cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Running multiple Portals on the same domain

Go to solution
Former Member

on ‎05-28-2012 7:36 AM

0 Kudos

I need some help with the ideal architecture for the following scenario:

1) We need to run two portals on the same domain: portal.mycompany.com

2) The portals will be accessed from the internet via an Apache reverse proxy

3) Differentiating access based on domain prefix is not an option, so we cannot have abc.portal.mycompany.com and xyz.portal.mycompany.com

4) Users need to be given a start URL such as portal.mycompany.com/abc or portal.mycompany.com/xyz

Unfortunately, each portal has the same resource URLs, such as irj/portal. With some tricks on the reverse proxy, I can recognize which portal the initial request needs to go to, but each page that loads contains internal links that are virtually indistinguishable from each portal to the other. I have scoured the internet (without success) to see if there's any way a Netweaver portal can have a default suffix on the URL, for instance:

instead of https://portal.mycompany.com/irj/portal , use https://portal.mycompany.com/abc/irj/portal but found very little in this direction.

Would appreciate it if anybody's done this kind of thing before

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎05-28-2012 12:44 PM
0 Kudos

Hi John,

As far as I know you can configure the /irj/... part of the URL to be whatever you like, the IRJ (iView Runtime for Java) is basically a Web Application running on the J2EE Engine. Perhaps you could just change the mappings on the two portals to be /abc and /xyz instead. I have never had the need to do this - so I am not 100% sure, but I think it is possible. Perhaps someone reading this will be able to provide more info.

Out of interest can you not just use the same portal with different aliases (e.g. /irj/portal/abc and /irj/portal/xyz)? I am interested in what the requirement is that drives this architecture.

Thanks,
Simon

Show replies
Show replies
SandipAgarwalla
Active Contributor
‎05-28-2012 12:58 PM
0 Kudos

John

As Simon has mentioned, you can acheive the same using one portal only (you should also)..

Create 2 aliases, and bind 2 different desktops to it..One for Internal and other for external..

External one - /irj/portal/external...have a re-direct rule at Apache server which will transform www.externalportal.com to /irj/portal/external..use a DNS look up server which will resolve your hostname (externalportal) to your internal Portal hostname...

Internal one - /irj/portal/internal ...just can be accessed by LAN users..no internet access to this..

Also add a web dispatcher between Portal and Apache to have a load balancing since the portal is being accessed by lot of users..

Former Member
‎05-29-2012 12:11 PM
0 Kudos

Hi Simon,

       We also need to run multiple portals on the same domain. The reason for running multiple portals instead of alias is we are using different clients from the same backend SAP R/3 server. We cannot integrate two clients from the backend with same portal.

After reading your post, I got an idea if I can change the alias of the irj application , it will point to the custom alias value i maintain. so I can refer portal as

http://hostname:port/alias/portal

I am also not sure will this work.? Let me try ....

Regards,

Eben Joyson

SandipAgarwalla
Active Contributor
‎05-29-2012 12:38 PM
0 Kudos

We cannot integrate two clients from the backend with same portal

This is not true, you can..Create 2 different system objects in Portal, each representing diff client in R3..then integrate the content from each client via different iviews (Tcode,WDA,etc )

Sandip

Former Member
‎05-29-2012 12:50 PM
0 Kudos

Yes , we can create two different system objects in portal for different client. I know that.

What about ume integration? Can you integrate two clients with same portal. This means you need to maintain same users in both the clients which is not wise way.

Here is an example:

I have two clients 600 and 700 in sap R/3 and one portal system.

User A is in 600 and User B is in 700. In portal, I have assigned UME as ABAP Engine with client 600.  How will the user B will login to portal.?

Eben Joyson

SandipAgarwalla
Active Contributor
‎05-29-2012 1:27 PM
0 Kudos

Ok, so thats the scenario. yes you are right, you cant integrate 2 clients for UME??

For your scenario, then why dnt you use CUA...make one client as CUA lets say 500 and add the other 2 clients as satelite clients..

Point Ume to 500, create composite roles in CUA which will have single roles from 600 & 700...

So users from both client co-exist depending on whether they have singles roles form respective system..Create few Badis in CUA, which will push user profile when ever you want to create a user only in one of the sub-clients.

Sandip

Former Member
‎05-31-2012 2:05 PM
0 Kudos

If same user id exists in clients 600 and 700, how will this be differentiated in client 500?

Former Member
‎05-31-2012 2:25 PM
0 Kudos

That isn't best practice or advisable to be honest. The portal is designed to connect to one R3 system on the back end.

You will start having issues with JCo connections etc then for ESS/MSS.

SandipAgarwalla
Active Contributor
‎05-31-2012 5:53 PM
0 Kudos

James

Can you pls show me any documents/notes to validate if this is not the best practice?

The portal is designed to connect to one R3 system on the back end

I dnt quite agree to this statement. It is designed to connect multiple SAP systems.

using CUA is one of the way of doing central user management and with multiple backend systems. I had done this earlier, and never had a issues.

And reg your point on ESS/MSS, i cant really see any issue. ESS.MSS work son System object concept, you can create SO for any client. where do you see the issues?

Regards

Sandip

SandipAgarwalla
Active Contributor
‎05-31-2012 5:53 PM
0 Kudos

yes you can, by use of composite roles which will have single roles from both the system in case user exists in both clients..

Former Member
‎05-31-2012 7:51 PM
0 Kudos

Sorry, meant to say one system alias per client rather than just system.

But its recommended that one portal points to one R3 client, One SRM Client etc. 

Former Member
‎06-05-2012 5:43 AM
0 Kudos

Sorry for taking this long, and thanks to all for their inputs. However, I still don't have a definitive answer to this question. Here is why:

1) Simon mentioned that we could call the irj part, just about anything. We're trying this out, but the standard application does not seem to permit changes to the alias, and making a copy seems a little cumbersome, but if that's the only way...  this is the most promising possibility.

2) Sandip, it is not an option for us to use a common portal, or CUA, since each customer is contractually represented by a different and differentiated portal environment and backend client. Yes, it would have been convenient, but it is not an option.

Answers (1)

Answers (1)

Former Member
‎05-31-2012 2:23 PM
0 Kudos

Hi, I'm not sure about why this is an issue at all to be honest.

We have a Dev, QA, Training and production Enterprise portal all running in the same domain.

you use a proxy or ssl accelerator as the following :-

http://server.xx.xx:50000/irj/portal becomes https://mydevsystem. etc. etc.

so

https://mysapdev.xx.xx.xx:443/irj/portal is forwarded to  https://mysapdev.xx.xx.xx/irj/portal

then

http://server.xx.xx:50000/irj/portal becomes https://myqasystem. etc. etc.

Also one portal system can only ever point to one SAP R3 client system. Its a limitation of the architecture.

Thus needing a dev /qa /training /production portals.

Regards

James

Show replies
Show replies
Former Member
‎06-05-2012 5:48 AM
0 Kudos

Hi James,

As mentioned in point 3) in my original post, differentiating portals based on subdomains or prefixes is not an option. We do not have control over the domain, and the webmaster has provided us only with a single domain for this deployment.

To clarify, we only have portal.mycompany.com and I can only use portal.mycompany.com/abc and portal.mycompany.com/xyz to differentiate between the portals.

Former Member
‎06-06-2012 2:13 PM
0 Kudos

So there shouldn't be an issue then John.

I think your over complicating the issue.

A Simple forward or alias should be enough !

Use http://portal.mycompany.com/development - http://mysap.company.com:50000/irj/portal - dev portal.


Use http://portal.mycompany.com/qa - http://mysap.company.com:50000/irj/portal

I take it your dev / qa / productions systems are running on different servers !

James


Former Member
‎06-06-2012 3:10 PM
0 Kudos

Hi James,

Yes, my systems are running on different servers, and I did try the following approach using Apache mod_proxy:

ProxyPass /abc http://internal1.mycompany.com/irj/portal

ProxyPass /xyz http://internal2.mycompany.com/irj/portal

With the corresponding ProxyPassReverse options, which I am not typing here to avoid clutter, mod_proxy only rewrites the first access URL. So if a user types http://portal.mycompany.com/xyz into the browser, the reverse proxy translates it and responds with ...http://internal1.mycompany.com/irj/portal or have relative addressing such as /irj/portal which again cannot be resolved/differentiated on the reverse proxy.

What are you using as the entry point to your portal cluster, a reverse proxy, hardware proxy/firewall or web despatcher?

Former Member
‎06-06-2012 3:22 PM
0 Kudos

Hi

We use a SSL Accelerator / Loadbalancer which strips the URL so

http://xxx.ss.xx:50000/irj/portal becomes https://mydevserver.xx.ax/portal  stripping out the port number so everything runs on 443 / https.

so a end user points their browser at https://mydevsystem.co.uk/irj/portal which points to http://mydevserver.co.uk:50000/irj/portal

the we do the same for qa and production.

James

Ask a Question