+

Search Tips   |   Advanced Search

Portal Access Control with virtual portals

We can scope some portal resources for the virtual portals using portal administration and Portal Access Control. For example, we can scope portlet applications. These resources are available to all virtual portals. We can scope these resources to specific virtual portals by limiting their accessibility to the user populations of required virtual portals. To make this limit, we use Portal Access Control. Resources that you scoped this way for one virtual portal cannot be accessed from other virtual portals.

Portal Access Control provides a flexible concept to grant certain users or user groups access privileges to specific pages and other resources of a portal. A super administrator can delegate a subset of the administration privileges to other administrative users. Use this flexibility to enable separation between different virtual portals in the following ways:

  • Use the delegated administration model to set up individual partitions in the portal for the virtual portals.

  • Define separate subadministrator users who administer the individual virtual portals and give each of the subadministrators the access permissions for their virtual portals.

  • Define separate user populations who can access the individual virtual portals. For more detail about how this setting is supported see Manage the user population for virtual portals.

The inheritance concept of Portal Access Control allows this setup. The combination of access permissions that a subadministrator has on portal resources and on users and groups defines the scope of the virtual portal of that subadministrator:

  • By inheritance, subadministrators of virtual portals implicitly have the administrative access permissions for all the child pages of their respective root content nodes, and of the content of their virtual portals. The subadministrator of a virtual portal cannot assign any access permission on resources scoped for other virtual portals.

  • Depending on the access permissions to users and groups the master administrator gives the subadministrators, they can grant access to users who belong to the user population of their virtual portals. The subadministrator of a virtual portal cannot assign any access permissions to users or groups of other virtual portals.

This way, each virtual portal represents a certain sub area of the main portal and can be managed individually.


Parent Virtual portal roles and their capabilities

Related concepts:

Manage the user population for virtual portals


Related information


Technotes for virtual portals