Some generalizations that I have noticed from watching the portal implementation forum.
They are, by definition, general in nature, so sometimes there are exceptions. But to keep things simple when implementing the SAP portal, please be aware that:
- The portal doesn't know how many people are currently logged on. It is stateless, and although it knows you have logged on, it can't tell if you've logged off.
- The portal can't limit the number of users who are logged across the system, just per server node (see here).
- The portal cannot prevent the same user logging on multiple times.
- People are unlikely to share certification questions. They have paid good money and spent their valuable time to acquire the knowledge and giving that knowledge away devalues it.
- There is no inactivity timeout function in the portal. The single sign on cookie has a lifetime, but that only says when it will expire. It doesn't care whether you've been doing portal activities or not.
- Simple changes to the logon page are easy. More complicated ones require some coding skills.
- The portal doesn't stop you doing things in SAP. Only the SAP security mechanism (SAP roles and authorization objects) can do that.
- Portal roles, SAP roles and UME roles are different animals. Don't get them mixed up!
- The installation guides are very useful and should be looked at before attempting to install the portal.
- Searching help.sap.com can save you quite a bit of effort.
- Understanding the basics of single sign on is really, really useful.
- It is difficult to change the logged on anonymous user. Once a named anonymous user is logged on, don't try and become a nother anonymous user.
- Remember, it's just software! You're not solving the world's major problems.