Show TOC Start of Content Area

Procedure documentation Assigning Users to Remote Roles

Applicable to: remote role assignment 

Use

This topic describes how you assign local users or groups on your consumer portal to remote roles and vice versa.

Prerequisites

      You have added the producer portal and registered your portal as a consumer.

      The same user base exists on both producer and consumer portals.

      You have been assigned role assignerpermission to the remote role by the system administrator or content administrator on the producer portal. For more information, see Exposing Roles on the Producer for 'Remote Role Assignment' Usage.

      You have access to Identity Management tool on the consumer portal. It is available by default in the standard User Admin or Delegated User Admin roles in the portal.

Note

You can also work with the Identity Management tool outside the consumer portal, as long as the remote producer portal is running. For more information, see User Administration Console.

      You have been assigned at least administrator read permission on the producer object that represents the portal from which the remote role originates. For more information, see Assigning Administrator Permissions to Producer Objects.

Procedure

To perform remote role assignment, use the Identity Management tool to select a remote role and then assign local users or groups to it, or select a local user or group and then assign a remote role to it. See instructions below.

Note

Alternatively, you can bypass the Identity Management tool by using an XML script to perform remote role assignments from the consumer. For more information, see Using XML to Automate Federated Portal Network Tasks.

Assigning Users/Groups by Role

...

       1.      On the consumer portal, navigate to User Administration Identity Management.

       2.      In the Get field, search for the remote role.

Note

Use the dropdown list adjacent to the Get field to specify the search scope for the remote role:

       To search local data sources and all registered producers, choose All Data Sources.

       To search only registered producers, choose Remote Data Sources.

       To select a specific producer, choose it. Each producer portal is identified by its producer alias.

       3.      Select the role to display its details.

       4.      Edit the role.

       5.      In the Assigned Users or Assigned Groups tab, search for the local users or groups you want to add to the role.

       6.      Assign the appropriate users and groups to the role.

       7.      Save your changes.

Assigning Roles by User/Group

...

       1.      On the consumer portal, navigate to User Administration Identity Management.

       2.      In the Get field, search for the local user or group.

Note that in the dropdown list adjacent to the Get field, All Data Sources refers only to local data sources.

       3.      Select the user or group to display its details.

       4.      Edit the user or group.

       5.      In the Assigned Roles tab, search for the remote role to which you want to assign the user or group.

Note

Use the dropdown list adjacent to the Get field to specify the search scope for the remote role.

       6.      Assign the appropriate roles to the user or group.

       7.      Save your changes.

For general information about assigning roles to users, see Assigning Roles to Users and Groups.

Result

You have assigned local users to a remote role residing on another NetWeaver producer portal. At runtime, users assigned to that role will receive content rendered by the remote producer portal.

Caution

If the remote content accesses a producer-side backend system that requires authentication, you need to set up trust between the remote backend system and your portal. For general information about setting up trust between SAP NetWeaver Portal and a SAP system, see Accepting Logon Tickets Issued by the AS Java.

 

End of Content Area