Viewing Permission Structures in the Portal (SAP Library

Viewing Permission Structures in the Portal

Use

Whereas the Permission Editor in the portal allows you to view permissions for only a single object at a time, the portal offers an external feature that allows you to view the permission structure of many objects at a time. The output is a HTML form displayed in your Internet browser.

This feature is useful for viewing the overall ACL structure in your portal and also for troubleshooting permission assignments.

This graphic is explained in the accompanying text

The output of the ACL structure is filtered according to the permission settings of the user requesting the ACL structure form. The user must have at least administrator read permission for each object in the Portal Catalog he or she wants to view. Therefore, to view the entire ACL structure in your portal, the user requesting the ACL structure form must be a super administrator or an administrator that has permission to view the entire Portal Catalog.

Prerequisites

· At least administrator read permission for each object in the Portal Catalog you want to view.

· End user permission to the security zone of the following portal component:

sap.com/NetWeaver.Portal/medium_safety/com.sap.portal.admin.acleditor/components/listPermissions

Procedure

...

1. Log on to the portal.

2. In the same browser session, open a new browser window.

3. Enter the following URL:

http://<machine>:<port>/irj/servlet/prt/portal/prtroot/com.sap.portal.admin.acleditor.listPermissions

Note

Depending on the amount of data to be processed, it may take several minutes for the ACL structure to appear on the screen.

Result

The output of the ACL structure is a printable HTML form displayed in your Internet browser. The data is tabulated and displays the PCD path, permitted user/group/role, and the assigned permission setting for each.

Note

In the column displaying the permission setting for each user/group/role, the administrator permission setting is specified first. If a user has end user permission, then (End User) is displayed after the administrator permission. If (End User) is not displayed, then the user does not have end user permission.