Administrators should be able to access the Suite Page Builder and the Admin Page User
Interface on the same host and port. In order to personalize pages, end users need
access to the Suite Page Builder, but not to the admin page.
To prevent end users from accessing the admin page, you have to execute the Suite Page
Builder either on two different hosts or on two different ports:
- On one of the hosts or ports, administrators can access both the Suite Page
Builder and the admin page.
- On the other host or port, end users can access the Suite Page Builder
only.
This means that in the Web Dispatcher configuration file, you have to configure two hosts
or ports for the same Suite Page Builder. You can then use a modification action to
forbid access to the admin page on one of these hosts or ports, or to redirect users to
another page.
Example
To prevent access to the admin page using different ports, refer to the below
example:
- Add a modification action to the SAP Web Dispatcher configuration file
(sapwebdisp.pfl)
Code Syntax
icm/HTTP/mod_<xx> =
PREFIX=/sap/bc/ui5_ui5/sap/ARSRVC_SPB_ADMN/,FILE=protectadmin.txt
Note In
icm/HTTP/mod_<xx>, <xx> must be specified in ascending order from
0.
- Define a URL access restriction in the file
protectadmin.txt:
Code Syntax
- # Restrict access to admin page for a specific port
- if %{SERVER_PORT} = <port for end user access>
- RegIForbiddenUrl /sap/bc/ui5_ui5/sap/ARSRVC_SPB_ADMN/(.*) -