Anonymous Logon with Named Guest Users

Use

Anonymous logon allows users to access the Enterprise Portal in anonymous mode, without providing any form of authentication. For example, if your company sets up an external portal that is accessible through the Internet, you can make anonymous content available to anyone who wants to visit the portal.

The Enterprise Portal allows you to define one or more users (that you have previously created in the user data store) as ‘named’ guest users. You can then assign roles containing anonymous content to these users. If you define more than one guest user, you can assign different roles to the different guest users and set up different URLs to the portal, allowing you to control the anonymous content that portal users see.

Procedure

Create guest users and assign guest roles to them

...

      1.      Create one or more guest users in the corporate LDAP directory, for example, guest1 and guest2 .

Take the following into account when creating a guest user

·        User ID: Guest users are assigned a logon ticket containing their user ID just like any other portal user. If a user account with the same user ID as the guest user exists in any system that is accessed via Single Sign-On with logon tickets through the portal (for example, an SAP R/3 System), the guest user can access this system. If you do not wish guest users to access backend systems, choose the guest user ID with care.

·        Password: Choose a secure password for the guest users. This prevents someone from guessing the password, logging on to the portal normally using the guest user ID and password, and changing the personalization of the guest user’s pages.

      2.      Create roles designed specifically for anonymous access to the portal.

      3.      Assign these roles to the guest users. See Assignment of Users and Groups to Roles.

Guest users should not be assigned to roles such as the administrator role that allow them to make changes to the portal

Personalize guest user’s pages

      4.      For each guest user, log on to the portal with that user and personalize the pages of that user the way the guest user should see them.

Configure the portal for anonymous logon

      5.      Log on to the portal as administrator

      6.      Choose System Configuration ® User Management Configuration

The user management configuration tool is displayed.

      7.      Choose General Settings.

      8.      Select the Use Guest List checkbox.

An entry field for entering the guest users is displayed.

      9.      Enter the name(s) of the guest user(s). If you enter more than one guest user, separate the names with a semi-colon.

If you created guest users called guest1 and guest2, enter the following:

guest1;guest2

   10.      Choose Apply and restart the portal Web server (Internet Information Server).

Define how many guest users can access the portal (optional)

By default 1000 guest users can access the portal at the same time. If you expect more guest users to access the portal at the same time, change the default value as follows:

   11.      In the Windows registry, select the key for the active user management configuration, and create an entry called Max Guest Ticket Cache Size(Entries).

   12.      Set the value of this entry to the number of guest users that you require.

Result

The guest users can access the portal using the following URL:

http://<server_name>:<port>/SAPPortal/guest/<guest_user_name>

If you defined a guest user called guest1, this user can access the portal without providing credentials using the following URL:

http://<server_name>:<port>/SAPPortal/guest/guest1

Guest users are issued a SAP logon ticket like any normal user. They cannot personalize their portal. They do not see the Personalize link in the portal.

 

After defining a user as a guest user, do not log on to the portal any more with this user’s user ID and password, or other credentials. If you do, any guest user who is currently navigating in the portal can personalize his portal and therefore affect all other guest users using the same guest account.

If you as administrator need to re-personalize the guest user’s portal, disable the guest user first:

                                         i.      Choose System Configuration ® User Management Configuration ® General Settings.

                                        ii.      Deselect Use Guest List.

                                       iii.      Choose Apply and restart the portal Web server

Now you can enter the portal using the guest user’s ID and password.