7 Technical Questions to Ask in Your Portal Evaluation (Pt. II)

If you are struggling to choose the right web platform for your project, you’re not alone. There are many options to choose from, each claiming to be better than the rest. How do you choose for your specific project? The answer largely depends on the context of what you are trying to achieve. But whether you intend to build an employee intranet, e-commerce site, or anything in between, there are a few technical questions to consider.

This is the second post of a series designed to help guide you through some of the most important technical questions to consider in your evaluation. If you haven’t already, look through our first post here. Hopefully, these questions will assist you in discovering the portal framework that is best suited for your project needs.

3. DOES THE PLATFORM SUPPORT FINE-GRAINED PERMISSIONS?

The permission system works alongside the authentication system and is responsible for providing varying levels of entitlements to users in order to protect access to content and site functions. Some portal vendors do not provide support for granular permissions nor do they provide an easy way to extend portlet permissions. The portal platform you select should have a flexible, fine-grained permission system, allowing for very granular or wide sweeping levels of access. These fine-grained permissions should protect access to anything as large as an entire site, a singular page, a portlet, or a piece of content. Additionally, the permission system should be an integral component of the system. This is especially important when custom components are to be provided to other systems as remote services.

A good portal platform will allow for custom end-user portlets to extend the permission system that is provided by the base platform. This will allow custom portlets to provide and protect new content and features with the same mechanisms that the portal provides. Equally important is ensuring that access control is built into the platform at the service layer. This is key for solutions that strive to provide rich user interactions, where data and feature access should not be managed on the client side. A good portal platform will police access at the server.

Finally, fully understanding the various means in which your portal will present and segment information to your user audience is critical. Specifically, you must understand the portal security architecture and its limitations. Problems arise when the portal security architecture does not support the various ways that information needs to be segmented. For example, does the platform support segmenting users into communities or groups? Are hierarchical levels supported? Can these segments overlap each other? The portal platform must also provide the ability to assign permissions to these groups and user segments. This allows administrators to easily manage permissions for large groups of users quickly and easily, without the redundancy of editing the permissions of each user. In choosing the right platform, you should look for a permission system that is as flexible and fine-grained as possible.

4. CAN THE PLATFORM EASILY SUPPORT THE RICH INTERACTIONS AND WEB USER EXPERIENCES OF TODAY AND TOMORROW?

Web 2.0 is an overused buzz term that can mean many different things. One common characteristic of a Web 2.0 application is a good user experience. From a UI perspective, this often means reducing page transitions by relying on AJAX calls or creating an experience that performs more like that of a local desktop application.

Supporting this type of user experience requires a backend foundation that is secure, scalable and easy to maintain and manage. Although writing code to support SOAP and REST-based protocols on top of the portal platform is possible, it is better if the platform supports it directly. In supporting these protocols, not only should the base portal services be provided, but there should also be support for user-written business logic to be created and exposed in the same manner. This provides a clean architecture that keeps the business logic tier on the server side and away from the client side. Applications taking advantage of this approach are also immediately able to contribute as service providers on an Enterprise Service Bus (ESB).

The portal platform must also be able to support and adapt to web development paradigms as they arise. Single page applications, AgularJS, jQuery, and so forth: these are all technologies and frameworks that are widely adopted by today’s leading web developers. Your portal platform should be able to support these frameworks, as well as whatever you want to use on the UI layer to create rich web interactions.

Related to this is security, which is vastly important when providing services to AJAX clients. A good portal platform will provide security for these calls from a foundational perspective, making it less burdensome for your code to support. Be sure to find a platform that provides security enforcement at the service and business object model level.

These are only two of the technical questions to consider during your portal platform evaluation. If you found these questions insightful during your evaluation, make sure to check out our first post in the series here. Also, be sure to read our third and final post here, where we address three more technical questions to ask during your portal platform evaluation.

 

Liferay Buyer's Checklist

If you want to learn about other factors to consider in a portal evaluation, we explore this topic in depth in our Liferay Buyer’s Checklist. It features a basic summary and a comprehensive checklist on evaluation criteria.

Download the Checklist