Skip to Content
0
Former Member
Mar 24, 2009 at 04:39 AM

Need help with External facing portal user security

28 Views

We're developing functionality to allow external customers and vendors (no ECC accounts) to view and modify ECC data on the portal. The current design hurdle is how to manage non-backend users on the portal. Example - if a customer logs on to external facing portal, we only want them to see what materials, plants, etc. they have authorization to see. Any ideas or best practices are greatly appreciated!!

Additional details:

- We have IDM (provisioning), AD, and GRC 5.3 in our environment

- External Portal ID's need to relate to a customer or vendor number

- Thus far, business requirements dictate that we cannot use AD to maintain attributes or AD groups for SAP auth.

Current idea:

- Custom tables on ECC where our users will maintain custom tables w/ portal ID, customer number, and multiple attributes (material #'s, plant codes, etc.); RFC from Portal to ECC to obtain attributes

Is there a cleaner or more standard approach?

Thanks!

Josh