The portal authentication and authorization scheme requires Portal Runtime for .NET to provide logon credentials. However, because Portal Runtime for .NET is a Windows service running outside the portal security context, a dedicated Windows user account must be configured and assigned to the Runtime service. This account must have full control permissions for the following folders on the host:
· Portal Runtime for .NET installation root folder
· Temporary ASP.NET Files directory
· Temporary Windows directory
For information about creating and configuring this account, see Installation, Upgrade and Configuration Guide – PDK for .NET(Release 2.x), available at service.sap.com/installnw2004sа Installation - Clients.
Portal components, created with PDK for .NET, comply with the portal role-based access control mechanism for portal components and services. Each portal component has a set of properties, such as the vendor, security area and safety level, that are used to construct the full security zone when the portal components are deployed to the portal.
For more information about security zones in the portal, see Security Zones.
There are no dedicated user administration or authorization mechanisms in the design-time environment. Access to the portal for deployment and debugging of portal components require a logon account with administrative permissions.