cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Page access using NavigationTarget URL after role removed

Go to solution
porselvan_muthavudaiyan
Participant

on ‎10-26-2015 5:17 PM

0 Kudos

Hello All,

In our portal we have this arrangement that each portal role will be mapped to a particular portal group.

In case if we need to disable a particular application for end user we will just remove the portal role to group mapping. So that the user will not be able to access the application.

For example if a portal role XX mapped to group YY. And YY  assigned to N users. To disable the application, only the XX->YY mapping will be removed.

But when the user stores the application URL in the browser in the format https://server:port/irj/portal/NavigationTarget=navurl://sdjkfwec, the user is able to access the application.

I tried deleting browser cache and in portal navigation cache, PRT cache, UME cache , OBN cache but nothing works.

Kindly let me know if we can resolve this in any other way.

Regards,

Porselvan

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎10-28-2015 8:26 AM
0 Kudos

Hi Porselvan,

You are referring to a hashed navigation URL which created since the short URL mechanism is used.

An explanation about the short URL's can be found here:

How to deal with Short URLs - Portal - SCN Wiki

Navigation with Short URLs - Portal - SAP Library

I have 2 suggestions for you:

1. You can disable the short URL (set to False), then the navigation using the hashed values to             ANY navigation target will not work using hashed values, only navigation target with full URL given     will work.

2. Keep the short URL's active and change the iView location, since the current hashed value is             mapped to the old location the navigation should not work for users trying to access it                  directly using the hashed value in the navigation target.

    To synchronize the short URL with the full URL after changes have been made to the navigation         target URL, click Synchronize.

Best regards,

Etay

Show replies
Show replies
porselvan_muthavudaiyan
Participant
‎10-30-2015 10:26 PM
0 Kudos

Hello Etay,

This is good idea but in our case it will not be helpful for all scenarios.

In our case we have different portal groups mapped to the same roles. Each group represents a particular country user.

Sometimes we only have to block access to a one country users and not others. So we will remove the mapping for the specific groups mapped to the roles but not all.

And moreover this unmapping groups was working without any issue before. Only recently we have this issue with bookmarks.

Regards,

Porselvan

Former Member
‎11-03-2015 10:07 AM
0 Kudos

Hi Porselvan,

Please try to set permissions to different users/groups using the permissions editor.

I hope it is valid for your issue.

https://help.sap.com/saphelp_nw73/helpdata/en/48/5024aa2a4371b9e10000000a421937/frameset.htm

Using the Permission Editor - Portal - SAP Library

Best regards,

Etay

Answers (2)

Answers (2)

mahendran_balasubramani3
Contributor
‎11-23-2015 5:33 AM
0 Kudos

Hi Porselvan,

From your statement I understand that you are removing only the mapping between the portal roles and the portal group. However the relationship/mapping between the user and portal group still stands.

When you say, the endusers are still able to open the particular iview/page/object even after removal of the portal role, then you need to check whether any other portal roles are assigned to the portal group which is already assigned to the user.

e.g. you have removed mapping between xx -> yy. however YY might still hold some other role mapping may be aa or bb or cc. if any one of these roles which has the bookmarked iView/page/object assigned then the user will be definitely able to access the URL.

Please check from this perspective and let us know.

Thanks,

Mahendran B.

Show replies
Show replies
former_member193577
Active Contributor
‎10-27-2015 6:54 AM
0 Kudos

Hi,

Users can directly access iViews or content in the PCD if portal permissions allows them.

Besides roles, you should limit permissions only to the users you want to have access

See the following link to configure your portal permissions  correctly:

https://help.sap.com/saphelp_nw73ehp1/helpdata/en/48/5024aa2a4371b9e10000000a421937/frameset.htm

Best Regards,

Tal

Show replies
Show replies
porselvan_muthavudaiyan
Participant
‎10-27-2015 4:22 PM
0 Kudos

Hi Tal,

Thank you for your response. The issue for us is that even if we restrict permission we will restrict permissions only based on the portal group and not based on the role.

Since the user will already have the group still assigned to him this is not a solution for us.

Is there anyother way we can disable direct access to the iView/page?

Regards,

Porselvan

former_member193577
Active Contributor
‎10-28-2015 8:13 AM
0 Kudos

Hi Porselvan,

You can restrict also groups in the portal content.

For disabling direct access to iView or Page you must use the portal permissions....

best regards,

Tal

Ask a Question