Planning for portal application authorization

Published: January 11, 2010

Updated: February 1, 2010

Applies To: Unified Access Gateway

By default, all users are allowed to view and access an application published in a Forefront Unified Access Gateway (UAG) portal. You can disable the All Users Are Authorized default setting for an application, and configure application authorization. Application authorization allows you to control which users are authorized to view and access each of the applications published in a portal. This provides a personalized experience for different users, depending on their authorization permissions.

To use application authorization, you configure user or group authorization repositories against which users requesting access to portal applications can be evaluated. You can use repositories defined on existing authentication servers, or configure alternative authorization repositories. For more information, see Implementing users and groups for application authorization.

Note that application personalization only works when you use the default portal home page supplied with Forefront UAG. You can configure authorization with default or custom portal home pages.

To define authorization, do the following:

  • Define an authorization user or group server against which users requesting application access can be evaluated. You can use the servers you defined for user authentication, or specify a different server to be used for authorization. For information, see Planning for client authentication.

  • Set authorization settings for specific applications published in a portal.