Entering content frame

Background documentation Security in Taxonomies Locate the document in its SAP Library structure

To protect taxonomies from unauthorized access, you must use ACLs to secure various folders.

 

Scenario 1: No Upload or Creation of Documents in Taxonomies

This is the standard scenario. You do not upload documents to taxonomies or create documents in taxonomies. The taxonomies contain only links to documents that are stored in other repositories.

 

Variant 1.1: Securing Access to the Taxonomy Structure and Documents

Create ACLs in the following structures:

·        In the /taxonomiesrepository

You can find the taxonomies at the following path: /taxonomies/<index_name>/<taxonomy_name>/

This repository is visible by default. You use ACLs to control access to the categories that users navigate to.

·        In the /taxdatarepository

This repository is invisible by default. To create the ACLs, you must briefly switch the repository to visible in the repository manager configuration (Content Management ® Repository Managers ® CM Repository ® taxdata ® Show Advanced Options ® Hide in Root Folder).

Note

Once you have created the ACLs, remember to switch the repository to invisible again.

You can find the taxonomies at the following path: /taxdata/taxonomies/<index_name>/<taxonomy_name>/

Below this path, each taxonomy has the same structure as in the /taxonomiesrepository. In all taxonomy folders in the /taxdata repository, create the same ACL as in the corresponding folder in the /taxonomiesrepository.

·        In the repositories that the documents are stored in

If you have created ACLs in the repositories that the documents are created in, you do not have to additionally secure the links in the taxonomy. When displaying taxonomies, the system takes the ACLs in these repositories into account. A link to a document only appears if the user has read-permission for the document in the repository that the document is stored in.

 

Variant 1.2: Securing only Access to Documents

If you want to allow users to navigate in the entire taxonomy structure and only want to secure access to documents, it is sufficient to create ACLs in the repositories that the documents are stored in.

Caution

Note that with this variant every user can access the entire structure of the taxonomy.

 

Scenario 2: Upload or Creation of Documents in Taxonomies Permitted

Not only do the taxonomies contain links to documents that are stored in other repositories, you can also upload documents directly to taxonomies or create documents directly in taxonomies (see File Operations in Taxonomies). If you use this function, note the following:

If you upload a document to the folder /taxonomies/<index_name>/<taxonomy_name>/…/category_A or create a document in it, the system creates the following folder in the /taxdata repository:

/taxdata/documents/<index_name>/<taxonomy_name>/…/category_A/Doc_Folder

The physical document is stored in this folder. The system creates the folders in this structure only once you have uploaded a document to the corresponding category or created a document there.

 

Variant 2.1: Securing Access to the Taxonomy Structure and Documents

Create ACLs in the following structures:

·        In the /taxonomiesrepository (see variant 1.1)

·        In the /taxdatarepository at /taxdata/taxonomies/<index_name>/<taxonomy_name>/ (see variant 1.1)

·        For documents that are stored in other repositories, create ACLs in the respective repository (see variant 1.1).

·        For documents that you upload directly to taxonomies or create directly there, create ACLs in the /taxdatarepository at /taxdata/documents/<index_name>/<taxonomy_name>/.

Note that the system creates this structure bit by bit as you upload or create new documents.

 

Variant 2.2: Securing only Access to Documents

If you want to allow users to navigate in the entire taxonomy structure and only want to secure access to documents, it is sufficient to create ACLs in the following structures:

·        For documents that are stored in other repositories, create ACLs in the respective repository (see variant 1.1).

·        For documents that you upload directly to taxonomies or create directly there, set the ACLs directly for the documents.

Note

Once you have uploaded a document to a taxonomy or created it there, you can open two Details dialog boxes from the context menu. You must set the permissions for the target document in the Details dialog box for the target document, not in the Details dialog box for the link (see Structure linkLinks).

Caution

Note that with this variant every user can access the entire structure of the taxonomy.

 

 

Leaving content frame