Chapter 6 Portal Server Management

The chapter summarizes how administrators can perform administrative tasks required for managing the Portal Server. Administrators use Portal Server and Access Manager to manage tasks that affect how Portal Server services are delivered.

This chapter provides the following sections:

• Portal Server Management Options

• Access Manager Functions

• End-User Provisioning for Portal Server Communities

Portal Server Management Options

Administrators can use a browser interface, a command-line interface, or the Desktop to manage Portal Server. This topic provides the following sections:

• Portal Server Management Console

• Portal Server Delegated Administration

• Portal Server Administration Tag Library and Portlets

• Portal Server Command-Line Interface

Portal Server Management Console

Portal Server provides a browser interface called the management console. The management console allows portal administrators to do the following:

• Manage multiple portals and their operations

• Set up and manage containers and channels

• Delegate management of Portal Server resources to non-administrators

• Customize the Desktop for end users

• Enable end users to personalize the Desktop

• Manage multiple search servers

• Track both end-user and system activities

  • End-user clicks on the Desktop

  • Configuration settings, statistics about channel actions, and statistics about Desktop requests and responses

  • Runtime information about the Portal Server and the Secure Remote Access server

For more information about the management console, see Chapter 7, “Portal Server Management Console.”

Portal Server Delegated Administration

Portal Server allows super administrators to assign access privileges for Portal Server resources to delegated administrators. In complex enterprises, granting delegated administration status to decentralize the administrative function can improve portal management.

Administrators delegate privileges to subjects, which can be users, roles, or organizations. If the subject is a user, that user has access privileges. If the subject is a role, all users in that role have access privileges. If the subject is an organization, all the users in that organization have access privileges.

A Portal Server resource is a component, entity, or object in PortalDomain, a Portal Server installation that the portal administrator can manage, monitor and configure. PortalDomain resources include the following:

• Portal

  • Desktop

  • Web Services for Remote Portlet consumer

  • Web Services for Remote Portlet producer

  • Subscriptions

  • Communities

  • User behavior tracking

  • Logging

  • Monitoring

• Search server

• Secure Remote Access server

• SSO Adapter

The delegated administrator's privileges determine which PortalDomain resources that the delegated administrator can manage. These options for privileges are available:

• Manage all aspects of a portal

• Manage some aspects of any Portal Server resource

• Manage the display profiles for some other roles

Both role DNs and user DNs can use these options to manage assigned resources:

• Management console – The Portal Server resources assigned to the delegated administrator are available to the delegated administrator. For example, if the delegated administrator is granted Search server privileges, the management console provides the Search Server tab on the delegated administrator's home page. Other functions are unavailable.

• Desktop – An Admin tab on the delegated administrator's Desktop is available for managing the Portal Server resources assigned to the delegated administrator.

Portal Server Administration Tag Library and Portlets

Portal Server provides an administration tag library for developing administration portlets that enable Desktop functions of a portal to be managed from the Desktop instead of from the management console. The tag library allows administrators to do the following:

• Modify out-of-the-box administration portlets

• Develop portlets with new administration functionality

• Support provider management tasks and portlet and WSRP management tasks

• Create and administer channels that are based on JSPProvider

• Write custom administration portlets with a custom user interface

• Write administrative portlets to manage any custom channel

Super administrators can delegate Desktop administration functions by giving non-administrators access to the Admin tab on the Desktop. The Admin tab includes the following portlets:

• Tab administration portlets

  • Create Tab Admin

  • Delete Tab Admin

  • Tab Configuration Admin

• Channel administration portlets

  • Create Channel Admin

  • Delete Channel Admin

  • URL Scraper Admin

  • Create WSRP Channel Admin

Portal Server provides a sample set of administration portlets that can be used to design a basic Desktop for delegated administrators. For more information, see Chapter 22, Using the Portal Server Delegated Administration Tag Library, in Sun Java System Portal Server 7.2 Administration Guide.

Portal Server Command-Line Interface

Portal Server software provides a command-line interface (CLI). The CLI allows portal administrators to do the following:

• Perform administrative tasks by typing commands using the keyboard

• Automate regularly recurring management tasks by incorporating them into scripts

The CLI offers a number of psadmin subcommands for managing portal tasks. These include subcommands for:

• Managing multiple portals and portal instances

• Deploying portal and portlet WAR files

• Managing the search server

• Managing communities

• Managing Secure Remote Access server

• Managing monitoring

• Managing portal logging

• Managing resource control access privileges given to delegated administrators

Most management subcommands are written specifically to mimic functions in the browser interface. For management functions that have no special commands, administrators use standard commands for UNIX software.

For information about psadmin subcommands, see the Sun Java System Portal Server 7.2 Command-Line Reference.

Access Manager Functions

Portal Server administrators use the Sun Java^TM System Access Manager administrative console to manage tasks related to identity. This section provides the following topics:

• Portal Server User Identity

• Identity-Specific Portal Content

• Portal Server Login Accounts

Portal Server User Identity

Tasks related to identity of Portal Server users are provided by Access Manager, not Portal Server. Administrators use the Access Manager administrative console to perform the following tasks:

• Manage identity-based objects, including users, roles, and organizations to administer and assign appropriate access to users according to roles they have within organizations or suborganizations

• Delegate administrative functions to specific end users by authorizing the end users to administer organizations, suborganizations, users, policy, roles, and channels

• Reset administrator passwords, in the same way other passwords are changed

Identity-Specific Portal Content

Access Manager allows portal administrators to deliver portal content that is based on identities of specific end users. Administrators can define portal pages, attributes and access policies so that portal content is available only to the following identities:

• A specific organization

• A specific suborganization

• A role

• An individual

Individual end users who access the portal see a combined view of all portal pages.

Portal Server Login Accounts

A default administrator's account for logging in to the Portal Server management console is set up during Portal Server installation.

Administrators can set up additional login accounts for other portal administrators. Each new user must have the following:

• A valid user entry in the Access Manager console

• A Top-level Admin Role assignment

End-User Provisioning for Portal Server Communities

The Portal Server community subscription service allows community members to manage their own access to community data repositories. This allows end users to do the following:

• Join or subscribe to communities

• Subscribe to discussions provided on community discussion channels

• Save searches from community search channels

An end user who is a community owner can invite other end users to join the community and can deny membership to end users, if a community is private.