PeopleSoft Internet Architecture (PIA) portal can be defined as the collection of folders and content refrences with the navigational structure. The portal registry is a tree structure where one need to register the content and further it can be organized. The portal registry consists of the following primary parts:
The main table which consists of all the portal definitions is PSPRSMDEFN. Security mechanism is used for folders, content references, content reference links, tab definitions, pagelets, and user homepages. The hierarchical relationships and dependencies between objects in the portal registry determine what security settings each object must have. The portal won't work correctly if these security relationships aren't maintained.
A folder that is not public or hidden must have at least the level of access that its immediate child objects (folders, content references, and content reference links) have.
A content reference link must have exactly the same level of access as the object (content reference or content reference link) to which it links.
A content reference that represents a PeopleSoft component or iScript must have exactly the same level of access as the object that it represents.
Portal object security settings can become unsynchronized when you move portal objects from one database to another using the Project Copy feature in PeopleSoft Application Designer. When you merge projects this way, if the projects contain any portal objects with identical names, the security settings of the portal objects in the last project copied overwrite the security settings of portal objects copied earlier. Also, when a copied portal object doesn't overwrite an existing object, it changes the structure of the resulting portal registry hierarchy.
Use the Portal Security Synchronization page to reinstate the correct security relationships between objects in the portal registry after you copy a project that contains portal objects. The portal objects are synchronized as follows:
-- The security settings of each content reference are compared to the component or iScript that it represents, and updated to match.
-- The security settings of each content reference link are compared to the content reference or content reference link to which it connects, and updated to match.
-- The security settings of each content reference and content reference link are propagated to its parent folder, in addition to the parent folder's existing settings.
-- None of the parent folder's existing security access is reduced.
-- The security settings of each folder are propagated to its parent folder, in addition to the parent folder's existing settings.
Delete Invalid Security Option
When we move portal objects from one database to another, roles and permission lists assigned to folders and content references on the source database may not exist on the target database and therefore become invalid. Select the Delete Invalid Security check box on the Portal Security Sychronization page to remove non-existing roles and permission lists from folders and content references.
Main section >> calls INIT section >> and then CREFPERM
INIT
STEP01 -- Do Select -- Selects the OPRID and RUN_CNTL_ID from PS_AERUNCONTROL table (run control table for AE).
STEP02 -- Do Select -- Selects the PORTAL_NAME (EMPLOYEE, SUPPLIER etc...) and PORTAL_FLDRP_FLAG (This flag is to select if we wish to delete invalid security, we may skip this too and it will set to 'N') from PS_PORTAL_CSS_RUN.
CREFPERM
STEP01 -- PeopleCode -- Main step to do the processing for syncronization, invalid security etc...
Below are the tasks in brief what exactly PORTAL_CSS is all about .
1. Check for invalid permission lists.
This step figures out the Permission which is/are invalid and further it get deleted by the program for object in concerned portal.
2. Check for invalid roles.
This step figures out the Role which is/are invalid and further it get deleted by the program for object in concerned portal.
3. Check Parent folder permissions and roles.
Check for missing permission list on cref or differences in permission counts.
4. Compare permissions and permission count against PSAUTHITEM
5. Check for missing permission list on cref's parent folder.
6. Check for PeopleSoft iScript
7. Worklist URL
8. Some other type of CRef (UEXT, UGEN)
9. CRef Link Synchronization
Compare the link to it's parent folder. Also, it compares the permissions of the cref link against the object it's linked to
10. Folder Synchronization
Here, it will only select the nonpublic folders.
Navigation of PORTAL_CSS program: Main Menu > PeopleTools > Portal > Portal Security Sync
Folders
Content references
Nodes
The main table which consists of all the portal definitions is PSPRSMDEFN. Security mechanism is used for folders, content references, content reference links, tab definitions, pagelets, and user homepages. The hierarchical relationships and dependencies between objects in the portal registry determine what security settings each object must have. The portal won't work correctly if these security relationships aren't maintained.
A folder that is not public or hidden must have at least the level of access that its immediate child objects (folders, content references, and content reference links) have.
A content reference link must have exactly the same level of access as the object (content reference or content reference link) to which it links.
A content reference that represents a PeopleSoft component or iScript must have exactly the same level of access as the object that it represents.
Portal object security settings can become unsynchronized when you move portal objects from one database to another using the Project Copy feature in PeopleSoft Application Designer. When you merge projects this way, if the projects contain any portal objects with identical names, the security settings of the portal objects in the last project copied overwrite the security settings of portal objects copied earlier. Also, when a copied portal object doesn't overwrite an existing object, it changes the structure of the resulting portal registry hierarchy.
Use the Portal Security Synchronization page to reinstate the correct security relationships between objects in the portal registry after you copy a project that contains portal objects. The portal objects are synchronized as follows:
-- The security settings of each content reference are compared to the component or iScript that it represents, and updated to match.
-- The security settings of each content reference link are compared to the content reference or content reference link to which it connects, and updated to match.
-- The security settings of each content reference and content reference link are propagated to its parent folder, in addition to the parent folder's existing settings.
-- None of the parent folder's existing security access is reduced.
-- The security settings of each folder are propagated to its parent folder, in addition to the parent folder's existing settings.
Delete Invalid Security Option
When we move portal objects from one database to another, roles and permission lists assigned to folders and content references on the source database may not exist on the target database and therefore become invalid. Select the Delete Invalid Security check box on the Portal Security Sychronization page to remove non-existing roles and permission lists from folders and content references.
Main section >> calls INIT section >> and then CREFPERM
INIT
STEP01 -- Do Select -- Selects the OPRID and RUN_CNTL_ID from PS_AERUNCONTROL table (run control table for AE).
STEP02 -- Do Select -- Selects the PORTAL_NAME (EMPLOYEE, SUPPLIER etc...) and PORTAL_FLDRP_FLAG (This flag is to select if we wish to delete invalid security, we may skip this too and it will set to 'N') from PS_PORTAL_CSS_RUN.
CREFPERM
STEP01 -- PeopleCode -- Main step to do the processing for syncronization, invalid security etc...
Below are the tasks in brief what exactly PORTAL_CSS is all about .
1. Check for invalid permission lists.
This step figures out the Permission which is/are invalid and further it get deleted by the program for object in concerned portal.
2. Check for invalid roles.
This step figures out the Role which is/are invalid and further it get deleted by the program for object in concerned portal.
3. Check Parent folder permissions and roles.
Check for missing permission list on cref or differences in permission counts.
4. Compare permissions and permission count against PSAUTHITEM
5. Check for missing permission list on cref's parent folder.
6. Check for PeopleSoft iScript
7. Worklist URL
8. Some other type of CRef (UEXT, UGEN)
9. CRef Link Synchronization
Compare the link to it's parent folder. Also, it compares the permissions of the cref link against the object it's linked to
10. Folder Synchronization
Here, it will only select the nonpublic folders.
Navigation of PORTAL_CSS program: Main Menu > PeopleTools > Portal > Portal Security Sync
No comments:
Post a Comment