WPUMFactory.getUserFactory().getEP5User(sapUser);
    catch (UserManagementException e)
         e.printStackTrace();
    Bala

  • Internal and External Portals be hosted & Configured on Same Portal server?

    Hi Experts,
    Is it possible to host and configure the Internal portal and External Portal on the same portal server?
    If yes, kindly provide the inputs.
    We have a scenario wherein we have to use the same portal server for both kinds of users (Internal as well as External).
    We want to provide separate URLs for both the portals and the datasource for the users management would be different for both the scenarios.
    The user managemnet in case of Internal Portal has to be authenticated to an AD server whereas in case of External Portal the user management would be taken care by UME.
    Please suggest and share some docs if possible.
    Thanks & Regards,
    Anurag

    Hi,
    Can we customise the Portal logon page for both the portals differently?
    I've already customised the portal logon page by modifying the UME properties in the Config Tool but that was done keeping in mind the External Portal users. Now, we want to customise the page for Intranet users but with different options at the logon page.
    How can we achieve this functionality as any property that we modify in either VA or Config Tool will affect both types of portal pages.
    For an eg. we have a Self Registration link for the external users which we do not want for the Intranet users. How is this possible?
    If we design a webdynpro java application for the logon page and for authentication purpose, can we call a home page iview on successful authentication?
    And with this customised webdynpro java application, can we connect to the AD server for the user authentication?
    Best Regards,
    Anurag

  • How to set portal security context for a procedure

    Hi, I have procedure that needs to call some of the PDK APIs (WWSBR_API), but outside the scope of the web browser, i.e, automatically via a DBMS_JOB or queue. There is no HTML outputted, but rather a log entry made to a custom table.
    The schema that this custom pkg belongs has all the necessary grants made to it from provsyns so that it should run.
    How do I programatically set the context of the portal security so as to make the PDK APIs think it has been invoked by a Portal Adminstrator or a user with sufficient privs to perform the actions against the PDK and therefore not bomb out with security exceptions? I have seen this documented quite some time ago, but cannot find the details.
    Regards
    John

    You need to use the wwctx_api.set_context procedure.
    http://portalstudio.oracle.com/pls/ops/docs/FOLDER/COMMUNITY/PDK/plsql/doc/sdk11scp.htm

  • Doument Access - using Portal security or Document Database security

    I originally posted this on the Security Form, but realized that it might be solved using the PDK.
    I have a table in my database that contains information about a document (Name, Rev, Author, groups that have access). I want users to login to my portal and in a portlet, I want them to be able to click which docs they have access to see; based on who they are logged on as.
    Would I use the PDK for this? If I use portal security, I think I will be maintaining the security twice (database and portal).

              Hi Wendell,
              There is a patch available for this known problem. Please contact BEA support and
              ask for patch CR075892_70.jar for WLS 7.0.
              Thanks!
              Deb
              Wendell Nichols <[email protected]> wrote:
              >I have the opposite problem. My ejb always is denied access to the adapter
              >resource. I'm a Weblogic novice, (but the adapter works on other servers,
              >I'm testing on WL to ensure it works there).
              >How do I get the minimum security in place to test my adapter?
              

  • Webdynpro vs External Portal - Can we use?

    Hi All,
    I tried looking and asking so many this question. I got mixed answers, i am in confusion. Could anyone of you let me know <i><b>whether WebDynpro based iViews can make it to External Portal (SAP EP)?</b></i>
    Did anyone already did this?
    Thanks,
    Raghavendra Pothula

    Hi,
    I haven't tried this but I think it should be ok.
    Anyone else has opinion on this?
    Regards
    Ladislav

  • Access web dynpro abap application from external portal.

    Hi
    How can a application made in ABAP be accessed from SAP External Portal.
    Like a java web dynpro application could be easily accessed by making a webDynpro Java ivew in portal.
    Is their any method to access a ABAP application similarly.
    Thanks.

    Thomas
    Here is our scenario
    We want to expose an ABAP webdynpro application using ABAP Webdynpro iView in portal to the internet. Does this scenario use the ITS http server / port like URL iview behind the scenes.
    Can you please share more info on the above scenario.
    Thanks in advance
    Lakshmi

  • Import com.sapportals.portal.security.usermanagement.IUser;  is deprecated

    import com.sapportals.portal.security.usermanagement.IUser;  is deprecated
    Is there any alternative???

    Hi,
    could please tell me, what kind of jar-file I have to add to the project to use
    com.sapportals.portal.security.usermanagement.IUser ?
    Thank you in advance.
    Kind regards, Patrick.

  • IUser problem with com.sapportals.portal.security.usermanagement

    I am trying to get the current user so I have written
    IUser user = request.getUser();
    I have imported com.sap.security.api.*;
    The compiler insists I need com.sapportals.portal.security.usermanagement.IUser
    I thought that version was deprecated or at least not the preferred method?
    It keeps saying my classpath is incomplete. Why can't it use the IUser from the com.sap.security.api?
    Any help would be greatly appreciated.
    Thanks
    Paul

    Update
    The offending line appears to be IResourceContext myContext = new ResourceContext(user);
    when this line is added it causes the above error which I can only assume is because ResourceContext(user) accepts a different kind of user object. does anyone know if there is another way to do this? Here is the rest of the code to see where i am headed:
    IUser user = req.getUser();
    RID rid = RID.getRID("/temp");
    IResourceFactory factory = ResourceFactory.getInstance();
    IUserFactory uf = UMFactory.getUserFactory();
    IResourceContext myContext = new ResourceContext(user); //this is the line causing the problems.
    IResource resource = factory.getResource(rid, myContext);
    if(resource.isCollection())
    ICollection collection = (ICollection)resource;
    IResourceList children = collection.getChildren();
    Iterator i = children.listIterator();
    the point is i am trying to get the ACL permissions on the children of the rid

  • Package com.sapportals.portal.security.usermanagement : No javadoc ?

    Dear all,
    I tried to find the javadoc concernig this package "com.sapportals.portal.security.usermanagement" but I did not find it.
    Does anyone have any clue where to find it please ?
    Thank you advance.
    Best Regards.
    Greg.

    Hi Greg,
    I think the reason you're not able to find is because com.sapportals.portal.security.usermanagement is now deprecated. For EP 6.0, the old classes have been re-written to map to the new UME 4.0 classes and methods contained in com.sap.security.api.
    please see the document below for details...
    USING THE NEW USER MANAGEMENT API IN EP 6.0
    https://www.sdn.sap.com/irj/sevlet/prt/portal/prtroot/docs/library/uuid/91f0cd90-0201-0010-a190-c4d7cbd5b463
    hope this helps,
    harman

Maybe you are looking for

  • HT1688 Sending emails!!  Why can't I?????

    Hello, My name is Tish61.  I have an iphone 4s.  I cannot send email from my phone but I am able to receive them but not reply to them. Can someone help. Thank you so much.

  • Outbound Web Service - called by scripting

    Hi, I have a problem dealing with external web services. I was provided the WSDL from an external app, then I run the WSDL Import Wizard to create the Business Service and several Integration Objects, 2 per method within the WSDL file, after that, I

  • "No Service" on a new iPhone 5? Here's another solution.

    This may sound blindingly obvious to some, but there are no instructions to do this included with a new, shipped phone: you need to activate service through your carrier. If you are on AT&T, go to the AT&T Wireless website and enter a search for "act

  • Please Help me can't start svrmgrl

    After I have installed Oracle8i Linux(glibc2.1) : when i try the command sqlplus: Message file sp1.msb not found Error 6 initializing SQL*Plus when i try the command svrmgrl: Message 4505 not found; No message file for product=SVRMGR,facility=MGR Err

  • BootCamp on a double partitioned drive

    So the hard drive in my MBP is partitioned into two separate partitions. One for OS X and the other for all my data. I want to install XP for some games and so I would like to use bootcamp to do so. My question is, is the drive that bootcamp will par