Administering Oracle WebCenter Portal

Administering Oracle WebCenter Portal
Oracle® Fusion Middleware
Administering Oracle WebCenter Portal
12c (12.2.1.3.0)
E84268-01
August 2017
Oracle Fusion Middleware Administering Oracle WebCenter Portal, 12c (12.2.1.3.0)
E84268-01
Copyright © 2007, 2017, Oracle and/or its affiliates. All rights reserved.
Primary Author: Oracle Corporation
This software and related documentation are provided under a license agreement containing restrictions on
use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your
license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify,
license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means.
Reverse engineering, disassembly, or decompilation of this software, unless required by law for
interoperability, is prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free. If
you find any errors, please report them to us in writing.
If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on
behalf of the U.S. Government, then the following notice is applicable:
U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software,
any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are
"commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agencyspecific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the
programs, including any operating system, integrated software, any programs installed on the hardware,
and/or documentation, shall be subject to license terms and license restrictions applicable to the programs.
No other rights are granted to the U.S. Government.
This software or hardware is developed for general use in a variety of information management applications.
It is not developed or intended for use in any inherently dangerous applications, including applications that
may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you
shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its
safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this
software or hardware in dangerous applications.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of
their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are
used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron,
the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro
Devices. UNIX is a registered trademark of The Open Group.
This software or hardware and documentation may provide access to or information about content, products,
and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly
disclaim all warranties of any kind with respect to third-party content, products, and services unless otherwise
set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not be
responsible for any loss, costs, or damages incurred due to your access to or use of third-party content,
products, or services, except as set forth in an applicable agreement between you and Oracle.
Contents
Preface
Audience
xxxvii
Documentation Accessibility
xxxvii
Related Documents
xxxvii
Conventions
xxxvii
Who's Who
Knowledge Worker
Application Specialist
xl
Web Developer
xli
Developer
xlii
System Administrator
xlii
Part I
1
xxxix
Introduction to Oracle WebCenter Portal
Introduction to Administration for WebCenter Portal
1.1
Introducing Oracle WebCenter Portal
1-1
1.2
Oracle WebCenter Portal Architecture
1-2
1.3
1.2.1
WebCenter Portlets
1-2
1.2.2
Application Development Framework
1-2
1.2.3
Portal Composer
1-2
1.2.4
Tools and Services
1-3
1.2.5
Discussion Server
1-3
1.2.6
Analytics
1-4
Oracle WebCenter Portal Topology
1-4
1.3.1
Oracle WebCenter Portal Directory Structure
1-4
1.3.2
Oracle WebCenter Portal Managed Servers
1-5
1.3.3
Oracle WebCenter Portal Configuration Considerations
1-6
1.3.4
Discussions Server Configuration
1-7
1.3.5
Oracle WebCenter Portal State and Configuration Persistence
1-7
iii
1.3.6
Analytics Considerations
1-7
1.3.7
Oracle WebCenter Portal Log File Locations
1-7
1.4
Understanding the Oracle WebCenter Portal Installation
1-8
1.5
Understanding Administrative Operations, Roles, and Tools
1-8
1.6
Performance Monitoring and Diagnostics
1-10
1.7
Understanding Security
1-10
1.8
Data Migration, Backup, and Recovery
1-10
1.9
Oracle WebCenter Portal Administration Tools
1-11
1.9.1
Oracle Enterprise Manager Fusion Middleware Control Console
1.9.1.1
1.9.2
Oracle WebLogic Server Administration Console
1.9.2.1
1.9.3
2
Running Oracle WebLogic Scripting Tool (WLST) Commands
1-11
1-12
1-12
1-13
1-13
1.9.4
System MBean Browser
1-15
1.9.5
WebCenter Portal Administration Pages
1-16
Getting Started
Getting Started Administering WebCenter Portal
2.1
Role of the System Administrator
2-2
2.2
Installing WebCenter Portal
2-2
2.3
Setting Up WebCenter Portal for the First Time (Roadmap)
2-2
2.4
Customizing WebCenter Portal for the First Time (Roadmap)
2-6
2.5
System Administration for WebCenter Portal – Fusion Middleware Admin Role
(Roadmap)
2-7
System Administration for WebCenter Portal – WebCenter Portal Admin Role
(Roadmap)
2-10
2.6
3
Locking Domain Configuration
Oracle WebLogic Scripting Tool (WLST)
1.9.3.1
Part II
Displaying Fusion Middleware Control Console
1-11
Starting Enterprise Manager Fusion Middleware Control
3.1
Displaying Fusion Middleware Control Console
3-1
3.2
Navigating to the Home Page for WebCenter Portal
3-2
3.3
3.2.1
Home Page for WebCenter Portal
3-3
3.2.2
Navigating to the WebCenter Portal Home Page
3-5
Navigating to Dependent Components
3-6
iv
4
Starting and Stopping Managed Servers and Applications for Oracle
WebCenter Portal
4.1
Starting Node Manager
4-2
4.2
Starting and Stopping Managed Servers for WebCenter Portal Application
Deployments
4-2
4.3
Part III
5
6
4.2.1
Oracle WebCenter Portal Managed Servers
4-2
4.2.2
Starting and Stopping Managed Servers
4-3
Starting and Stopping the WebCenter Portal Application
4-4
4.3.1
Starting WebCenter Portal Using Fusion Middleware Control
4-4
4.3.2
Starting WebCenter Portal Using WLST
4-5
4.3.3
Stopping WebCenter Portal Using Fusion Middleware Control
4-5
4.3.4
Stopping WebCenter Portal Using WLST
4-5
Administering Tools and Services
Managing Tools and Services
5.1
About Tools and Services
5-1
5.2
Enabling and Disabling Tools and Services in WebCenter Portal
5-9
Managing Connections to Oracle WebCenter Content Server
6.1
About Oracle WebCenter Content Server Connections
6-1
6.2
Prerequisites for Configuring Oracle WebCenter Content Server
6-3
6.2.1
Installation Prerequisites for Oracle WebCenter Content Server
6-3
6.2.2
Installation Prerequisites for Inbound Refinery
6-4
6.2.3
Configuration Prerequisites for Oracle WebCenter Content Server and
Inbound Refinery
6-4
Security Prerequisites for Oracle WebCenter Content Server and
Inbound Refinery
6-5
6.2.4
6.3
Configuration Roadmap for Oracle WebCenter Content Server
6-6
6.4
Configuring Oracle WebCenter Content Server
6-9
6.4.1
Enabling Mandatory Components
6-10
6.4.1.1
Enabling the FrameworkFolders Component
6-11
6.4.1.2
Enabling the WebCenterConfigure Component
6-11
6.4.2
Configuring the Dynamic Converter Component
6-13
6.4.2.1
Enabling the Dynamic Converter Component
6-14
6.4.2.2
Specifying the File Type, File Size, and Timeout Settings
6-14
6.4.3
Configuring the Inbound Refinery
6-15
6.4.3.1
Creating an Outbound Provider
6-15
6.4.3.2
Selecting the File Formats To Be Converted
6-16
v
6.4.3.3
Enabling the Conversion of Wikis and Blogs into PDFs
6-17
6.4.3.4
Specifying the Timeout Setting for File Conversions
6-19
6.4.4
Setting Up SSL for Oracle WebCenter Content Server
6-19
6.4.5
Setting Up Site Studio
6-19
6.4.5.1
Enabling Full-Text Search
6-21
6.4.7
Creating Content Profiles in Oracle WebCenter Content Server
6-22
6.4.8
Enabling Digital Asset Manager
6-22
6.4.9
Additional Optional Configurations for Oracle WebCenter Content
Server
6-23
6.4.9.1
Configuring Oracle WebCenter Content Server for Desktop
6-23
6.4.9.2
Configuring the File Store Provider
6-24
6.4.9.3
Setting Up Node Manager
6-25
6.4.9.4
Configuring Localization Properties
6-25
6.4.9.5
Showing and Hiding the Wiki Markup Tab in the Rich Text Editor
6-25
6.4.9.6
Disabling Text Wrapping in the Rich Text Editor
6-26
Registering the Default Oracle WebCenter Content Server Repository
6.4.10.1
6.4.10.2
6-27
Checking the Oracle WebCenter Portal Data Seeded in Oracle
WebCenter Content Server
6-28
6-30
6.5.1
About Creating a Connection to Oracle WebCenter Content Server
6-31
6.5.2
Creating a Connection to Oracle WebCenter Content Server Using
Fusion Middleware Control
6-33
Connecting to Oracle WebCenter Content Server Using SocketBased Communication
6-33
Connecting to Oracle WebCenter Content Server Using Secure
Socket-Based Communication
6-36
6.5.2.3
Connecting to Oracle WebCenter Content Server Using JAX-WS
6-40
6.5.2.4
Connecting to Oracle WebCenter Content Server Using HTTP
6-43
6.5.2.2
6.5.3
Registering Oracle WebCenter Content Server Using WLST
6-45
6.5.4
Oracle WebCenter Content Server Connection Parameters for RIDC
Socket Types
6-45
Setting Connection Properties for the Default Oracle WebCenter Content
Server Connection
6.6.1
6.6.2
6.7
6-27
Configuring the Default Oracle WebCenter Content Server
Connection for Oracle WebCenter Portal
Creating a Connection to Oracle WebCenter Content Server
6.5.2.1
6.6
6-20
6.4.6
6.4.10
6.5
Enabling the iFraming UI
Setting Connection Properties for the Default Oracle WebCenter
Content Server Connection Using Fusion Middleware Control
6-49
Setting Connection Properties for the Default Oracle WebCenter
Content Server Connection Using WLST
6-51
Modifying Oracle WebCenter Content Server Connection Details
6.7.1
6-49
Modifying Oracle WebCenter Content Server Connection Details Using
Fusion Middleware Control
6-52
6-52
vi
6.7.2
Modifying Oracle WebCenter Content Server Connection Details Using
WLST
6-52
6.7.3
Modifying Cache Settings for Content Presenter
6-53
6.7.4
Configuring the Cache to Check for External Oracle WebCenter Content
Server Changes
6-60
6.7.4.1
6.7.4.2
6.7.4.3
6.8
6-60
Modifying Oracle WebCenter Content Server's Cache Invalidation
Interval
6-60
Testing the Cache Settings
6-62
Deleting Oracle WebCenter Content Server Connections
6.8.1
6.8.2
6.9
6-65
Deleting Oracle WebCenter Content Server Connections Using Fusion
Middleware Control
6-66
Deleting Oracle WebCenter Content Server Connections Using WLST
6-66
Changing the Maximum File Upload Size
6.10
7
Modifying Oracle WebCenter Content Server's Contributor Data
Files
Configuring Content Manager for Oracle Content and Experience Cloud
6-66
6-67
Managing Analytics
7.1
About Analytics in WebCenter Portal
7-2
7.1.1
Analytics Components
7-2
7.1.2
Analytics Task Flows
7-3
7.2
Configuration Roadmap for Analytics
7-4
7.3
Analytics Prerequisites
7-5
7.4
7.5
7.3.1
Analytics – Installation
7-5
7.3.2
Analytics – Configuration
7-6
7.3.3
Analytics – Security Considerations
7-6
7.3.4
Analytics – Limitations
7-6
Configuring Analytics Collector Settings
7-6
7.4.1
Setting Analytics Collector Properties Using WLST
7-7
7.4.2
Setting Analytics Collector Properties Using Fusion Middleware Control
7-7
Registering an Analytics Collector for Your Application
7-9
7.5.1
Registering an Analytics Collector Using Fusion Middleware Control
7.5.2
Registering an Analytics Collector Using WLST
7-11
7.5.3
Disabling WebCenter Portal Event Collection
7-11
7.5.3.1
7.5.3.2
7-9
Disabling WebCenter Portal Event Collection Using Fusion
Middleware Control
7-11
Disabling WebCenter Portal Event Collection Using WLST
7-12
7.6
Validating Analytic Event Collection
7-12
7.7
Viewing the Current WebCenter Portal's Analytic Event List
7-13
7.8
Purging Analytics Data
7-14
7.9
Partitioning Analytics Data
7-14
vii
8
Managing Calendar Events
8.1
About Events Connections
8-1
8.2
Configuring Personal Events for WebCenter Portal
8-2
8.3
Events Prerequisites for Personal Events
8-3
8.3.1
Microsoft Exchange Server 2013 - Installation
8-4
8.3.1.2
Microsoft Exchange Server 2013 - Configuration
8-4
8.3.1.3
Microsoft Exchange Server 2013 - Security Considerations
8-4
8.3.1.4
Microsoft Exchange Server 2013 - Limitations
8-6
8.6
8-6
8.3.2.2
Microsoft Exchange Server 2010 - Configuration
8-6
8.3.2.3
Microsoft Exchange Server 2010 - Security Considerations
8-7
8.3.2.4
Microsoft Exchange Server 2010 - Limitations
8-9
Microsoft Exchange Server 2007 Prerequisites
8-9
8.3.3.1
Microsoft Exchange Server 2007 - Installation
8-9
8.3.3.2
Microsoft Exchange Server 2007 - Configuration
8-9
8.3.3.3
Microsoft Exchange Server 2007 - Security Considerations
8-10
8.3.3.4
Microsoft Exchange Server 2007 - Limitations
8-11
Registering Events Servers
8-11
8.4.1
Registering Events Servers Using Fusion Middleware Control
8-11
8.4.2
Registering Event Servers Using WLST
8-12
Choosing the Active Events Server Connection
8-13
8.5.1
Choosing the Active Events Server Using Fusion Middleware Control
8-13
8.5.2
Choosing the Active Events Server Connection Using WLST
8-14
Modifying Events Server Connection Details
8.6.2
9
8-6
Microsoft Exchange Server 2010 - Installation
8.6.1
8.7
Microsoft Exchange Server 2010 Prerequisites
8.3.2.1
8.3.3
8.5
8-3
8.3.1.1
8.3.2
8.4
Microsoft Exchange Server 2013 Prerequisites
8-14
Modifying Events Server Connection Details Using Fusion Middleware
Control
8-14
Modifying Events Server Connection Details Using WLST
8-15
Deleting Event Server Connections
8-15
8.7.1
Deleting Event Server Connections Using Fusion Middleware Control
8-15
8.7.2
Deleting Event Server Connections Using WLST
8-16
Integrating Other Oracle Applications
9.1
About Integrating Other Oracle Applications
9-1
9.2
Integrating Siebel Applications
9-2
9.2.1
How to Integrate Siebel Applications as Web Services
9-2
9.2.1.1
How to Prepare the Siebel Application
9-3
9.2.1.2
How to Consume a Siebel Web Service Data Control
9-5
9.2.2
How to Integrate Siebel Applications Using the Siebel Web Engine
9-6
viii
9.3
Integrating E-Business Suite Applications
9.3.1
Understanding EBS Integration
9-7
9.3.1.2
Requirements for Integrating EBS Applications
9-7
9-8
How to Prepare OID for Use Without Single Sign-On
9.3.2.2
How to Create a User in EBS and Assign a Responsibility
9-10
9.3.2.3
How to Configure the EBS Applications Profile Options
9-11
9.3.2.4
How to Add the WebCenter Host as a Trusted Portal Using
AutoConfig
9-13
How to Integrate EBS Applications as WSRP Portlets
9-9
9-13
9.3.3.1
How to Prepare the EBS Portlet for Remote Access
9-13
9.3.3.2
How to Integrate EBS Applications
9-15
9.3.4
How to Integrate EBS Applications as Data Controls
9-17
9.3.4.1
How to Generate the WSDL
9-17
9.3.4.2
How to Add a Web Service Data Control to a Portal Page
9-18
Integrating JD Edwards Applications
9-19
9.4.1
How to Prepare the JD Edwards Application for Remote Access
9-20
9.4.2
How to Register the Producer
9-20
9.4.3
How to Add the JD Edwards Portlet to a WebCenter Portal Page
9-20
9.4.4
How to Test the Portlet Connection
9-21
Integrating PeopleSoft Applications
9.5.1
About Integrating PeopleSoft Applications
9-21
9-21
9.5.1.1
Understanding PeopleSoft Integration
9-21
9.5.1.2
Requirements for Integrating PeopleSoft Applications
9-21
9.5.2
How to Integrate PeopleSoft Applications as WSRP Portlets
9-22
9.5.2.1
How to Prepare the PeopleSoft Application for Remote Access
9-22
9.5.2.2
How to Configure WS-Security for PeopleTools 8.52 and Later
9-25
9.5.2.3
How to Attach a WS-Security Policy to WebCenter Portal
9-30
9.5.2.4
How to Integrate PeopleSoft Applications in WebCenter Portal
9-34
9.5.2.5
How to Configure WS-Security for PeopleTools 8.51
9-35
9.5.3
9.6
Required Configurations for Integrating EBS
9.3.2.1
9.3.3
9.5
9-7
9.3.1.1
9.3.2
9.4
About Integrating EBS Applications
9-7
How to Integrate PeopleSoft Applications as Data Controls in
WebCenter Portal
9-38
9.5.3.1
How to Prepare the WSDL
9-38
9.5.3.2
How to Create a Web Service Data Control
9-43
Integrating Oracle Business Intelligence Presentation Services
9.6.1
About Integrating Oracle Business Intelligence Presentation Services
9.6.1.1
9.6.1.2
9.6.1.3
9-45
9-45
Understanding Oracle Business Intelligence Presentation
Services Integration
9-45
Requirements for Integrating Oracle Business Intelligence
Presentation Services
9-46
Advanced Integration Options
9-46
ix
9.6.2
How to Configure Credentials for Connecting to the Oracle BI
Presentation Catalog
9.6.2.1
How to Check for the BIImpersonateUser
9-47
9.6.2.2
How to Create the BIImpersonateUser
9-48
9.6.2.3
How to Grant Permissions to BIImpersonateUser
9-49
9.6.3
How to Integrate Oracle Business Intelligence Objects in WebCenter
Portal
9.6.3.1
9-51
How to Add Oracle BI Objects to a WebCenter Portal Resource
Catalog
9-52
9.6.3.3
How to Add Oracle BI Content at Runtime
9-53
9.6.3.4
How to Modify a Business Intelligence Object's Prompt Values
9-54
9.6.3.5
How to Modify a Business Intelligence Task Flow's Initialization
Parameters
9-54
Integrating with Oracle Content and Experience Cloud
9-55
9.7.1
About Oracle Content and Experience Cloud Integration
9-55
9.7.2
Integrating Oracle Content and Experience Cloud with WebCenter
Portal
9-55
Creating a Default Oracle Content and Experience Cloud Connection
Using WLST
9-56
9.7.3
10
9-50
How to Add or Modify a Presentation Services Connection After
Deployment
9.6.3.2
9.7
9-46
Managing Search in WebCenter Portal with Elasticsearch
10.1
Understanding Search with Elasticsearch
10-1
10.2
Configuration Roadmap for Elasticsearch in WebCenter Portal
10-2
10.3
Prerequisites for Configuring Elasticsearch
10-2
10.4
Creating a Crawl Admin User in WebCenter Portal
10-2
10.5
Installing Elasticsearch and Plugins
10-4
10.6
Configuring WebCenter Content for Search
10-6
10.6.1
Creating a Crawl User in WebCenter Content
10-6
10.6.2
Configuring the SESCrawlerExport Component
10-7
10.7
Configuring WebCenter Portal for Search
10-8
10.8
Synchronizing Users in WebCenter Portal
10-10
10.9
Configuring Search Crawlers
10-10
10.9.1
Creating the Crawl Source for WebCenter Portal
10-11
10.9.2
Creating the Crawl Source for Documents
10-12
10.9.3
Taking a Snapshot of the Content
10-14
10.9.4
Creating the Crawl Source for Discussion Server
10-15
10.10
Modifying Elasticsearch Global Attributes
10-17
10.11
Configuring Search Custom Attributes for Elasticsearch
10-18
10.12
Scheduling a Crawl
10-21
10.12.1
Scheduling an Incremental Crawl
10-22
x
10.12.2
Manually Starting a Full Crawl
10-23
10.12.3
Starting the Scheduled Crawler
10-24
10.12.4
Enabling and Disabling the Scheduled Crawl
10-24
Customizing Settings in WebCenter Portal Administration
10-24
10.13
11
Managing Instant Messaging and Presence
11.1
About Instant Messaging and Presence Connections
11-1
11.2
Instant Messaging and Presence Server Prerequisites
11-2
11.2.1
Microsoft Lync - Installation
11-2
11.2.2
Microsoft Lync - Configuration
11-2
11.2.2.1
Simple Deployment
11-2
11.2.2.2
Remote Deployment
11-4
11.2.3
11.3
Microsoft Lync - Security Considerations
11-10
Registering Instant Messaging and Presence Servers
11-10
11.3.1
11.3.2
11.4
11.4.2
11.5.2
11-13
11.6.2
11-13
Choosing the Active Connection for Instant Messaging and Presence
Using Fusion Middleware Control
11-14
Choosing the Active Connection for Instant Messaging and Presence
Using WLST
11-14
11-15
Modifying Instant Messaging and Presence Connections Details Using
Fusion Middleware Control
11-15
Modifying Instant Messaging and Presence Connections Details Using
WLST
11-15
Deleting Instant Messaging and Presence Connections
11.6.1
12
Registering Instant Messaging and Presence Servers Using WLST
Modifying Instant Messaging and Presence Connection Details
11.5.1
11.6
11-11
Choosing the Active Connection for Instant Messaging and Presence
11.4.1
11.5
Registering Instant Messaging and Presence Servers Using Fusion
Middleware Control
11-16
Deleting Instant Messaging and Presence Connections Using Fusion
Middleware Control
11-16
Deleting Instant Messaging and Presence Connections Using WLST
11-16
11.7
Setting Up Instant Messaging and Presence Defaults
11-17
11.8
Testing Instant Messaging and Presence Connections
11-17
Managing Mail
12.1
About Mail Server Connections
12-2
12.2
Configuration Roadmap for Mail
12-2
12.3
Mail Server Prerequisites
12-3
12.3.1
Mail Server - Installation
12-4
12.3.2
Mail Server - Configuration
12-4
xi
12.3.2.1
12-4
12.3.3
Mail Server - Security Considerations
12-6
12.3.4
Mail Server - Limitations
12-6
12.4
Registering Mail Servers
12.4.1
Registering Mail Servers Using Fusion Middleware Control
12.4.2
Registering Mail Servers Using WLST
12.5
Choosing the Active (or Default) Mail Server Connection
12.5.1
12.5.2
12.6
12.6.2
12.7
12-6
12-6
12-11
12-12
Choosing the Active (or Default) Mail Server Connection Using Fusion
Middleware Control
12-12
Choosing the Active (or Default) Mail Server Connection Using WLST
12-13
Modifying Mail Server Connection Details
12.6.1
12-13
Modifying Mail Server Connection Details Using Fusion Middleware
Control
12-13
Modifying Mail Server Connection Details Using WLST
12-15
Deleting Mail Server Connections
12-15
12.7.1
Deleting a Mail Connection Using Fusion Middleware Control
12-15
12.7.2
Deleting a Mail Connection Using WLST
12-16
12.8
Setting Up Mail Defaults
12-16
12.9
Testing Mail Server Connections
12-16
12.10
Configuring Send Mail Notifications for WebCenter Portal
12.10.1
13
Configuring Microsoft Exchange Server 2007, 2010, or 2013 for
WebCenter Portal
Enabling Shared Mail Connections for Send Mail Notifications
12-17
12-18
Managing People Connections
13.1
About the People Connections Service
13-1
13.2
People Connections Prerequisites
13-2
13.3
Configuring People Connections for WebCenter Portal
13-2
13.3.1
Accessing People Connections Administrative Settings
13-2
13.3.2
Configuring Activity Stream
13-3
13.3.3
Configuring Connections
13-6
13.3.4
Configuring Profile
13-8
13.3.5
Configuring Message Board
13-11
13.3.6
Configuring Feedback
13-13
13.4
Archiving the Activity Stream Schema
13-14
13.5
Specifying a Management Chain for Organization View
13-15
13.5.1
Example Embedded LDAP Configuration
13-16
13.6
Setting Profile Configuration Properties
13-20
13.7
Synchronizing Profiles with the Identity Store
13-21
xii
14
Managing RSS
14.1
About RSS
14-1
14.2
RSS Prerequisites
14-1
14.3
Setting Up a Proxy Server
14-2
14.3.1
Setting Up a Proxy Server for External RSS News Feeds
14-2
14.3.2
Setting Up a Proxy Server Using Fusion Middleware Control
14-2
14.3.3
Setting Up a Proxy Server Using WLST
14-2
14.4
15
14-3
Managing Subscriptions and Notifications
15.1
About Subscriptions and Notifications
15-1
15.2
Setting Up Default Subscription Preferences
15-2
15.2.1
About Subscription Defaults
15-2
15.2.2
Setting Subscription Defaults
15-4
15.2.3
Setting Subscriptions Preferences in WebCenter Portal
15-8
15.3
Setting Up Notifications
15.3.1
About Connection Channels
15.3.2
Notification Prerequisites
15-8
15-9
15-10
15.3.2.1
Installation
15-10
15.3.2.2
Configuration
15-10
15.3.2.3
Security
15-11
15.3.2.4
Limitations
15-11
15.3.3
Configuration Roadmap for Notifications
15.3.4
Specifying the Notifications Channel Using Fusion Middleware Control
15.3.5
Specifying the Notifications Channel Using WLST
15-14
15.3.6
Example - Setting Up Mail Notifications for WebCenter Portal Using
WLST
15-14
15.4
Creating and Applying Custom Notification Templates
15-11
15-13
15-15
15.4.1
About Overwriting Default Notification Templates
15-16
15.4.2
Overwriting a Default Notifications Template
15-18
15.5
16
Testing External RSS News Feed Connections
Testing the Notifications Connection
15-19
Managing the SOA Connection for WebCenter Portal Membership
Workflows
16.1
Configuration Roadmap for WebCenter Portal Workflows
16-2
16.2
About BPEL Connections
16-3
16.3
BPEL Server Prerequisites
16-3
16.3.1
BPEL Server - Installation and Configuration
16-4
16.3.2
BPEL Server - Security Considerations
16-4
xiii
17
16.4
Specifying the BPEL Server Hosting WebCenter Portal Workflows
16-5
16.5
Configuring WebCenter Portal Workflow Notifications to be Sent by Email
16-7
16.6
Excluding Webcenter Portal Workflows URL in OAM
16-8
Managing Portlet Producers
17.1
About Portlet Producers
17-1
17.2
Registering WSRP Producers
17-3
17.2.1
Registering a WSRP Producer Using Fusion Middleware Control
17-4
17.2.2
Registering a WSRP Producer Using WLST
17-5
17.2.3
Adding a Grant to the Policy Store for a Mapped User Identity
17-5
17.2.4
Registering a WSRP Portlet Producer in WebCenter Portal
17-6
17.2.5
WSRP Producer Connection Parameters
17-7
17.2.6
WSRP Producer Security Connection Parameters
17-9
17.2.7
WSRP Producer Keystore Connection Parameters
17-12
17.3
Testing WSRP Producer Connections
17-13
17.4
Editing WSRP Producer Registration Details
17-14
17.4.1
About Editing WSRP Producer Registration Details
17-14
17.4.2
Editing WSRP Producer Registration Details Using Fusion Middleware
Control
17-14
17.4.3
Editing Producer Registration Details Using WLST
17-15
17.4.4
Editing WSRP Producer Registration Details in WebCenter Portal
17-15
17.4.5
Migrating WSRP Producer Metadata to a New WSDL URL
17-16
17.4.6
Editing the Portlet Client Configuration
17-17
17.5
Deregistering WSRP Portlet Producers
17-17
17.5.1
About Deregistering Portlet Producers
17-18
17.5.2
Deregistering a WSRP Portlet Producer Using Fusion Middleware
Control
17-18
17.5.3
Deregistering a WSRP Portlet Producer Using WLST
17-19
17.5.4
Deregistering a WSRP Portlet Producer in WebCenter Portal
17-19
17.6
Deploying Portlet Producer Applications
17-19
17.6.1
Preparing Portlet Producer Applications for Deployment
17-20
17.6.2
Deploying a Portlet Producer Application Using Fusion Middleware
Control
17-21
Deploying a Portlet Producer Application Using Oracle WebLogic
Server Administration Console
17-23
17.6.4
Deploying a Portlet Producer Application Using WLST
17-24
17.6.5
Deploying a Portlet Producer Application Using Oracle JDeveloper
17-26
17.6.3
17.7
Managing Oracle PDK-Java Portlet Producers
17-26
17.7.1
Registering an Oracle PDK-Java Portlet Producer
17-27
17.7.2
Testing Oracle PDK-Java Producer Connections
17-28
17.7.3
Editing Oracle PDK-Java Portlet Producer Registration Details
17-28
xiv
18
17.7.4
Deregistering an Oracle PDK-Java Portlet Producer
17-30
17.7.5
Oracle PDK-Java Portlet Producer Connection Parameters
17-31
Managing Pagelet Producer
18.1
About Pagelet Producer
18.1.1
Overview
18-2
18.1.2
Using the Pagelet Producer Console
18-2
18.1.3
Exposing WSRP Portlets
18-3
18.1.4
Exposing OpenSocial Gadgets
18-3
18.1.5
Exposing WebCenter Interaction Portlets
18-3
18.2
Registering Pagelet Producer
18-3
18.2.1
Registering Pagelet Producer Using Fusion Middleware Control
18-4
18.2.2
Registering Pagelet Producer Using WLST
18-4
18.2.3
Configuring the Pagelet Producer Service for WebCenter Portal
18-5
18.2.4
Registering Pagelet Producer Using WebCenter Portal
18-5
18.2.5
Redeploying Pagelet Producer to a Different Context
18-6
18.3
Registering WSRP Portlet Producers in Pagelet Producer
18-7
18.4
Using Portlet-Based Pagelets
18-9
18.5
Configuring the Trust Service Identity Asserter
18-9
18.5.1
About the Trust Service Identity Asserter
18-9
18.5.2
Preparing for Configuring the Trust Service Identity Asserter
18-9
18.5.3
Executing Trust Service Identity Asserter Configuration
18.6
Managing Import, Export, Backup and Recovery of Pagelet Producer
Components
18-10
18-11
18.6.1
Exporting and Importing Pagelet Producer Resources
18-11
18.6.2
Exporting and Importing Pagelet Producer Metadata Using WLST
18-13
18.6.2.1
Exporting Pagelet Producer Metadata Using WLST
18-13
18.6.2.2
Importing Pagelet Producer Metadata Using WLST
18-14
18.6.3
19
18-1
Backing Up and Restoring Pagelet Producer
18-14
Managing External Applications
19.1
About External Applications
19-1
19.2
Registering External Applications
19-2
19.2.1
Registering External Applications Using Fusion Middleware Control
19-3
19.2.2
Registering External Applications Using WLST
19-8
19.3
Modifying External Application Connection Details
19.3.1
19.3.2
19.4
19-8
Modifying External Application Connection Using Fusion Middleware
Control
19-8
Modifying External Application Connection Using WLST
19-8
Deleting External Application Connections
19-9
xv
19.4.1
19.4.2
19.5
20
19-9
Deleting External Application Connections Using WLST
19-9
Managing External Applications at Runtime
19-10
19.5.1
Registering External Applications at Runtime
19-10
19.5.2
Editing and Deleting External Applications at Runtime
19-11
Managing REST Services
20.1
About REST Services
20-1
20.2
Performing Required Manual Configurations to Enable REST
20-2
20.2.1
Configuring an Identity Asserter
20-2
20.2.2
Configuring the WebLogic Server Credential Store
20-2
20.3
Understanding Security Tokens
20-2
20.4
Changing the REST Root Name
20-3
20.5
Using Compression
20-3
20.6
Handling Authentication
20-4
Part IV
21
Deleting External Application Connections Using Fusion Middleware
Control
Monitoring
Monitoring WebCenter Portal Performance
21.1
Understanding Oracle WebCenter Portal Performance Metrics
21.1.1
Understanding Oracle WebCenter Portal Metric Collection
21-1
21-2
21.1.1.1
Metric Collection: Since Startup
21-2
21.1.1.2
Metric Collection: Recent History
21-3
21.1.1.3
Metric Collection: Last 'N' Samples
21-4
21.1.2
Understanding the Key Performance Metrics
21-4
21.1.3
Using Key Performance Metric Data to Analyze and Diagnose System
Health
21-6
21.1.4
Understanding Some Common Performance Issues and Actions
21-11
21.1.5
Understanding Page Request Metrics
21-12
21.1.5.1
Understanding Full Page and Partial Page Metrics
21-12
21.1.5.2
Recent Page Metrics
21-13
21.1.5.3
Overall Page Metrics
21-16
21.1.6
Understanding Portlet Producer Metrics
21-18
21.1.6.1
Recent Portlet Metrics
21-18
21.1.6.2
Overall Portlet Producer Metrics
21-21
21.1.6.3
Overall Portlet Metrics
21-24
21.1.7
Understanding WebLogic Server Metrics
21.1.7.1
WebLogic Server Metrics Section
21-29
21-31
xvi
21.1.7.2
Recent CPU and Memory Usage Section
21-34
21.1.7.3
Recent Session and Thread Usage Section
21-34
21.1.7.4
Recent JDBC Usage Section
21-35
21.1.7.5
Health Metrics Section
21-35
21.1.8
Understanding Security Metrics
21-36
21.1.9
Understanding Page Response and Load Metrics
21-37
21.1.10
Understanding Portal Metrics
21-38
21.1.11
Understanding Tool and Service Metrics
21-41
21.2
21.1.11.1
Metrics Common to all Tools and Services
21-41
21.1.11.2
Metrics Specific to a Particular Tool or Service
21-47
21.1.11.3
Troubleshooting Common Issues with Tools and Services
21-75
Viewing Performance Metrics Using Fusion Middleware Control
21.2.1
Monitoring Recent Performance Metrics for WebCenter Portal
21-80
21.2.2
Monitoring Portal Metrics
21-81
21.2.3
Monitoring Page Metrics for WebCenter Portal
21-81
21.2.4
Monitoring Service Metrics for WebCenter Portal
21-82
21.2.5
Monitoring All Metrics Through the Metrics Palette
21-82
21.3
Customizing Key Performance Metric Thresholds and Collection
21-83
21.3.1
Understanding Customization Options for Key Performance Metrics
21-83
21.3.2
Understanding Default Metric Collection and Threshold Settings
21-84
21.3.3
Configuring Thresholds for Key Metrics
21-85
21.3.4
Configuring the Frequency of WebLogic Server Health Checks
21-87
21.3.5
Configuring the Number of Samples Used to Calculate Key
Performance Metrics
21-88
Editing Thresholds and Collection Options for WebCenter Portal
21-89
21.3.6
21.4
22
21-79
Diagnosing and Resolving Performance Issues with Oracle WebCenter
Portal
21-90
21.5
Tuning Oracle WebCenter Portal Performance
21-90
21.6
Monitoring Performance Using WebCenter Portal Performance Pack
21-90
21.7
Improving Data Caching Performance
21-91
21.7.1
Summary of Coherence Cache Types
21-91
21.7.2
Default Coherence Caches in WebCenter Portal
21-92
21.7.3
Overriding the Default Configuration
21-93
Managing WebCenter Portal Logs
22.1
Introduction to Diagnostic Logging
22-1
22.1.1
WebCenter Portal Diagnostics Log
22-2
22.1.2
Oracle WebCenter Portal Message IDs
22-2
22.1.3
Out-Of-Bound Conditions for Oracle WebCenter Portal Performance
Metrics
22-4
22.2
Viewing and Configuring Log Information
22-5
xvii
23
22.2.1
Viewing and Configuring WebCenter Portal Logs
22-5
22.2.2
Viewing and Configuring Error Messages in WebCenter Portal
22-5
Managing WebCenter Portal Audit Logs
23.1
Introduction to Managing Audit Logs
23-1
23.2
Configuring Audit Logging
23-2
23.2.1
Setting the Logging Level
23-2
23.2.2
Configuring the Audit Store Database
23-3
23.3
Using WebCenter Portal Audit Logs
23-3
23.3.2
Querying the Audit Schema
23-5
Administering Security
Managing WebCenter Portal Security
24.1
Introduction to Application Security
24-1
24.2
Default Security Configuration
24-4
24.2.1
Administrator Accounts
24-4
24.2.2
Application Roles and Enterprise Roles
24-4
24.2.3
Default Identity and Policy Stores
24-5
24.2.4
Default Policy Store Permissions and Grants
24-6
24.2.4.1
Permission-based Authorization
24-6
24.2.4.2
Role-mapping Based Authorization
24-6
24.2.4.3
Default Policy Store Permissions for WebCenter Portal
24-7
24.2.4.4
Default Code-based Grants
24-7
24.2.5
25
23-3
23.3.1
Part V
24
Viewing WebCenter Portal Audit Events
Post-deployment Security Configuration Tasks
24-7
Configuring the Identity Store
25.1
Reassociating the Identity Store with an External LDAP Server
25-2
25.2
Configuring the GUID Attribute for External LDAP Identity Stores
25-6
25.3
Adding Users to the Embedded LDAP Identity Store
25-7
25.3.1
25.3.2
25.4
Adding Users to the Identity Store Using the WLS Administration
Console
25-8
Adding Users to the Identity Store Using an LDIF File
25-8
25.3.2.1
Enable External LDAP Access
25-9
25.3.2.2
Create an LDIF File
25-9
25.3.2.3
Add the Users
Moving the Administrator Account to an External LDAP Server
25-11
25-12
xviii
25.4.1
Migrating the Discussions Server to Use an External LDAP
25-13
25.4.2
Changing the Administrator Group Name
25-17
25.5
25.6
25-18
Aggregating Multiple Identity Store LDAP Servers Using libOVD
25-18
25.6.1
Configuring libOVD for Identity Stores with Complete User Profiles
25-19
25.6.2
Configuring libOVD for Identity Stores with Partial User Profiles
25-20
25.6.3
Restoring the Single Authenticator
25-21
25.7
Configuring Dynamic Groups for WebCenter Portal
25-22
25.7.1
Creating a Dynamic Group Using an LDIF File
25-22
25.7.2
Creating a Dynamic Group Using the Oracle Directory Services
Manager
25-23
25.8
26
Configuring Oracle WebCenter Content to Share the WebCenter Portal
Identity Store LDAP Server
Configuring the REST Service Identity Asserter
25-24
25.8.1
Understanding the REST Service Instance and Identity Asserter
25-24
25.8.2
Setting up the Client Application
25-25
25.8.3
Configuring the WLS Trust Service Asserter
25-27
Configuring the Policy and Credential Store
26.1
Creating a root Node
26-2
26.2
Reassociating the Credential and Policy Store Using Fusion Middleware
Control
26-2
26.3
Reassociating the Credential and Policy Store Using WLST
26-2
26.4
Managing Credentials
26-3
26.5
Managing Users and Application Roles
26-3
26.5.1
Granting the WebCenter Portal Administrator Role
26.5.1.1
26.5.1.2
26.5.2
26-4
Granting the WebCenter Portal Administrator Role Using Fusion
Middleware Control
26-4
Granting the WebCenter Portal Administrator Role Using WLST
26-5
Granting Application Roles
26-6
26.5.2.1
Granting Application Roles Using Fusion Middleware Control
26-6
26.5.2.2
Granting Application Roles Using WLST
26-8
26.5.3
Using the Runtime Administration Pages
26-8
26.6
Configuring Self-Registration By Invitation in WebCenter Portal
26-9
26.7
Setting the Policy Store Refresh Interval and Other Cache Settings
26-9
26.7.1
Setting the Policy Store Refresh Interval
26-10
26.7.2
Setting the Connection Pool Cache
26-10
26.7.3
Setting User Cache Settings
26-10
26.7.4
Setting Group Cache Settings
26-11
xix
27
Configuring Single Sign-On
27.1
Introduction to Single Sign-On
27-1
27.2
Configuring Oracle Access Manager
27-2
27.2.1
OAM Components and Topology
27-2
27.2.2
Roadmap to Configuring OAM
27-5
27.2.3
Installing and Configuring OAM 11g
27-6
27.2.3.1
Installing and Configuring OAM 11g
27-6
27.2.3.2
Installing and Configuring Oracle HTTP Server
27-6
27.2.3.3
Configuring Oracle HTTP Server WebGate
27-9
27.2.3.4
Registering the WebGate Agent
27-11
Configuring the WebLogic Domain for OAM
27-15
27.2.4
27.2.4.1
Configuring the Oracle Internet Directory Authenticator
27-15
27.2.4.2
Configuring the OAM Identity Asserter
27-16
27.2.4.3
Configuring the Default Authenticator and Provider Order
27-17
27.2.4.4
Adding an OAM Single Sign-on Provider
27-17
27.2.5
Additional Single Sign-on Configurations
27.2.5.1
Configuring WebCenter Portal for SSO
27-18
27.2.5.2
Configuring the Discussions Server for SSO
27-18
27.2.5.3
Configuring SOA Server Connections for SSO
27-20
27.2.5.4
Configuring OAM for RSS Feeds Using External Readers
27-20
27.2.5.5
Configuring the WebLogic Server Administration Console and
Enterprise Manager for OAM 11g
27-20
27.2.5.6
Configuring Elasticsearch for SSO
27-22
27.2.5.7
Configuring Secure Enterprise Search for SSO
27-22
27.2.5.8
Configuring Content Server for SSO
27-22
27.2.5.9
Restricting Access with Connection Filters
27-22
27.2.5.10
27.2.6
27.3
27-18
Configuring Portlet Producers and Additional Components
27-23
Testing Your OAM Installation
27-23
Configuring SAML-based Single Sign-On
27-24
27.3.1
SAML Components and Topology
27-25
27.3.2
Configuring SAML1.1-based Single Sign-On
27-28
27.3.2.1
SAML Single Sign-on Prerequisites
27-28
27.3.2.2
Configuring SAML-based SSO
27-31
27.3.2.3
Configuring SAML SSO for RSS Using External Readers
27-39
27.3.2.4
Checking Your Configuration
27-39
27.3.2.5
Disabling Your SAML SSO Configuration
27-40
27.3.2.6
Removing Your SAML SSO Configuration
27-40
27.3.3
Configuring SAML 2.0-based Single Sign-On
27-41
27.3.3.1
Creating SAML 2.0 Credential Mapping Provider
27-43
27.3.3.2
Configuring SAML 2.0 Identity Provider Services
27-45
27.3.3.3
Configure SAML 2.0 General Services for Identity Provider
27-46
xx
27.3.3.4
Configuring Service Provider Partner Metadata on SAML Identity
Provider Source Site
27-49
27.3.3.5
Creating SAML 2.0 Identity Assertion Provider
27-50
27.3.3.6
Configuring SAML 2.0 Service Provider Services
27-51
27.3.3.7
Configuring SAML 2.0 General Services for Service Provider
27-52
27.3.3.8
Configuring Identity Provider Metadata on SAML Service
Provider
27-55
Troubleshooting Common Issues with SAML 2.0
27-57
27.3.3.9
27.4
27-57
27.4.1
Microsoft Client SSO Concepts
27-58
27.4.2
System Requirements
27-59
27.4.3
Configuring Microsoft Clients
27-60
27.5
28
Configuring SSO for Microsoft Clients
27.4.3.1
Configuring the Negotiate Identity Assertion Provider
27-61
27.4.3.2
Configuring an Active Directory Authentication Provider
27-62
27.4.3.3
Configuring WebCenter Portal
27-64
27.4.3.4
Configuring the Discussions Server for SSO
27-64
Configuring SSO with Virtual Hosts
27-65
27.5.1
Understanding the Need for a Virtual Host
27-65
27.5.2
Configuring Virtual Hosts for OAM 11g
27-65
Configuring SSL
28.1
Securing the Browser Connection to WebCenter Portal using SSL
28-2
28.1.1
Creating the Custom Keystore
28-2
28.1.2
Configuring the Custom Identity and Custom Trust Keystores
28-4
28.1.3
Configuring the SSL Connection
28-5
28.2
Securing the Connection from Oracle HTTP Server to WebCenter Portal with
SSL
28-6
28.2.1
Wiring the WebCenter Portal Ports to the HTTP Server
28-6
28.2.2
Configuring the SSL Certificates
28-7
28.3
Securing the Browser Connection to Discussions with SSL
28-8
28.3.1
Creating the Custom Keystore for Discussions
28.3.2
Configuring the Identity and Trust Keystore for Discussions
28-10
28.3.3
Configuring and Securing the SSL Connection for Discussions
28-11
Securing the WebCenter Portal Connection to Portlet Producers with SSL
28-12
28.4
28-9
28.4.1
Creating the Custom Keystores for Portlet Producers
28-12
28.4.2
Configuring the Identity and Trust Keystores for Portlet Producers
28-13
28.4.3
Configuring the SSL Connection for Portlet Producers
28-14
28.4.4
Registering the SSL-enabled WSRP Producer and Running the
Portlets
28-15
28.5
Securing the WebCenter Portal Connection to the LDAP Identity Store
28.5.1
Exporting the OID Certificate Authority (CA)
28-16
28-16
xxi
28.6
Enabling the SSL in OID
28-16
28.5.1.2
Importing the OID Certificate
28-18
28.5.1.3
Establishing the SSL Connections
28-19
Securing the WebCenter Portal Connection to Content Server with SSL
28-20
28.6.1
Configuring a Keystore and Key on the WebCenter Portal (Client) Side
28.6.2
Configuring a Keystore and Key on the Content Server Side
28-21
28.6.3
Verifying Signatures of Trusted Clients
28-22
28.6.4
Securing Identity Propagation
28-22
28-20
28.7
Securing the WebCenter Portal Connection to IMAP and SMTP with SSL
28-23
28.8
Securing the Connection to Oracle SES with SSL
28-24
28.8.1
Securing Oracle SES with SSL
28-24
28.8.2
Securing the Connection to Oracle SES with SSL
28-26
28.9
29
28.5.1.1
Securing the WebCenter Portal Connection to an External BPEL Server with
SSL
28-27
Configuring Web Services Security
29.1
Configuring WS-Security for a Typical Topology
29-2
29.1.1
Creating the WebCenter Portal Domain Keystore
29-2
29.1.2
Creating the SOA Domain Keystore
29-3
29.1.3
Configuring the Discussions Server
29-7
29.1.3.1
29.2
Attaching Security Policies for WebCenter Portal and
Discussions Web Service Endpoints
29-7
29.1.3.2
Securing the Discussions End Points
29-8
29.1.3.3
Configuring the Discussions Server Connection Settings
Configuring WS-Security for Multiple Domains
29-13
29-13
29.2.1
Setting Up the WebCenter Portal Domain Keystore
29-14
29.2.2
Creating the SOA Domain Keystore
29-14
29.2.3
Configuring an External Discussions Server
29-14
29.2.3.1
Securing the Discussions Service End Points
29-15
29.2.3.2
Creating the Discussions Server Keystore
29-15
29.2.3.3
Configuring the Discussions Server Connection Settings
29-17
29.2.4
29.3
Creating the External Portlet Domain Keystore
Securing WebCenter Portal for Applications Consuming WebCenter Portal
Client API with WS-Security
29.3.1
29.3.2
29-18
29-19
Configuring a Typical Topology for Applications Consuming
WebCenter Portal Client API
29-20
Configuring a Multiple Domain Topology for Applications Consuming
the WebCenter Portal Client API
29-20
29.4
JKS Command Summary for a Typical Topology
29-20
29.5
JKS Command Summary for Extensions to a Typical Topology
29-21
xxii
30
Configuring Security for Portlet Producers
30.1
Securing a WSRP Producer
30.1.1
Deploying the Producer
30-1
30.1.2
Attaching a Policy to the Producer Endpoint
30-1
30.1.3
Setting Up the Keystores
30-5
Securing a PDK-Java Producer
30-5
30.2
30.2.1
Defining a Shared Key as a Password Credential
30.2.1.1
31
30-5
Defining a Shared Key Using Fusion Middleware ControlFusion
Middleware Control
30-5
30.2.1.2
Defining a Shared Key Using WLST
30-6
30.2.1.3
Registering an Oracle PDK-Java Producer with a Shared Key
30-7
Managing Impersonation
31.1
Introduction to WebCenter Portal Impersonation
31-1
31.1.1
About WebCenter Portal Impersonation
31-1
31.1.2
Best Practices for Using WebCenter Portal Impersonation
31-2
31.2
Preparing WebCenter Portal for Impersonation
31-2
31.2.1
WebCenter Portal Impersonation Requirements
31-3
31.2.2
Turning on Impersonation in OAM
31-3
31.2.3
Adding Impersonation Attributes to the Identity Store
31-3
31.2.3.1
Adding Impersonation Attributes for Individual Users
31-4
31.2.3.2
Adding Impersonation Attributes for Multiple Users
31-4
31.3
Configuring WebCenter Portal for Impersonation
31-5
31.4
Configuring Impersonators
31-6
31.5
Disabling Impersonation
31-7
31.6
Turning off the Session Indicator
31-7
31.7
Overriding the Impersonation Hotkey
31-8
31.8
Managing Audit Logs for WebCenter Portal Impersonation
31-9
Part VI
32
30-1
Administering WebCenter Portal Lifecycle
Understanding theWebCenter Portal Lifecycle
32.1
What Is the WebCenter Portal Life Cycle?
32-1
32.2
What Are the Major WebCenter Portal Lifecycle Tasks?
32-3
32.2.1
One-Time Setup Tasks
32-4
32.2.2
Understanding WebCenter Portal Staging and Production
Environments
32-4
Lifecycle Tasks
32-6
32.2.3
xxiii
33
32.3
Permissions Required to Perform WebCenter Portal Lifecycle Operations
32.4
Managing Security Through the WebCenter Portal Lifecycle
32-9
32-10
Deploying Portals, Templates, Assets, and Extensions
33.1
Deploying Portals
33-1
33.1.1
About Portal Deployment
33-2
33.1.2
Directly Deploying Portals Using WebCenter Portal
33-5
33.1.2.1
Creating a Portal Server Connection
33-5
33.1.2.2
Deploying a Portal Using WebCenter Portal
33-6
33.1.2.3
Viewing Portal Deployment History
33-8
33.1.3
Step 1: Complete Prerequisites for Direct Portal Deployment
33.1.3.2
Step 2: Run deployWebCenterPortal in the Source Environment
33-10
33.1.3.3
Step 3: Verify Newly Deployed Portal in the Target Environment
33-10
Deploying Portal Archives
33-9
33-11
33.1.4.1
Understanding Portal Archives
33-11
33.1.4.2
Securing Archives
33-18
33.1.4.3
Exporting and Importing Portal Archives
33-20
33.1.4.4
Exporting Portals to an Archive
33-20
33.1.4.5
Importing Portals from an Archive
33-25
33.1.4.6
Viewing and Extracting Portal Archives
33-32
Deploying Portal Templates
33.2.1
Exporting Portal Templates
33.2.1.1
33.2.1.2
33.2.2
33.2.2.2
33-33
33-33
Exporting Portal Templates to an Archive Using WLST
33-33
33-34
Importing Portal Templates from an Archive Using WebCenter
Portal
33-34
Importing Portal Templates from an Archive Using WLST
33-34
Deploying Assets
33.3.1
33-32
Exporting Portal Templates to an Archive Using WebCenter
Portal
Importing Portal Templates
33.2.2.1
33.3
33-9
33.1.3.1
33.1.4
33.2
Directly Deploying Portals Using WLST
Exporting Assets, Devices, and Device Groups to an Archive
33-35
33-36
33.3.1.1
Exporting Assets to an Archive from WebCenter Portal
33-37
33.3.1.2
Exporting Devices and Device Groups to an Archive
33-37
33.3.1.3
Exporting an Asset, Device, or Device Group to an Archive
Using WLST
33-38
Exporting Assets Using REST API
33-39
33.3.1.4
33.3.2
Importing Assets from an Archive
33-39
33.3.2.1
About Permissions Required to Import (or Export) Assets
33-39
33.3.2.2
Importing Assets from an Archive using WebCenter Portal
33-40
33.3.2.3
Importing Devices and Device Groups Using WebCenter Portal
33-40
xxiv
33.3.2.4
Importing Assets from an Archive using WLST
33-40
33.3.2.5
Importing Assets Using REST API
33-41
33.4
Deploying Custom Shared Library Extensions
33-42
33.5
Moving Connections Details from Staging to Production
33-42
33.5.1
Exporting WebCenter Portal Connections Details to a File
33-43
33.5.2
Importing New WebCenter Portal Connections from a File
33-43
33.6
33-44
33.6.1
Exporting Portal Discussions to an Archive
33-44
33.6.2
Importing Portal Discussions from an Archive
33-46
Propagating and Redeploying Portals in Production
33-49
33.7
34
Migrating Discussions and Pagelet Producer Resources for a Portal
33.7.1
Understanding Portal Propagation
33-50
33.7.2
Propagating Portal Changes Using WebCenter Portal
33-51
33.7.3
Propagating Portal Changes Using WLST
33-53
33.7.4
Redeploying a Portal Using WebCenter Portal
33-53
Managing WebCenter Portal Backup, Recovery, and Cloning
34.1
Understanding WebCenter Portal Back Up and Recovery
34-2
34.2
Comparing Back up, Recovery, and Migration Tools for WebCenter Portal
34-2
34.3
Backing Up Individual Portals
34-5
34.3.1
Backing Up Portals Using WLST
34-5
34.3.2
Backing Up Discussions and External Data for a Portal
34-6
34.4
Restoring Portals from a Backup
34-7
34.4.1
Restoring Portals from an Archive Using WLST
34-7
34.4.2
Restoring Discussions and External Data for a Portal
34-8
34.5
Backing Up an Entire WebCenter Portal Installation
34.5.1
Backing Up and Restoring All WebCenter Portal Schema Data
34-8
34-9
34.5.1.1
Prerequisites
34-9
34.5.1.2
Back Up (Export) WebCenter Portal Schema Data
34-9
34.5.1.3
Restore (Import) WebCenter Portal Data
34.5.2
Backing Up and Restoring All MDS Schema Data
34-10
34-12
34.5.2.1
Prerequisites
34-12
34.5.2.2
Back Up (Export) All MDS Schema Data
34-12
34.5.2.3
Restore (Import) MDS Schema Data
34-13
34.5.3
Backing Up and Restoring All WebCenter Content Data
34-14
34.5.4
Backing up and Restoring Discussion Schema Data
34-14
34.5.4.1
Prerequisites
34-15
34.5.4.2
Back Up (Export) All Discussions Schema Data
34-15
34.5.4.3
Restore (Import) Discussions Schema Data
34-16
34.5.5
34.5.6
Backing up and Restoring Other Schema Data (ACTIVITIES and
PORTLET)
34-18
Backing Up and Restoring LDAP Identity Store
34-20
xxv
34.5.7
Backing Up and Restoring Policy Stores (LDAP and Database)
34-20
34.5.8
Backing Up and Restoring Credential Stores (LDAP and Database)
34-21
34.5.9
Backing Up and Restoring a WebCenter Portal Domain
34-21
34.5.10
Backing Up and Restoring Portlet Producer Metadata
34-21
34.5.10.1
Backing Up (Exporting) Portlet Client Metadata
34-22
34.5.10.2
Restoring (Importing) Portlet Client Metadata
34-22
34.5.11
Backing Up and Restoring Pagelet Producer Metadata
34-22
34.5.12
Backing Up and Restoring Analytics Metadata
34-23
34.5.13
Backing Up and Restoring Audit Repository Configuration
34-23
34.6
Migrating Entire WebCenter Portal to Another Target
34-23
34.6.1
Understanding Import and Export for WebCenter Portal
34-23
34.6.2
Prerequisites for WebCenter Portal Export and Import
34-27
34.6.3
Exporting WebCenter Portal to an Archive
34-28
34.6.3.1
Exporting WebCenter Portal Using Fusion Middleware Control
34-28
34.6.3.2
Exporting WebCenter Portal Using WLST
34-30
34.6.4
Importing a WebCenter Portal Archive
34-30
34.6.4.1
Importing WebCenter Portal Using Fusion Middleware Control
34-31
34.6.4.2
Importing WebCenter Portal Using WLST
34-32
34.6.4.3
Verifying WebCenter Portal After Import
34-32
34.7
Restoring an Entire WebCenter Portal Installation
34-32
34.8
Using Scripts to Back Up and Restore WebCenter Portal
34-34
34.8.1
34-34
34.8.1.1
master_script.sh
34-35
34.8.1.2
wlst_script.py
34-40
34.8.1.3
backup.properties and restore.properties Files
34-42
34.8.2
Using Scripts to Back Up WebCenter Portal
34-48
34.8.2.1
Create Back Up Scripts
34-49
34.8.2.2
Complete Prerequisite Tasks for Security Store Back Up
34-49
34.8.2.3
Set Back Up Parameters and Customize Scripts
34-50
34.8.2.4
Run the Back Up Script
34-51
34.8.2.5
Verify Back Up Archives
34-51
34.8.2.6
Schedule Regular Back Ups Using the Scripts
34-52
Restoring WebCenter Portal from Backups Using Scripts
34-52
34.8.3
34.9
Understanding Back Up and Restore Script Files
34.8.3.1
Create Restore Scripts
34-52
34.8.3.2
Restore Database Schemas Manually
34-52
34.8.3.3
Complete Prerequisite Tasks for Security Store Restore
34-54
34.8.3.4
Set Restore Script Parameters
34-55
34.8.3.5
Run the Restoration Script
34-55
34.8.3.6
Verify Restored Data
34-55
Cloning a WebCenter Portal Environment
34-56
xxvi
Part VII
35
Administering Multilanguage Portals
Managing a Multilanguage Portal
35.1
About Languages in WebCenter Portal
35.1.1
37
38
35-3
35.2
Modifying and Translating Strings at the Application Level
35-4
35.3
Translating Strings for a Portal
35-6
35.4
Modifying and Adding Translations for a Specific String of a Portal
35-8
35.5
Adding Support for a New Language to WebCenter Portal
Part VIII
36
Languages Supported Out-of-the-Box by WebCenter Portal
35-1
35-10
Administering Portals in WebCenter Portal
Exploring the Settings Pages in WebCenter Portal Administration
36.1
Working with WebCenter Portal Administration Settings
36-1
36.2
Accessing the Settings Pages in WebCenter Portal Administration
36-3
Exploring the Portals Page in WebCenter Portal Administration
37.1
About the Portals Page in WebCenter Portal Administration
37-2
37.2
Accessing the Portals Page in WebCenter Portal Administration
37-2
37.3
Sorting the Portals Listing
37-4
37.4
Creating a Portal
37-5
37.5
Exporting and Importing a Portal
37-5
37.6
Viewing Information About Any Portal
37-5
37.7
Sharing the Link to a Portal
37-7
37.8
Closing Any Portal
37-8
37.9
Reactivating Any Portal
37-9
37.10
Taking Any Portal Offline
37-9
37.11
Bringing Any Portal Back Online
37-10
37.12
Deleting a Portal
37-11
Configuring Global Defaults Across Portals
38.1
Customizing the Name and Logo in the Home Portal
38-2
38.2
Choosing a Default Page Template
38-3
38.3
Choosing a Default Skin
38-5
38.3.1
38.4
Applying a Skin for WebCenter Portal
Choosing Default Resource Catalogs
38-6
38-7
xxvii
38.5
Customizing Copyright and Privacy Statements
38.6
Customizing the Online Help Link
38-10
38.7
Choosing a Default Display Language
38-11
38.7.1
38.8
Customizing the Language List
38-13
Choosing a Default Start (or Landing) Page
38-14
38.8.1
Specifying a Default Start Page for Groups
38-16
38.8.2
Specifying a Default Start Page for Authenticated Users
38-18
38.8.3
Specifying a Default Start Page for Public Users
38-19
38.9
38.10
39
38-8
Specifying Session Timeout Settings
Enabling Self-Registration
38-21
38-23
38.10.1
About Self-Registration
38-23
38.10.2
Enabling Anyone to Self-Register
38-25
38.10.3
Enabling Self-Registration By Invitation-Only
38-27
38.11
Choosing a Default Look and Feel for New Pages
38-28
38.12
Enabling and Disabling Access to the Home Portal
38-28
38.13
Setting Up Defaults for WebCenter Portal Tools and Services
38-30
38.14
Adding a List of Valid External URLs
38-30
Managing Security Across Portals
39.1
About WebCenter Portal Security
39-1
39.2
About Users
39-4
39.3
About Application Roles and Permissions
39-5
39.3.1
About Application Roles
39-5
39.3.1.1
Default Application Roles
39-6
39.3.1.2
Custom Application Roles
39-8
39.3.2
About Application Permissions
39-9
39.3.2.1
Understanding Application Permissions
39-9
39.3.2.2
Default Application Permissions Assignments to Application
Roles
39-12
39.3.2.3
Understanding Discussion Server Role Mapping
39-15
39.3.2.4
Understanding Enterprise Group Role Mapping
39-16
39.4
About Roles and Permissions Within a Portal
39-17
39.5
Managing Users
39-17
39.5.1
Adding and Removing Users
39-18
39.5.2
Assigning Users (and Groups) to Application Roles
39-18
39.5.3
Assigning a User to a Different Application Role
39-21
39.5.4
Revoking Application Roles
39-23
39.6
Managing Application Roles and Permissions
39-24
39.6.1
Viewing Application Roles and Permissions
39-24
39.6.2
Defining Application Roles
39-26
39.6.3
Modifying Application Role Permissions
39-27
xxviii
39.6.3.1
Granting Permissions to the Public-User
39-28
39.6.3.2
Granting Permissions to the Authenticated-User
39-28
39.6.3.3
Granting Permissions to the Portal Creator
39-29
39.6.4
40
41
39-29
Working with Global Attributes Across Portals
40.1
About Global Attributes
40-1
40.2
Adding a Global Attribute
40-2
40.3
Editing a Global Attribute
40-3
40.4
Deleting a Global Attribute
40-4
Customizing System Pages
41.1
About System Pages
41.1.1
41.2
42
Deleting Application Roles
41-2
About Built-In System Pages
41-2
Customizing System Pages for All Portals
41-6
41.2.1
Creating a Page Variant of a System Page for Device Groups
41.2.2
Managing a Page Variant of a System Page for Device Groups
41-7
41-11
41.3
Setting System Page Properties
41-11
41.4
Removing All Page Customizations from a System Page
41-14
Managing Business Role Pages
42.1
About Business Role Pages
42.1.1
About Built-In Business Role Pages
42-1
42-2
42.2
Setting Page Creation Defaults for Business Role Pages
42-3
42.3
Creating a Business Role Page
42-5
42.4
Specifying the Target Audience for a Business Role Page
42-7
42.4.1
Setting Access on a Custom Business Role Page
42-8
42.4.2
Providing Public Access to a Custom Business Role Page
42-11
42.4.3
Setting Access on a Built-in Business Role Page
42-12
42.5
Revoking Access to a Custom Business Role Page
42-14
42.6
Showing and Hiding Business Role Pages
42-14
42.7
Setting a Default Display Order for Business Role Pages
42-15
42.8
Editing a Business Role Page
42-17
42.9
Editing the Source of a Business Role Page
42-18
42.10
Copying a Business Role Page
42-19
42.11
Removing All User Customizations from a Business Role Page
42-21
42.12
Deleting a Custom Business Role Page
42-21
xxix
43
Managing Personal Pages
43.1
About Personal Page Administration
43-1
43.2
Setting Application-Level Page Creation Defaults for Personal Pages
43-2
43.3
Preventing Users from Creating Personal Pages
43-2
43.4
Providing Navigation to Personal Pages
43-3
43.5
Changing Access Permissions on a Personal Page
43-3
43.6
Editing a Personal Page
43-6
43.7
Editing the Source of a Personal Page
43-7
43.8
Copying a Personal Page
43-8
43.9
Removing All User Customizations from a Personal Page
43-9
43.10
44
Deleting a Personal Page
43-10
Administering Device Settings
44.1
About Device Settings
44-1
44.1.1
Introduction to Device Settings
44-2
44.1.2
What Are Devices?
44-2
44.1.3
What Are Device Groups?
44-3
44.1.4
Other Related Concepts
44-4
44.1.5
Basic Use Case: Adding Support for a New Device
44-5
44.1.6
Understanding How Device Settings are Applied
44-6
44.2
Creating and Managing Devices
44-7
44.2.1
Creating a New Device
44-7
44.2.2
Editing a Device
44-9
44.2.3
Copying a Device
44-10
44.2.4
Filtering the List of Devices
44-10
44.2.5
Deleting a Device
44-10
44.3
Creating and Managing Device Groups
44-11
44.3.1
Creating a Device Group
44-12
44.3.2
Editing a Device Group
44-13
44.3.3
Copying a Device Group
44-14
44.3.4
Showing and Hiding Device Groups
44-15
44.3.5
Setting a Default Device Group
44-16
44.3.6
Ordering Device Groups
44-16
44.3.7
Filtering Device Groups
44-17
44.3.8
Deleting a Device Group
44-17
44.4
Enabling Page Variants for Device Groups
44-18
44.5
Managing Device and Device Group Lifecycles
44-19
44.5.1
Downloading a Device Group or Device
44-19
44.5.2
Uploading a Device Group or Device
44-20
44.6
Previewing Devices
44-20
xxx
45
46
44.7
Guidelines and Best Practices for Device Settings
44-21
44.8
Discovering Device Attributes: A Sample Task Flow
44-21
Customizing Task Flows
45.1
About Task Flow Customization at the Application Level
45-1
45.2
Customizing Task Flows at the Application Level
45-2
45.3
Removing Task Flow Customizations
45-6
Analyzing Portal Usage
46.1
About the Analytics Task Flows and Service
46-1
46.2
About the Analytics Administration Page
46-2
46.3
Working with Analytics Task Flows
46-3
46.3.1
46-3
46.3.1.1
WebCenter Traffic
46-4
46.3.1.2
Page Traffic (Administrator)
46-4
46.3.1.3
Login Metrics (System Administrator)
46-4
46.3.1.4
Portal Traffic (System Administrator)
46-5
46.3.1.5
Portal Response Time (System Administrator)
46-5
46.3.1.6
Portlet Traffic (Administrator)
46-6
46.3.1.7
Portlet Instance Traffic (Administrator)
46-6
46.3.1.8
Portlet Response Time (Administrator)
46-7
46.3.1.9
Portlet Instances Response Time (Administrator)
46-7
46.3.1.10
Search Metrics
46-7
46.3.1.11
Document Metrics (System Administrator)
46-7
46.3.1.12
Wiki Metrics (System Administrator)
46-8
46.3.1.13
Blog Metrics (System Administrator)
46-9
46.3.1.14
Discussion Forum Metrics (System Administrator)
46-9
46.3.2
Adding Analytics Task Flows to a Page
46-10
46.3.3
Customizing Analytics Reports
46-10
46.3.4
Personalizing Your Analytics Report
46-10
46.3.4.1
Report Display Options
46-11
46.3.4.2
Query Options
46-13
46.3.5
Part IX
Understanding Analytics Task Flows
Setting Analytics Task Flow Properties
46-14
46.3.5.1
About the Analytics Service Task Flow Properties
46-15
46.3.5.2
Analytics Service Task Flow Parameters
46-15
Appendixes
xxxi
A
Managing Announcements and Discussions
A.1
About Discussions Server Connections
A-2
A.2
Discussions Server Prerequisites
A-2
A.2.1
Discussions Server - Installation
A-3
A.2.2
Discussions Server - Configuration
A-3
A.2.3
Discussions Server - Security Considerations
A-4
A.2.4
Discussions Server - Limitations
A-6
A.3
Registering Discussions Servers
A.3.1
Registering Discussions Servers Using Fusion Middleware Control
A.3.2
Registering Discussions Servers Using WLST
A.4
Choosing the Active Connection for Discussions and Announcements
A.4.1
A.4.2
A.5
A.5.2
A.6
A.6.2
A-11
Choosing the Active Discussion for Discussions and
Announcements Using WLST
A-12
A-12
Modifying Discussions Server Connection Details Using Fusion
Middleware Control
A-12
Modifying Discussions Server Connection Details Using WLST
A-13
A-13
Deleting a Discussions Server Connection Using Fusion
Middleware Control
A-13
Deleting a Discussions Server Connection Using WLST
A-14
A.7
Setting Up Discussions Defaults
A-14
A.8
Setting Up Announcements Defaults
A-14
A.9
Testing Discussions Server Connections
A-15
A.10
Granting Administrator Permissions on the Discussions Server
A-15
A.11
Granting Administrator Role on the Discussions Server
A-15
A.11.1
Granting the Discussions Server Administrator Role Using WLST
A-15
A.11.2
Granting the Discussions Server Administrator Role Using the
Admin Console
A-16
Revoking the Discussions Server Administrator Role
A-16
A.11.3
A.12
Configuring Discussion Forum Options for WebCenter Portal
A-17
A.12.1
Accessing the Discussions Server Admin Console
A-18
A.12.2
Specifying Where Discussions and Announcements are Stored on
the Discussions Server
A-20
Choosing How Many Discussion Topics to Save In Portal
Templates
A-21
A.12.3
B
A-10
A-11
Deleting Discussions Server Connections
A.6.1
A-7
Choosing the Active Connection for Discussions and
Announcements Using Fusion Middleware Control
Modifying Discussions Server Connection Details
A.5.1
A-7
Managing Oracle Secure Enterprise Search in WebCenter Portal
B.1
About Search with Oracle SES
B-1
xxxii
B.2
Configuration Roadmap for Oracle SES in WebCenter Portal
B-3
B.3
Prerequisites for using Oracle SES
B-6
B.4
B.5
B.6
C
B.3.1
Oracle SES – Installation
B-6
B.3.2
Oracle SES – Configuration
B-6
B.3.3
Oracle SES – Security
B-9
Setting Up Oracle SES Connections
B-9
B.4.1
Testing the Connection to Oracle SES
B-9
B.4.2
Registering Oracle Secure Enterprise Search Servers
B-9
B.4.3
Choosing the Active Oracle SES Connection
B-12
B.4.4
Modifying Oracle SES Connection Details
B-13
B.4.5
Deleting Oracle SES Connections
B-15
Configuring Oracle SES to Search WebCenter Portal
B-16
B.5.1
Setting Up WebCenter Portal for Oracle SES
B-16
B.5.2
Setting Up Oracle WebCenter Content Server for Oracle SES
B-21
B.5.3
Setting Up Oracle WebCenter Portal Discussion Server for Oracle
SES
B-26
B.5.4
Setting Up Oracle SES to Search WebCenter Portal
B-26
B.5.5
Configuring Oracle SES Version Using WLST
B-43
B.5.6
Configuring Search Crawlers Using WLST
B-43
Managing Search in WebCenter Portal Administration
B-44
Oracle WebCenter Portal Configuration
C.1
Configuration Files
C-1
C.1.1
adf-config.xml and connections.xml
C-1
C.1.2
web.xml
C-6
C.1.3
webcenter-config.xml
C-7
C.2
Cluster Configuration
C-8
C.3
Configuration Tools
C-8
C.4
Modifying the File Upload Size in Content Manager
D
Third-Party Product Support
E
Migrating Wiki Content to WebCenter Portal
E.1
E.2
Understanding Wiki Documents and Wiki Pages
C-10
E-1
E.1.1
Understanding Wiki Documents
E-1
E.1.2
Understanding Wiki Pages
E-2
Migrating Data from the Source Wiki Application to WebCenter Portal
E.2.1
Preparing WebCenter Portal for Importing Wiki Content
E-3
E-3
xxxiii
E.2.2
E.2.3
E.2.4
F
E-4
Using the Document Migration Utility to Import the Archive into the
Target Portal
E-12
Creating Wiki Pages in WebCenter Portal for the Content in
WebCenter Content Server
E-16
Migrating Folders_g to FrameworkFolders
F.1
Understanding Folders_g Migration to FrameworkFolders
F-1
F.2
Understanding the Folders_g and FrameworkFolders Directory Structure
F-2
F.3
Migrating WebCenter Portal Data
F-4
F.4
G
Writing and Running a Custom Wiki Extraction Tool to Extract
Content from the Wiki Application
F.3.1
Migration Roadmap
F-4
F.3.2
Running exportFoldersGData to Generate the Pre-Migration Data
F-5
F.3.3
Migrating WebCenter Portal MetaData to FrameworkFolders
F-6
F.3.4
Running migrateFoldersGDataToFrameworkFolders to Validate the
Migrated Data
Troubleshooting Migration Issues
F-10
F-11
Troubleshooting WebCenter Portal
G.1
Using My Oracle Support for Additional Troubleshooting Information
G-2
G.2
Troubleshooting Oracle WebCenter Portal Configuration Issues
G-2
G.3
G.2.1
Configuration Options Unavailable
G-2
G.2.2
Logs Indicate Too Many Open Files
G-3
Troubleshooting Oracle WebCenter Portal WLST Command Issues
G.3.1
No Oracle WebCenter Portal WLST Commands Work
G-3
G.3.2
WLST Commands Do Not Work for a Particular Tool or Service
G-4
G.3.3
Connection Name Specified Already Exists
G-5
G.3.4
WLST Shell is Not Connected to the WebLogic Server
G-5
G.3.5
More Than One Application with the Same Name Exists in the
Domain
G-6
More Than One Application with the Same Name Exists on a
Managed Server
G-6
Already in Domain Runtime Tree Message Displays
G-7
Troubleshooting Oracle WebCenter Portal Performance Issues
G-7
G.3.6
G.3.7
G.4
G.5
G-3
G.4.1
About Performance Monitoring and Troubleshooting Tools
G-7
G.4.2
How to Identify Slow Pages
G-9
G.4.3
How to Identify Slow Page Components
G-9
G.4.4
How to Troubleshoot Slow Page Requests
G-13
G.4.5
How to Troubleshooting Requests using JRockit Flight Recordings
G-17
Troubleshooting WebCenter Portal Workflows
G.5.1
Email Notifications Not Working
G-19
G-19
xxxiv
G.6
G.5.2
Validating the WebCenter Portal Workflow Configuration
G-20
G.5.3
Troubleshooting Issues with WebCenter Portal Workflows
G-20
Troubleshooting WebCenter Portal Import and Export
G.6.1
ResourceLimitException Issue
G-22
G.6.2
LockRefreshTask Issue
G-22
G.6.3
Portals and Portal Templates Not Available After Import
G-23
G.6.4
Unable to Migrate Portals or Documents If the Source and Target
Applications Share the Same Content Server
G-23
Target Portal Server Shown As Unavailable When Creating a
Connection
G-23
Troubleshooting Individual Portal and Portal Template Import and Export
G-24
G.6.5
G.7
G.8
G.9
G-22
G.7.1
Portal Blocked After Unsuccessful Export or Import
G-24
G.7.2
Page or Portal Not Found Message After Import
G-24
G.7.3
Portal Import Archive Exceeds Maximum Upload File Size
G-24
G.7.4
Maximum Number of Portals Exceeded on Export
G-25
G.7.5
Lists Not Imported Properly
G-25
G.7.6
Exporting and Importing Portals with Tools and Services
Configured
G-25
G.7.7
Tools and Services Disabled After Import
G-26
G.7.8
Importing from the Subportals Page
G-26
G.7.9
Unable to Import a Portal If the Source and Target Applications
Share the Same Content Server
G-27
G.7.10
Shared Library Changes Not Available after Portal Deployment
G-27
G.7.11
Members Not Listed in an Imported Portal
G-27
G.7.12
Deployment Messages Not Displayed in the Browser Locale
G-28
Troubleshooting Issues with Mail
G-28
G.8.1
Mail is Not Accessible in Secure Mode
G-28
G.8.2
Mail is Not Accessible in Non-Secure Mode
G-28
G.8.3
Unable to Create Distribution Lists in the Non-Secure Mode
G-29
G.8.4
Unable to Create Distribution Lists in the Secure Mode
G-29
G.8.5
Provisioning of Mail Fails in a Portal (Default Distribution List not
Created)
G-29
G.8.6
Unable to Configure the Number of Mail Messages Downloaded
G-30
G.8.7
Unable to Publish and Archive WebCenter Portal Mail
G-30
G.8.8
Changing Passwords on Microsoft Exchange
G-30
Troubleshooting Issues with Announcements and Discussions
G-31
G.9.1
Authentication Failed
G-31
G.9.2
Discussions Cannot Be Enabled in WebCenter Portal
G-32
G.9.3
Login Failed
G-32
G.9.4
Login Does Not Function Properly After Configuring Oracle Access
Manager
G-33
Category Not Found Exceptions
G-33
G.9.5
xxxv
G.9.6
Watched Topics and Recent Topics Not Displaying Topics From
Multiple Discussion Forums
G-33
G.9.7
Discussion and Announcement Updates Not Displayed
G-34
G.9.8
Announcements Page Displays "User Is Not Authorized"
G-34
G.9.9
Discussions Page Displays "User Is Not Authorized"
G-34
G.10
Troubleshooting Issues with Events
G-34
G.11
Troubleshooting Issues with Users and Roles
G-35
G.12
Troubleshooting Issues with Content Repositories
G-35
G.12.1
Documents Tools Unavailable in WebCenter Portal
G-35
G.13
Troubleshooting Issues with Analytics
G-37
G.14
Troubleshooting Issues with Oracle SES
G-38
G.14.1
No Search Results Found
G-38
G.14.2
Search Failure Errors
G-41
G.14.3
Cannot Grant View Permissions to WebCenter Portal
G-41
G.14.4
Restricting Oracle SES Results by Source Group or Source Type
G-41
G.14.5
Search Results Do Not Include Secured Resources
G-42
G.14.6
Search Results Do Not Include Documents
G-43
G.14.7
Search Results Do Not Include Discussions and Announcements
G-43
G.14.8
Search Results Do Not Include Recently Added Resources
G-44
G.14.9
Search Results Do Not Reflect Authorization Changes
G-44
G.14.10
Search Results Do Not Include Resources Available to Wide
Audience
G-44
G.15
Troubleshooting Issues with Notifications
G-44
G.16
Troubleshooting External Application Issues
G-46
G.16.1
G.17
Users Experience Password Lockout
Troubleshooting Security Configuration Issues
G.17.1
G-46
G-46
WebCenter Portal Application Does Not Find Users in LDAP
Provider
G-46
G.17.2
Portal Created with Errors When Logged in as OID User
G-47
G.17.3
Users Cannot Self-Register when WebCenter Portal Configured
with Active Directory
G-47
G.17.4
User Made Administrator Does Not Have Administrator Privileges
G-47
G.17.5
OmniPortlet Producer Authorization Exception in SSO
Environment
G-48
Deploying the SAML SSO-specific Discussions EAR file Produces
an Exception
G-48
G.17.7
Configuring SAML Single Sign-on Produces 403 Error
G-48
G.17.8
Impersonation Session Produces Error with OAM 11.1.2.2.0
G-50
G.17.6
G.18
Troubleshooting Issues with External Links
G-50
G.19
Troubleshooting Issues with Elasticsearch
G-50
G.19.1
Profile Crawling Fails with 401 Error
G-50
xxxvi
Preface
This guide explains how to administer Oracle WebCenter Portal, including how to start,
stop, and configure WebCenter Portal components, configure back-end servers and
security, monitor performance, and also how to back up, recover, and migrate portal
deployments and services.
Topics:
•
Audience
•
Documentation Accessibility
•
Related Documents
•
Conventions
Audience
This guide is intended for system administrators responsible for configuring Oracle
WebCenter Portal. For a complete description of these roles and other WebCenter
Portal personas, refer to Who's Who.
This guide assumes that the audience is familiar with the concepts and content
described in Administering Oracle Fusion Middleware.
Documentation Accessibility
For information about Oracle's commitment to accessibility, visit the Oracle
Accessibility Program website at http://www.oracle.com/pls/topic/lookup?
ctx=acc&id=docacc.
Access to Oracle Support
Oracle customers that have purchased support have access to electronic support
through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/
lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs
if you are hearing impaired.
Related Documents
Documentation for Oracle WebCenter Portal is available in the Oracle Fusion
Middleware library on the Oracle Help Center.
Conventions
The following text conventions are used in this document:
xxxvii
Preface
Convention
Meaning
boldface
Boldface type indicates graphical user interface elements associated
with an action, or terms defined in text or the glossary.
italic
Italic type indicates book titles, emphasis, or placeholder variables for
which you supply particular values.
monospace
Monospace type indicates commands within a paragraph, URLs, code
in examples, text that appears on the screen, or text that you enter.
xxxviii
Who's Who
The WebCenter Portal documentation is organized so that the tasks in a particular
guide address a specific user persona. Each persona is associated with a set of skills
required to work with WebCenter Portal, from basic to advanced.
This preface introduces you to the WebCenter Portal personas and describes the
ways in which they might interact with WebCenter Portal. Each persona is assigned a
default role provided out-of-the-box with WebCenter Portal. The default roles are given
a unique set of permissions appropriate for the work that each persona will typically
do. Note that you can modify these default roles or configure new roles to meet the
unique needs of your organization.
The people who interact with WebCenter Portal typically work together as a team that
is comprised of the following personas:
•
Knowledge Worker
•
Application Specialist
•
Web Developer
•
Developer
•
System Administrator
This guide is aimed at the system administrator persona.
Knowledge Worker
Karen is a knowledge worker who typically uses WebCenter Portal to contribute and
review content, participate in social interactions, and leverage the Home portal to
manage her own documents and profile.
At the application level, Karen has permissions such as those granted to the default
Authenticated-User role, which may be customized for the specific needs of the
organization. At the portal level, the portal manager will likely assign Karen a role that
includes View Pages and Customize Pages permissions.
xxxix
Who's Who
For more information about roles and permissions, see About Roles and Permissions
for a Portal in Building Portals with Oracle WebCenter Portal.
Knowledge Worker Tasks in WebCenter Portal
Tasks that are typical of a knowledge worker like Karen include:
•
Editing and updating pages for which she has been assigned content contribution
permissions
•
Connecting to and collaborating with other WebCenter Portal users by sharing
information, files, and links; and by interacting through instant messaging, mail,
message boards, wikis, and blogs
•
Uploading, sharing, and managing documents stored in Content Server
•
Joining a team or project portal
•
Keeping up with changes in WebCenter Portal by receiving notifications when
content is updated, viewing the activities of the portals she is a member of and
users she's connected to, and monitoring WebCenter Portal RSS feeds
•
Staying organized through the use of favorites, notes, calendars, lists, links to
portal objects, and tags
As Karen becomes more familiar with the functionality available in WebCenter Portal,
she may begin to perform more advanced tasks, such as creating portals. As a more
advanced knowledge worker, her role may evolve to overlap with application specialist
tasks.
Information targeted to knowledge workers like Karen is in Using Portals in Oracle
WebCenter Portal. Advanced tasks that overlap with those of an application specialist
are covered in Building Portals with Oracle WebCenter Portal.
Application Specialist
Ari is an application specialist who works in WebCenter Portal to create and administer
portals, their structure (hierarchy of pages, navigation, security), and their content
(components on a page, layout, behavior, and so on). In a typical project, Ari
coordinates the efforts of Karen (knowledge worker), Wendy (web developer), and
Dave (developer).
At the application level, Ari has permissions such as those granted to the default
Application Specialist role, which may be customized for the specific needs of the
organization. In a portal that Ari creates, he performs actions available to the Portal
Manager role to manage the portal.
xl
Who's Who
For more information about roles and permissions, see About Roles and Permissions
for a Portal in Building Portals with Oracle WebCenter Portal.
Application Specialist Tasks in WebCenter Portal
Tasks that are typical of an application specialist like Ari include:
•
Planning and creating new portals
•
Editing and administering the portals he owns
•
Creating and building portal pages using the page editor and the resource catalog
to add and configure page components
•
Creating and managing portal assets, tools, and services
•
Managing shared assets and portal templates across all portals
Information targeted for application specialists like Ari is in Building Portals with Oracle
WebCenter Portal. To work with his personal view of the Home portal, Ari will also
refer to Using Portals in Oracle WebCenter Portal.
Web Developer
Wendy is a web developer who focuses on delivering a consistent, branded look and
feel to all portals. Wendy provides graphics designs and HTML markup from which Ari
(application specialist in WebCenter Portal) or Dave (developer in JDeveloper) can
create content or page style templates, skins, and so on. Once these assets are
created, Ari can leverage them to create portal pages. Wendy typically does not
interact with WebCenter Portal directly.
Web Developer Tasks in WebCenter Portal
Tasks that are typical of a web developer like Wendy include:
•
Developing a corporate portal look and feel
•
Designing new page templates
Information targeted to web developers like Wendy is in Creating a Look and Feel for
Portals in Building Portals with Oracle WebCenter Portal.
xli
Who's Who
Developer
Dave is a developer who is primarily responsible for developing components (such as
task flows, page templates, and content templates), which are published and
leveraged by Ari (the application specialist). Dave works with JDeveloper to develop
and extend assets for use in WebCenter Portal.
Developer Tasks
Tasks that are typical of a developer like Dave include:
•
Developing custom assets such page templates and resource catalogs for portals
in WebCenter Portal
•
Developing Java portlets
•
Developing and deploying task flows, managed beans, and other custom
components
•
Developing custom personalization components
•
Maintaining the source control system
•
Maintaining a build system
Information targeted to developers like Dave is in Developing for Oracle WebCenter
Portal.
System Administrator
Syed is a system administrator who fields requests from IT employees and business
users to set up new machines; clone or back up existing applications systems and
databases; install patches, packages, and applications; and perform other
administration-related tasks. As the system administrator, Syed works with other tools
such as Fusion Middleware Control and command line tools. He leverages Enterprise
xlii
Who's Who
Manager to configure portal settings, and also configures integrations such as
WebCenter Content and other Fusion Middleware products and Oracle applications.
In WebCenter Portal, he has permissions such as those granted to the default
Administrator role, which provides exclusive access to administer and set global
options for all portals (including the Home portal).
For more information about application level roles and permissions, see About
Application Roles and Permissions in Administering Oracle WebCenter Portal.
System Administrator Tasks
Tasks that are typical of a system administrator like Syed include:
•
Uses WebCenter Portal administration to administer all portals (including import
and export of portals) and security site-wide
•
Uses WebCenter Portal administration to manage site-wide system pages,
business role pages, and personal pages
•
Leads security, taxonomy, metadata, workflow, governance
•
Uses the management console for administrative functions
•
Executes command line utilities for administrative functions
•
Installs and configures production versions of developers' efforts
•
Performs patching of the production versions and the operating system
•
Creates clones and backups of the production versions
•
Performs restores of production versions
•
Monitors the operating system for issues with the production version
•
Deploys and redeploys applications
Information targeted to system administrators like Syed is in Administering Oracle
WebCenter Portal and WebCenter WLST Command Reference.
xliii
Part I
Introduction to Oracle WebCenter Portal
This part of Administering Oracle WebCenter Portal provides an introduction to Oracle
WebCenter Portal and its administration tools.
•
Introduction to Administration for WebCenter Portal
1
Introduction to Administration for
WebCenter Portal
With WebCenter Portal, you can create internal and external portals, websites, and
composite applications. Begin by exploring the topology, architecture, administrative
tools, and tasks involved in setting up WebCenter Portal.
Note:
Beginning with 12c (12.2.1.3.0), Oracle WebCenter Portal has deprecated
support for Jive features (announcements and discussions). If you are
upgrading from a prior release, these features remain available in your existing
installations that are being upgraded.
Topics:
•
Introducing Oracle WebCenter Portal
•
Oracle WebCenter Portal Architecture
•
Oracle WebCenter Portal Topology
•
Understanding the Oracle WebCenter Portal Installation
•
Understanding Administrative Operations, Roles, and Tools
•
Performance Monitoring and Diagnostics
•
Understanding Security
•
Data Migration, Backup, and Recovery
•
Oracle WebCenter Portal Administration Tools
1.1 Introducing Oracle WebCenter Portal
Companies use Oracle WebCenter Portal to build enterprise-scale intranet and
extranet portals that provide a foundation for the next-generation user experience (UX)
with Oracle Fusion Middleware and Oracle Fusion Applications. Portals built with
Oracle WebCenter Portal commonly support thousands of users who create, update,
and access content and data from multiple back-end sources. Oracle WebCenter
Portal delivers intuitive user experiences by leveraging the best UX capabilities from a
significant portfolio of leading portal products and related technologies. From the
user's perspective, the integration is seamless.
Oracle WebCenter Portal provides users with a personalized, secure, and efficient way
of consuming information and interacting with people and applications in the context of
business processes. It optimizes the connections between people, information, and
applications; provides business activity streams so users can navigate, discover, and
1-1
Chapter 1
Oracle WebCenter Portal Architecture
access content in context; and offers dynamic personalization of applications, portals,
and sites to provide a customized experience.
This section describes Oracle WebCenter Portal components and architecture in the
following topics:
•
Oracle WebCenter Portal Architecture
•
Oracle WebCenter Portal Topology
1.2 Oracle WebCenter Portal Architecture
Oracle WebCenter Portal comprises the following components:
•
WebCenter Portlets
•
Application Development Framework
•
Portal Composer
•
Tools and Services
•
Discussion Server
•
Analytics
1.2.1 WebCenter Portlets
Develop and integrate portlets into WebCenter Portal:
•
Support for JSR-168 and JSR-286 standards-based WSRP portlets
•
Oracle JSF Portlet Bridge, which lets you expose JSF pages and Oracle ADF task
flows as standards-based portlets
1.2.2 Application Development Framework
The Oracle Application Development Framework (ADF) is a productivity layer that sits
on top of JSF and provides:
•
Unified access to back ends such as databases, web services, XML, CSV, and
BPEL
•
Data binding (JSR 227) connecting the user interface with back-end data controls
•
Over 100 data-aware JSF view components
•
Native component model that includes task flows
•
Fine grained JAAS security model
1.2.3 Portal Composer
Portal Composer comprises all the browser-based creating, editing, and administration
areas of WebCenter Portal:
•
A browser-based platform for creating and administering enterprise portals,
multiple sites, and communities.
1-2
Chapter 1
Oracle WebCenter Portal Architecture
•
A Home portal, where users have access to their profile, available portals, portal
templates, and documents, and can customize certain elements of their own view
of the Home portal.
•
A browser-based portal editor, where users can perform runtime portal
customization to modify portal settings and create portal pages and deviceenabled page variants. An intuitive page editor enables users to modify page
layout, properties, wiring, and include components such as task flows, portlets,
threaded discussions, blogs, wikis, announcements, RSS, activity stream, search,
and more.
1.2.4 Tools and Services
Table 1-1 lists the tools and services available in WebCenter Portal.
Table 1-1
WebCenter Portal Tools and Services
A Through I
L Through T
Activity Stream
Links
Analytics
Lists
Announcements
Mail
Discussions
Notes
Documents (includes Wikis and Blogs)
People Connections
Events
RSS
Instant Messaging and Presence (IMP)
Search
Tags
WebCenter Portal's tools and services provide:
•
Seamless integration with enterprise-level services
•
Thin adapter layer to abstract back-end services. For example:
–
Content adapters: Content Server
–
Presence adapters: Microsoft Lync
•
Back-end systems represented by a unified connection architecture
•
User interface to services presented through rich task flow components
For more information, see Managing Tools and Services.
1.2.5 Discussion Server
A discussion server is provided with Oracle WebCenter Portal so you can integrate
discussion forums and announcements into your portals. For information, see
Managing Announcements and Discussions.
1-3
Chapter 1
Oracle WebCenter Portal Topology
1.2.6 Analytics
WebCenter Portal's analytics capability enables users to view various user activity
reports, for example:
•
Login data
•
Page views
•
Portlet views
•
Search metrics
•
Page response data
•
Portal usage
For information, see Managing Analytics.
1.3 Oracle WebCenter Portal Topology
This section describes Oracle WebCenter Portal topology and configuration in the
following topics:
•
Oracle WebCenter Portal Directory Structure
•
Oracle WebCenter Portal Managed Servers
•
Oracle WebCenter Portal Configuration Considerations
•
Discussions Server Configuration
•
Oracle WebCenter Portal State and Configuration Persistence
•
Analytics Considerations
•
Oracle WebCenter Portal Log File Locations
1.3.1 Oracle WebCenter Portal Directory Structure
Oracle WebCenter Portal installation creates the WebCenter Portal product home
directory (wcportal), under the Oracle Home directory, that contains WebCenter Portal
binaries and supporting files. The following figure describes directory structure of an
Oracle WebCenter Portal installation.
Figure 1-1
Directory Structure of an Oracle WebCenter Portal Installation
1-4
Chapter 1
Oracle WebCenter Portal Topology
The installation also creates a WebCenter Portaldomain (default name base_domain),
containing the administration server and several managed servers to host various
WebCenter Portal components. In Figure 1-2, applications are shown in yellow, while
the managed servers they run on are shown in brown.
Figure 1-2
Oracle WebCenter Portal Topology Out-of-the-Box
Out-of-the-box managed servers host the following Oracle WebCenter Portal
components:
•
WC_Portal- Hosts WebCenter Portal, Oracle's out-of-the-box portal application, and
analytics
•
WC_Portlet - Hosts out-of-the-box portlets, pagelet producer, and WebCenter
Portaltools
•
WC_Collaboration - Hosts the discussions server and any additional services that
you choose to integrate
For more information about managed servers, see Understanding Oracle Fusion
Middleware Concepts in Administering Oracle Fusion Middleware.
1.3.2 Oracle WebCenter Portal Managed Servers
During Oracle WebCenter Portal installation, the managed servers are provisioned
with system libraries and Oracle ADF libraries. Table 1-2 lists the managed servers
and the applications that run on them.
Table 1-2
Oracle WebCenter Portal Managed Servers and Applications
Managed Server
Installed Applications
Application Name
WC_Portal
WebCenter Portal
webcenter
WebCenter Portal online help
webcenter-help
Analytics
analytics-collector
OmniPortlet
portalTools
WSRP tools
wsrp-tools
Pagelet producer
pagelet-producer
Discussions Server
owc_discussions
WC_Portlet
WC_Collaboration
1-5
Chapter 1
Oracle WebCenter Portal Topology
1.3.3 Oracle WebCenter Portal Configuration Considerations
The main configuration files for WebCenter Portal are listed and described in
Table 1-3. Both these files are supplied within the application deployment .EAR file.
Table 1-3
WebCenter Portal Configuration Files
Artifact
Purpose
adf-config.xml
Stores basic configuration for Application
Development Framework (ADF) and application
settings, such as which discussions server or mail
server WebCenter Portal is currently using.
connections.xml
Stores basic configuration for connections to
external services.
WebCenter Portal uses the Oracle Metadata Services (MDS) repository to store its
configuration data; it accesses the MDS repository as a JDBC data source within the
Oracle WebLogic framework.
The MDS repository stores post deployment configuration changes for WebCenter
Portal as application customizations. MDS uses the original deployed versions of adfconfig.xml and connections.xml as base documents and stores all subsequent
application customizations separately into MDS using a single customization layer.
When WebCenter Portal starts up, application customizations stored in MDS are
applied to the appropriate base documents and the application uses the merged
documents (base documents with customizations) as the final set of configuration
properties.
For applications that are deployed to a server cluster, all members of a cluster read
from the same location in the MDS repository.
Typically, there is no need for administrators to examine or manually change the
content of base documents (or MDS customization data) for files such as adfconfig.xml and connections.xml, as Oracle provides several administration tools for
post deployment configuration. If you must locate the base documents or review the
information in MDS, read Oracle WebCenter Portal Configuration.
To find out more about the configuration tools available, see Oracle WebCenter Portal
Administration Tools.
Note:
Oracle does not recommend that you edit adf-config.xml or connections.xml
by hand as this can lead to misconfiguration.
While WebCenter Portal stores post deployment configuration information in MDS,
configuration information for portlet producers and the discussion server is stored in
the file system or the database (Table 1-4).
1-6
Chapter 1
Oracle WebCenter Portal Topology
Table 1-4
WebCenter Portal Configuration Location
Application
Configuration Stored Configuration Stored
in MDS
in File System
Configuration Stored
in Database
WebCenter Portal
Yes
No
No
Portlet producers
No
Yes
No
Discussions
server
No
Yes
Yes
1.3.4 Discussions Server Configuration
Oracle WebCenter Portal's discussions server stores configuration information in its
database. Additionally, it stores startup configuration information in DOMAIN_HOME/
config/fmwconfig/servers/WC_COLLABORATION/owc_discussions. This directory contains
jive_startup.xml, jive.license files, and a logs directory containing log files for the
discussions server instance.
1.3.5 Oracle WebCenter Portal State and Configuration Persistence
WebCenter Portal runs as a J2EE application with application state and configuration
persisted to the MDS repository. User session information within the application is held
locally in memory. In a cluster environment, this state is replicated to other members of
the cluster.
Application customizations within a portlet or service environment are persisted by that
service. Out-of-the-box, Oracle portlets, any custom portlets you build, and the
discussions server, all have their own database persistence mechanisms.
1.3.6 Analytics Considerations
WebCenter Portal's analytics capability is stateless. Requests received by analytics
collectors are executed immediately. Any in-transit state, such as a request initiated by
WebCenter Portal or a request processed by the analytics collector, is not guaranteed.
1.3.7 Oracle WebCenter Portal Log File Locations
Operations performed by WebCenter Portal, portlet producers, discussion servers, and
so on, are logged directly to the WebLogic managed server where the application is
running:
DOMAIN_HOME/servers/Server_Name/logs/Server_Name-diagnostic.log
For example, diagnostics for WebCenter Portal are logged to: /base_domain/servers/
WC_Portal/logs/WC_Portal-diagnostic.log
You can view the log files for each WebLogic managed server from the Oracle
WebLogic Server Administration Console. To view the logs, access the Oracle
WebLogic Server Administration Console http://<admin_server_host>:<port>/console,
and click Diagnostics-Log Files.
1-7
Chapter 1
Understanding the Oracle WebCenter Portal Installation
You can also view and configure diagnostic logs through Fusion Middleware Control,
see Viewing and Configuring Log Information.
1.4 Understanding the Oracle WebCenter Portal Installation
Installing WebCenter Portal requires a little bit of planning. Some of the questions to
consider are:
•
What Oracle WebCenter Portal components will be used?
•
How many users will access this deployment?
•
How can I provide high availability for my enterprise deployment?
•
How can I secure WebCenter Portal?
For more information about Oracle WebCenter Portal installation and post-installation
administration tasks, see Roadmap for Installing and Configuring the Standard
Installation Topologies in Installing and Configuring Oracle WebCenter Portal.
For post installation high availability configuration, see Setting up a Highly Available
Environment in High Availability Guide.
1.5 Understanding Administrative Operations, Roles, and
Tools
Oracle WebCenter Portal provides several different tools with which to deploy,
configure, start and stop, and maintain WebCenter Portal. Your ability to perform
administration tasks depends on the Oracle WebLogic Server role you are assigned to
—Admin, Operator, or Monitor. Table 1-5 lists the Oracle WebLogic Server roles needed
for common operations. These roles apply whether the operations are performed
through Fusion Middleware Control, WLST commands, or the WebLogic Server
Administration Console.
Table 1-5
WebCenter Portal Operations and Oracle WebLogic Server Roles
Operation
Admin Role Operator Role
Monitor Role
Start and stop
Yes
Yes
No
View performance metrics
Yes
Yes
Yes
View log information
Yes
Yes
Yes
Configure log files
Yes
Yes
Yes
View configuration
Yes
Yes
Yes
Configure new connections
Yes
Yes
No
Edit connections
Yes
Yes
No
Delete connections
Yes
Yes
No
Deploy applications
Yes
No
No
1-8
Chapter 1
Understanding Administrative Operations, Roles, and Tools
Table 1-5
Roles
(Cont.) WebCenter Portal Operations and Oracle WebLogic Server
Operation
Admin Role Operator Role
Monitor Role
Configure security
Yes
No
No
View security (application roles/policies)
Yes
Yes
Yes
Export entire application
Yes
No
No
Import entire application
Yes
No
No
Table 1-6 summarizes which tools you can use to perform various administrative
operations relating to WebCenter Portal. Oracle WebCenter Portal Administration
Tools describes the administrative tools.
Table 1-6
WebCenter Portal Operations and Administration Tools
Operation
Fusion
WLST
WebLogic
Middleware Commands Server
Control
Admin
Console
WebCenter Portal
Admin
Start and stop
Yes
Yes
Yes
No
View performance metrics
Yes
No
No
No
View log information
Yes
No
No
No
Configure log files
Yes
No
No
No
View configuration
Yes
Yes
No
No
Configure new connections
Yes
Yes
No
No
Edit connections
Yes
Yes
No
No
Delete connections
Yes
Yes
No
No
Manage portlet producers
Yes
Yes
No
Yes
Manage external applications
Yes
Yes
No
Yes
Deploy applications
Yes
Yes
Yes
No
Configure security
Yes
Yes
Yes
No
Configure workflows
Yes
Yes
No
No
Export entire application
Yes
Yes
No
No
Import entire application
Yes
Yes
No
No
Customize WebCenter Portal
No
No
No
Yes
1-9
Chapter 1
Performance Monitoring and Diagnostics
Table 1-6
(Cont.) WebCenter Portal Operations and Administration Tools
Operation
Fusion
WLST
WebLogic
Middleware Commands Server
Control
Admin
Console
WebCenter Portal
Admin
Manage application users
and roles
No
No
No
Yes
Manage pages
No
No
No
Yes
Manage portals
No
No
No
Yes
Export portals
No
No
No
Yes
Import portals
No
No
No
Yes
1.6 Performance Monitoring and Diagnostics
Performance monitoring helps administrators identify issues and performance
bottlenecks in their environment. Monitoring WebCenter Portal Performance describes
the range of performance metrics available for WebCenter Portal and how to monitor
them using Fusion Middleware Control. It also describes how to troubleshoot issues by
analyzing information that is recorded in diagnostic log files.
1.7 Understanding Security
The recommended security model for Oracle WebCenter Portal is based on Oracle
ADF Security, which implements the Java Authentication and Authorization Service
(JAAS) model. The following chapters describe security configuration for WebCenter
Portal applications:
•
Managing WebCenter Portal Security
•
Configuring the Identity Store
•
Configuring the Policy and Credential Store
•
Configuring Single Sign-On
•
Configuring SSL
•
Configuring Web Services Security
•
Configuring Security for Portlet Producers
1.8 Data Migration, Backup, and Recovery
Oracle WebCenter Portal stores data related to its configuration and content for the
various feature areas in several locations. To facilitate disaster recovery and the full
production lifecycle from development through staging and production, Oracle
WebCenter Portal provides a set of utilities that enable you to back up this data, and
move the data between staging and production environments.
1-10
Chapter 1
Oracle WebCenter Portal Administration Tools
Managing WebCenter Portal Backup, Recovery, and Cloning describes the backup,
import, and export capabilities and tools available for these tasks.
1.9 Oracle WebCenter Portal Administration Tools
Oracle WebCenter Portal offers the following administration tools:
•
Oracle Enterprise Manager Fusion Middleware Control Console
•
Oracle WebLogic Server Administration Console
•
Oracle WebLogic Scripting Tool (WLST)
•
System MBean Browser
•
WebCenter Portal Administration Pages
Administrators should use these tools, rather than edit the configuration files, to
perform administrative tasks. For help to decide which tool is best for you, see
Configuration Tools.
1.9.1 Oracle Enterprise Manager Fusion Middleware Control Console
Oracle Enterprise Manager Fusion Middleware Control Console is a browser-based
management application that is deployed when you install Oracle WebCenter Portal.
From Fusion Middleware Control Console, you can monitor and administer a domain
(such as one containing Oracle WebCenter Portal).
Fusion Middleware Control organizes a wide variety of performance data and
administrative functions into distinct, web-based home pages. These home pages
make it easy to locate the most important monitoring data and the most commonly
used administrative functions for any WebCenter Portal component—all from your web
browser. For general information about the Fusion Middleware Control Console, see
Getting Started Using Oracle Enterprise Manager Fusion Middleware Control in
Administering Oracle Fusion Middleware.
Fusion Middleware Control is the primary management tool for Oracle WebCenter
Portal and can be used to:
•
Configure back-end services and tools
•
Configure security management
•
Control process lifecycle
•
Access log files and manage log configuration
•
Manage data migration
•
Monitor performance
•
Diagnose run-time problems
•
Manage related components, such as the parent Managed Server, MDS, and
portlet producers
1.9.1.1 Displaying Fusion Middleware Control Console
For information about starting Fusion Middleware Control, see Displaying Fusion
Middleware Control Console.
1-11
Chapter 1
Oracle WebCenter Portal Administration Tools
1.9.2 Oracle WebLogic Server Administration Console
The Oracle WebLogic Server Administration Console is a browser-based, graphical
user interface that you use to manage a WebLogic Server domain.
The Administration Server hosts the Administration Console, which is a Web
application accessible from any supported Web browser with network access to the
Administration Server Managed Servers host applications.
Use the Administration Console to:
•
Configure, start, and stop WebLogic Server instances
•
Configure WebLogic Server clusters
•
Configure WebLogic Server services, such as database connectivity (JDBC) and
messaging (JMS)
•
Configure security parameters, including creating and managing users, groups,
and roles
•
Configure and deploy your applications
•
Monitor server and application performance
•
View server and domain log files
•
View application deployment descriptors
•
Edit selected run-time application deployment descriptor elements
For more information about the Oracle WebLogic Server Administration Console, see
Displaying the Oracle WebLogic Server Administration Console in Administering
Oracle Fusion Middleware.
1.9.2.1 Locking Domain Configuration
You must lock configuration settings for a domain in the production mode before
making any configuration changes. Navigate to the Administration Console's Change
Center, and click Lock & Edit.
Once configuration updates are complete, release the changes by clicking Release
Configuration.
If the domain is in the development mode, the Lock & Edit option is not available, and
changes are automatically committed.
Figure 1-3
Change Center in Oracle WebLogic Server Administration Console
1-12
Chapter 1
Oracle WebCenter Portal Administration Tools
1.9.3 Oracle WebLogic Scripting Tool (WLST)
Oracle provides the WebLogic Scripting Tool (WLST) to manage Oracle Fusion
Middleware components, such as Oracle WebCenter Portal, from the command line.
WLST is a complete, command-line scripting environment for managing Oracle
WebLogic Server domains, based on Jython. In addition to supporting standard Jython
features such as local variables, conditional variables, and flow control statements,
WLST provides a set of scripting functions (commands) that are specific to Oracle
WebLogic Server. You can extend the WebLogic scripting language to suit your needs
by following the Jython language syntax.
Oracle provides WLST commands for fully administering and monitoring WebCenter
Portal and managing connections to content repositories, portlet producers, external
applications, and other back-end services. All Oracle WebCenter Portal WLST
commands are described in WebCenterPortal Custom WLST Commands in
WebCenter WLST Command Reference.
1.9.3.1 Running Oracle WebLogic Scripting Tool (WLST) Commands
You must run all Oracle WebCenter Portal WLST commands from your Oracle home
directory (ORACLE_HOME).
Note:
If you attempt to run WLST commands from the wrong directory, you will see a
NameError. Always run the WLST commands from the Oracle home directory.
See also, Troubleshooting WebCenter Portal.
To run WLST from the command line:
1. Navigate to your Oracle home directory and invoke the WLST script:
(UNIX) ORACLE_HOME/common/bin/wlst.sh
(Windows) ORACLE_HOME\common\bin\wlst.cmd
2. At the WLST command prompt, enter the following command to connect to the
Administration Server for Oracle WebCenter Portal:
wls:/offline>connect('user_name','password',
'protocol(optional):host_name:port_number')
where
•
user_name is the username of the operator who is connecting to the
Administration Server
•
password is the password of the operator who is connecting to the
Administration Server
•
protocol is the protocol for connecting to the Administration Server and is
optional
1-13
Chapter 1
Oracle WebCenter Portal Administration Tools
•
host_name is the host name of the Administration Server
•
port_number is the port number of the Administration Server
For example:
connect(username='weblogic', password='mypassword', url='t3://myhost.example.com:
7001')
If preferred, you can connect to the Administration Server in interactive mode
without parameters:
wls:/offline> connect()
Please enter your username :weblogic
Please enter your password :
Please enter your server URL [t3://localhost:7001]:t3://myhost.example.com:7001
Connecting to t3://myhost.example.com:7001 with userid weblogic ...
Successfully connected to Admin Server 'AdminServer' that belongs to domain
'WC_Domain'.
For help with this command, type help('connect') at the WLST command prompt.
Note:
If SSL is enabled, you must edit the wlst.sh or wlst.cmd file and append the
following to JVM_ARGS:
-Dweblogic.security.SSL.ignoreHostnameVerification=true
-Dweblogic.security.TrustKeyStore=DemoTrust
or setenv CONFIG_JVM_ARGS
-Dweblogic.security.SSL.ignoreHostnameVerification=true
-Dweblogic.security.TrustKeyStore=DemoTrust
3. Once connected to the Administration Server you can run Oracle WebCenter Portal
WLST commands, and any other generic WLST command.
1.9.3.1.1 Hints and Tips Running for Oracle WebCenter Portal WLST Commands
•
To list Oracle WebCenter Portal WLST commands, type: help('webcenter') at
the WLST command prompt.
If the message No help for webcenter found... displays, you are probably running
the WLST script from the wrong directory, for example, you might be running
wlst.sh or wlst.cmd from the oracle_common directory instead of ORACLE_HOME/common/
bin.
•
For help on a particular command, type: help('WLST_command_name') at the WLST
command prompt.
•
Include argument names when running commands and especially when
writing WLST scripts. For example, it is good practice to enter:
createExtAppConnection(appName='webcenter', name='myXApp'...
rather than:
createExtAppConnection('webcenter', 'myXApp'...
1-14
Chapter 1
Oracle WebCenter Portal Administration Tools
Either syntax is valid but when you include the argument names, errors and
misconfiguration is less likely. Also, if arguments are added in the future, the
command does not fail or configure the wrong property.
•
In a clustered environment, remember to specify the "server" argument
when running commands. All Oracle WebCenter Portal WLST commands
include a server argument which becomes mandatory when WebCenter Portal is
deployed to cluster.
•
Online documentation for Oracle WebCenter Portal WLST commands is
available in WebCenter Portal Custom WLST Commands in WebCenter WLST
Command Reference.
1.9.4 System MBean Browser
Fusion Middleware Control provides a set of MBean browsers that allow you to browse
the MBeans for an Oracle WebLogic Server or for a selected application.
Note:
While you can monitor and configure WebCenter Portal MBeans from the
System MBean browser, it is not the preferred tool for configuration. Oracle
recommends that you configure WebCenter Portal settings from its home page
using Fusion Middleware Control or by using WLST commands.
To access application MBeans:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal. For more information, see Navigating to the Home Page for WebCenter
Portal.
2. From the WebCenter Portal menu, select System MBean Browser.
3. Under Application Defined MBeans, navigate to the MBean you want to view or
configure.
For example, you might want to navigate to MBeans for adf-config.xml and
connections.xml as follows:
•
adf-config - Click oracle.adf.share.config >Server: name >Application:
name >ADFConfig >ADFConfig >ADFConfig
•
connections - Click oracle.adf.share.connections >Server: name
>Application: name >ADFConnnections >ADFConnections
4. To view an MBean's attributes, select the MBean, then on the Attributes tab, click
the required attribute. Values of some attributes can be changed. To do so, enter
the value in the Value column.
1-15
Chapter 1
Oracle WebCenter Portal Administration Tools
Figure 1-4
Systems MBean Browser
5. Navigate to the parent MBean (for example, ADFConfig or ADFConnections),
select the Operations tab, and click save to save the changes.
6. Restart the managed server on which WebCenter Portal is deployed. For more
information, see Starting and Stopping Managed Servers for WebCenter Portal
Application Deployments.
1.9.5 WebCenter Portal Administration Pages
WebCenter Portal provides several administration pages, which appear only to users
who have logged in to WebCenter Portal using an administrator user name and
password.
WebCenter Portal administration pages allow you to:
•
Customize WebCenter Portal
•
Manage users and roles
•
Manage tool and service settings
•
Manage portlet producers and external applications
•
Manage individual portals and portal templates
•
Create and manage business role pages
•
Manage personal pages
•
Export and import individual portals and portal templates
For more information, see Accessing the Settings Pages in WebCenter Portal
Administration.
1-16
Part II
Getting Started
This part of Administering Oracle WebCenter Portal provides checklists to help you get
started with Oracle WebCenter Portal administration.
•
Getting Started Administering WebCenter Portal
•
Starting Enterprise Manager Fusion Middleware Control
•
Starting and Stopping Managed Servers and Applications for Oracle WebCenter
Portal
2
Getting Started Administering WebCenter
Portal
Before you get WebCenter Portal up and running, become familiar with the various
administrative tasks you will perform as a Fusion Middleware administrator and as a
WebCenter Portal administrator.
Note:
Beginning with 12c (12.2.1.3.0), Oracle WebCenter Portal has deprecated
support for Jive features (announcements and discussions). If you are
upgrading from a prior release, these features remain available in your existing
installations that are being upgraded.
Permissions:
To perform the tasks in this chapter, you must be granted the following roles:
•
WebLogic Server: Admin role granted through the Oracle WebLogic
Server Administration Console.
Users with this role are also known as Fusion Middleware administrators.
•
WebCenter Portal: Administrator role granted through WebCenter Portal
Administration.
Users with this role are also known as WebCenter Portal administrators.
See also, Understanding Administrative Operations, Roles, and Tools.
Topics:
•
Role of the System Administrator
•
Installing WebCenter Portal
•
Setting Up WebCenter Portal for the First Time (Roadmap)
•
Customizing WebCenter Portal for the First Time (Roadmap)
•
System Administration for WebCenter Portal – Fusion Middleware Admin Role
(Roadmap)
•
System Administration for WebCenter Portal – WebCenter Portal Admin Role
(Roadmap)
2-1
Chapter 2
Role of the System Administrator
2.1 Role of the System Administrator
Oracle Fusion Middleware provides a single administrative role with complete
administrative capabilities—the Admin role. System administrators with this role can
perform the complete range of security-sensitive administrative duties, and all
installation, configuration, and audit tasks. This administrator is also responsible for
setting up and configuring WebCenter Portal immediately after installation, and
performing ongoing administrative tasks for WebCenter Portal and other Oracle
WebCenter Portal components. This administrator is sometimes known as the Fusion
Middleware administrator.
During installation, a single default system administrator account is created named
weblogic. You can choose to create the account by any other name. The password is
the one provided during installation.
Use this administrator account to log in to the Fusion Middleware Control Console and
WebCenter Portal, and assign administrative privileges to other users:
•
Fusion Middleware Control - Add one more users to the Administrator group
using the Oracle WebLogic Server Administration Console or Oracle WebLogic
Scripting Tool (WLST). For more information, see Administrative Users and Roles
in Securing Applications with Oracle Platform Security Services.
Oracle WebLogic Server provides two other roles, in addition to the Admin role,
namely Operator and Monitor. For more information about these role, see
Understanding Administrative Operations, Roles, and Tools.
•
WebCenter Portal Administration - Assign one more users the Administrator
role through WebCenter Portal Administration.
WebCenter Portal administrators have the highest privileges within the WebCenter
Portal application. This administrator can view and customize every aspect of the
WebCenter Portal, manage users and roles, and delegate responsibilities to
others.
2.2 Installing WebCenter Portal
WebCenter Portal installation is described in Roadmap for Installing and Configuring
the Standard Installation Topologies in Installing and Configuring Oracle WebCenter
Portal.
2.3 Setting Up WebCenter Portal for the First Time
(Roadmap)
The flow chart depicted in Figure 2-1 and Table 2-1 in this section provide an overview
of the tasks required to get WebCenter Portal up and running.
2-2
Chapter 2
Setting Up WebCenter Portal for the First Time (Roadmap)
Figure 2-1
Setting Up WebCenter Portal for the First Time
2-3
Chapter 2
Setting Up WebCenter Portal for the First Time (Roadmap)
Table 2-1
Roadmap - Setting Up WebCenter Portal for the First Time
Actor
Task
Subtask
Fusion Middleware
Administrator
1. Verify your
WebCenter Portal
installation
1.a Install WebCenter
Portal
Notes
1.b Start Node
Manager
1.c Start the
managed servers
1.d Log in to
WebCenter Portal as
the default
administrator
1.e Grant
Administartive
Privileges
Fusion Middleware
Administrator
2. Add/modify
connections to
backend components
using either of the
following tools:
Back-end
components may
include:
•
•
•
•
Fusion
Middleware
Control
WLST
•
•
•
•
•
•
•
Fusion Middleware
Administrator
3. Connect external
applications and
portlet producers
using either of the
following tools:
•
•
Fusion
Middleware
Control
WLST
Content
repositories1
BPEL servers1
Analytics
collector
Discussions
server1
Events server
Mail servers
Presence server
Oracle Secure
Enterprise
Search
WebCenter
Portal
repository1
Portlet producers
may include:
•
•
WSRP
producers1
Pagelet
producer1
2-4
Chapter 2
Setting Up WebCenter Portal for the First Time (Roadmap)
Table 2-1
(Cont.) Roadmap - Setting Up WebCenter Portal for the First Time
Actor
Task
Fusion Middleware
Administrator
4. Conect back-end
servers to the same
identity store as
WebCenter Portal.
Subtask
Notes
Back-end servers
may include:
•
•
•
•
•
Fusion Middleware
Administrator
5. Secure
communication with
WebCenter Portal
5.a Configure single
sign-on
Oracle
WebCenter
Content Server
Oracle Secure
Enterprise
Search
BPEL server
Discussions
server
Presence server
Configuring SSO and
SSL is optional.
5.b Configure SSL
5.c Configure WSSecurity
Fusion Middleware
Administrator
6. (Optional)
Configure system
options for
WebCenter Portal:
•
•
•
•
•
Portal
workflows1
Notification
message
channel
Search crawlers
Search settings
RSS news feeds
Fusion Middleware
Administrator
7. Restart
WC_Portal, the
managed server on
which WebCenter
Portal is deployed
WebCenter Portal
Administrator
8. Log in to
WebCenter Portal
WebCenter Portal
Administrator
9. Set global options
and customize
WebCenter Portal
WebCenter Portal
Administrator
10. Assigning Users
(and Groups) to
Application Roles
2-5
Chapter 2
Customizing WebCenter Portal for the First Time (Roadmap)
1
Auto-configured out-of-the-box
2.4 Customizing WebCenter Portal for the First Time
(Roadmap)
The roadmap in Table 2-2 outlines the tasks that a WebCenter Portal administrator
might perform to customize WebCenter Portal for a new target audience.
Table 2-2
Roadmap - Customizing WebCenter Portal for the First Time
Task
Documentation
Actor
1. Log in to
WebCenter
Portal
Log in to WebCenter Portal with administrative privileges and
access the administration pages:
WebCe
nter
Portal
Admin
•
Accessing the WebCenter Portal Administration Page
Tips:
WebCenter Portal URL is http://host:port/webcenter
WebCenter Portal Administration URL is http://host:port/
webcenter/portal/admin/settings
2. Customize
WebCenter
Portal
Customize WebCenter Portal to suit your audience. Choose a
name and logo for your application, apply a corporate brand, set
language options, choose default portals, default assets, and
more. For details, see:
•
•
•
•
•
3. Determine
selfregistration
policy
4. Plan the
public user
experience
Working with WebCenter Portal Administration Settings
Configuring Global Defaults Across Portals
Customizing System Pages
Managing Business Role Pages
Managing Personal Pages
Establish your policy regarding new user registration. Allow
users outside of the WebCenter Portal community to self register on an invitation-only basis or extend self-registration to
the public:
•
•
•
•
•
WebCe
nter
Portal
Admin
Enabling Self-Registration By Invitation-Only
Enabling Anyone to Self-Register
First impressions are extremely important. Determine the content
displayed on your Welcome page and the appearance of
WebCenter Portal before users login:
•
WebCe
nter
Portal
Admin
Customizing the Welcome Page or the Self- Registering
Page
Customizing the Login Page
Choosing a Default Display Language
Default Application Roles
WebCe
nter
Portal
Admin
2-6
Chapter 2
System Administration for WebCenter Portal – Fusion Middleware Admin Role (Roadmap)
Table 2-2
(Cont.) Roadmap - Customizing WebCenter Portal for the First Time
Task
Documentation
Actor
5. Create roles
and delegate
responsibilities
to other users
Create roles to characterize groups of users and determine what
they can see and do in WebCenter Portal. Manage and assign
roles for any user in the identity store:
WebCe
nter
Portal
Admin
6. Customize
the Home
portal
Design the default Home portal for WebCenter Portal users.
Give them instant access to important information and
applications relevant to their roles:
•
•
•
•
•
About WebCenter Portal Security
Assigning Users (and Groups) to Application Roles
Defining Application Roles
Assigning a User to a Different Application Role
Modifying Application Role Permissions
•
Setting Page Creation Defaults for Business Role Pages
•
Creating a Business Role Page
Encourage or enforce a consistent look and feel through default
page schemes and default page templates:
•
Choosing a Default Look and Feel for New Pages
7. Set up
discussion
forums and
announcement
s
Configure default options for discussion forums and
announcements:
8. Set up
people
connection
components
Configure defaults for activity streams, personal profiles,
connections, messages boards, and feedback:
9. Set up mail
notifications
10. Provide
ready-made
portals and
portal
templates
•
•
Configuring Discussion Forum Options for WebCenter
Portal
Configuring People Connections for WebCenter Portal
Configure default options for everyone's mail:
•
Configuring Send Mail Notifications
Users can create and manage their own portals without
centralized administration. Give them a head-start by creating
templates for the types of portals they are likely to build:
•
•
WebCe
nter
Portal
Admin
Creating and Building a New Portal
Creating a New Portal Template
WebCe
nter
Portal
Admin
WebCe
nter
Portal
Admin
WebCe
nter
Portal
Admin
WebCe
nter
Portal
Admin
2.5 System Administration for WebCenter Portal – Fusion
Middleware Admin Role (Roadmap)
The roadmap in Table 2-3 outlines typical tasks that a system administrator might
perform to keep WebCenter Portal up and running.
2-7
Chapter 2
System Administration for WebCenter Portal – Fusion Middleware Admin Role (Roadmap)
Table 2-3
Roadmap - Administering and Monitoring WebCenter Portal
Task
Documentation
Role
Stop and start
the managed
servers
Restart the managed servers for configuration changes to take
effect or for routine maintenance:
Fusion
Middlew
are
Admin
View and
manage log
files
•
Starting and Stopping Managed Servers for WebCenter
Portal Application Deployments
Tip: The managed server for WebCenter Portal is named
WC_Portal.
Identify and diagnose problems through log files. WebCenter
Portal logs record all types of events, including startup and
shutdown information, errors, warnings, and other information:
•
Monitor
performance
Viewing and Configuring WebCenter Portal Logs
Analyze the performance of the WebCenter Portal application
and monitor its current status through Fusion Middleware
Control:
•
Viewing Performance Metrics Using Fusion Middleware
Control
•
Using Key Performance Metric Data to Analyze and
Diagnose System Health
System administrators granted one of these WebLogic Server
roles can view performance metrics: Admin, Operator, Monitor.
To find out more, see Understanding Administrative Operations,
Roles, and Tools.
Fusion
Middlew
are
Admin
Fusion
Middlew
are
Admin
WebCe
nter
Portal
Admin
WebCenter Portal administrators can monitor application
performance and usage using WebCenter Portal's analytics
feature:
•
Tune
application
properties
Reconfigure performance related parameters for the WebCenter
Portal environment, WebCenter Portal application, and
WebCenter Portal components:
•
Stop and start
WebCenter
Portal
Tuning Oracle WebCenter Portal Performance
System administrators may shut down WebCenter Portal for
maintenance purposes and then restart the application:
•
•
Modify backend services
Understanding the Analytics Administration Page in
WebCenter Portal
Starting WebCenter Portal Using Fusion Middleware
Control
Stopping WebCenter Portal Using Fusion Middleware
Control
Add, modify, and delete connections through Fusion Middleware
Control.
Fusion
Middlew
are
Admin
Fusion
Middlew
are
Admin
Fusion
Middlew
are
Admin
2-8
Chapter 2
System Administration for WebCenter Portal – Fusion Middleware Admin Role (Roadmap)
Table 2-3
(Cont.) Roadmap - Administering and Monitoring WebCenter Portal
Task
Documentation
•
Content
repositorie
s
•
Managing Connections to Oracle WebCenter Content
Server
•
Mail
servers
•
Managing Mail
•
BPEL
servers
•
Managing the SOA Connection for WebCenter Portal
Membership Workflows
•
Collaborati
on
•
Managing Instant Messaging and Presence
•
Calendar
•
Managing Calendar Events
•
Secure
Enterprise
Search
•
Managing Oracle Secure Enterprise Search in WebCenter
Portal
•
Analytics
•
Managing Analytics
•
Events,
Links,
Lists,
Notes,
Tags, and
People
Connectio
ns
Managing the Metadata Repository in Administering Oracle
Fusion Middleware.
Modify external
applications
and portlet
producers
Add, modify, and delete connections through Fusion Middleware
Control.
•
External
Application
s
•
Managing External Applications
•
Portlet
Producers
•
•
Registering WSRP Producers
Registering Pagelet Producer
Configure SSL
communication
Configure secure communication:
•
•
•
Configuring SSL
Configuring Web Services Security
Configuring Single Sign-On
Role
Fusion
Middlew
are
Admin
Fusion
Middlew
are
Admin
2-9
Chapter 2
System Administration for WebCenter Portal – WebCenter Portal Admin Role (Roadmap)
Table 2-3
(Cont.) Roadmap - Administering and Monitoring WebCenter Portal
Task
Documentation
Role
Reassociate
your identity,
policy, and
credential
stores
Reassociate your identity or policy stores:
Fusion
Middlew
are
Admin
Reconfigure
WebCenter
Portal
repository
Reconfigure the WebCenter Portal repository:
Fusion
Middlew
are
Admin
Reconfigure the application's MDS repository:
Fusion
Middlew
are
Admin
Reconfigure
MDS repository
•
•
•
•
•
Configuring the Identity Store
Configuring the Policy and Credential Store
Managing the MDS Repository
Configuring an Application to Use a Different MDS
Repository or Partition
Moving Metadata from a Source System to a Target
System
Reconfigure
WebCenter
Portal
workflows
Install WebCenter Portal workflows on a different BPEL server
and reconfigure the connection:
Migrate or
export portals,
portal
templates,
assets, or the
entire portal
server
Use various export facilities to move content to a remote
instance or between stage and production environments:
Import
WebCenter
Portal
application
Use various import facilities to restore WebCenter Portal from a
backup or to move content to a remote instance or between
stage and production environments:
•
•
•
•
•
•
•
•
•
Specifying the BPEL Server Hosting WebCenter Portal
Workflows
Exporting WebCenter Portal to an Archive
Deploying Portals
Deploying Portal Templates
Deploying Assets
Importing a WebCenter Portal Archive
Deploying Portals
Deploying Portal Templates
Deploying Assets
Fusion
Middlew
are
Admin
Fusion
Middlew
are
Admin
Fusion
Middlew
are
Admin
2.6 System Administration for WebCenter Portal –
WebCenter Portal Admin Role (Roadmap)
The roadmap in Table 2-4 outlines typical tasks that a system administrator might
perform while WebCenter Portal is up and running.
If WebCenter Portal must be taken offline for maintenance, ensure that a suitable
message displays to any users who attempt to access the application while it is offline.
2-10
Chapter 2
System Administration for WebCenter Portal – WebCenter Portal Admin Role (Roadmap)
Table 2-4
Roadmap - Keeping WebCenter Portal Up and Running
Task
Documentation
Role
Modify application
Settings
Modify application-wide settings as required:
WebCent
er Portal
Admin
•
•
•
•
•
•
Manage Home portal
Manage personal pages and business role pages.
Push content to the Home portal:
•
•
•
Manage portals
Creating a New Portal Template
Maintain security. Modify user role permissions and
assign new roles:
•
•
Manage external
applications
Viewing Information About Any Portal
Closing Any Portal
Taking Any Portal Offline
Bringing Any Portal Back Online
Deleting a Portal
Manage portal templates. Review and delete any
template:
•
Maintain users and
roles
Managing Business Role Pages
Managing Personal Pages
Customizing System Pages
Take any portal temporarily offline and close down any
portal that is inactive. Edit and delete any portal:
•
•
•
•
•
Manage portal
templates
Working with WebCenter Portal Administration
Settings
Configuring Global Defaults Across Portals
Managing Tools and Services
Customizing System Pages
Managing Business Role Pages
Managing Personal Pages
Modifying Application Role Permissions
Assigning a User to a Different Role
Maintain external applications. Add, modify, and delete
entries:
•
Registering External Applications
WebCent
er Portal
Admin
WebCent
er Portal
Admin
WebCent
er Portal
Admin
WebCent
er Portal
Admin
WebCent
er Portal
Admin
AppConn
ectionMan
ager
Manage portlet
producers
Maintain portlet producers. Add, modify, and delete
entries:
•
Registering Portlet Producers
WebCent
er Portal
Admin
AppConn
ectionMan
ager
2-11
Chapter 2
System Administration for WebCenter Portal – WebCenter Portal Admin Role (Roadmap)
2-12
3
Starting Enterprise Manager Fusion
Middleware Control
Use Oracle Enterprise Manager Fusion Middleware Control Console to configure,
monitor, and manage WebCenter Portal. Learn how to access the console and the
home page for WebCenter Portal.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin, Operator, or Monitor role through the Oracle WebLogic Server
Administration Console.
See also, Understanding Administrative Operations, Roles, and Tools.
Topics:
•
Displaying Fusion Middleware Control Console
•
Navigating to the Home Page for WebCenter Portal
•
Navigating to Dependent Components
3.1 Displaying Fusion Middleware Control Console
System administrators can log in to Fusion Middleware Control Console and access
pages for managing Oracle WebCenter Portal. Fusion Middleware Control is usually
automatically started when you start an Oracle WebLogic Server Administration
Server. Your role determines what you can see and do after logging in.
To access the Fusion Middleware Control Console:
1. Start the Oracle WebLogic Server Administration Server using the WLST command
line or a script.
For example, use the following script:
DOMAIN_HOME/bin/startWebLogic.sh
2. Enter the following URL in your browser: http://hostname.domain:port/em
For example: http://myhost.mycompany.com:7001/em
The port number is the port number of the Administration Server. By default, the
port number is 7001. The port number is listed in config.xml:
•
On Windows: DOMAIN_HOME\config\config.xml
•
On UNIX: DOMAIN_HOME/config/config.xml
3-1
Chapter 3
Navigating to the Home Page for WebCenter Portal
3. Enter valid administrator User Name and Password details for the domain.
The default user name for the administrator user is weblogic. This is the account
you can use to log in to Fusion Middleware Control for the first time.
4. Click Login.
The first page you see is the Domain home page (Figure 3-1). You can view this
page at any time by selecting the name of the domain in the navigation pane.
Tip:
If you are unable to log in, try logging in to the WebLogic Administration
Console to confirm your host/port/credentials. The Weblogic Admin Console is
accessible at the same host/port as Fusion Middleware Control: http://
host.domain:port/console.
Figure 3-1
Domain Home Page
From the navigation pane, you can drill down to view and manage all components in
your domain, including WebCenter Portal.
3.2 Navigating to the Home Page for WebCenter Portal
This section includes the following topics:
•
Home Page for WebCenter Portal.
•
Navigating to the WebCenter Portal Home Page.
3-2
Chapter 3
Navigating to the Home Page for WebCenter Portal
3.2.1 Home Page for WebCenter Portal
The WebCenter Portal home page is your starting place for managing WebCenter
Portal. The page displays status, performance and availability of all the components
and tools or services that make up WebCenter Portal.
Figure 3-2
WebCenter Portal Home Page
The metrics displayed on WebCenter Portal's home page enable you to:
•
Check the status of the WebCenter Portal application and view key performance
data.
•
Quickly see whether the application is performing as expected through charts that
immediately report:
–
availability and performance issues with pages, and portlets
–
general health of the WebLogic Server and the back-end LDAP server
Hover over the links in the WebCenter Portal Metrics and WebLogic Server
Metrics sections for a brief description about the information displayed and click
the links to drill down to more detail.
•
Monitor CPU and heap memory usage charts to detect whether system resources
are running low.
3-3
Chapter 3
Navigating to the Home Page for WebCenter Portal
•
Track overall response time compared with the user access rate to see how the
application performs under different loads and to diagnose system resource
issues.
•
Quickly see which portals are used the most, and then drill down to see the
slowest performers, and determine which portals are recording the most errors.
•
View status and key performance metrics for WebCenter Portal tools/services
used in the application.
•
Drill down to detailed performance information for individual portals, tools/services,
external applications, portlets, and producers.
•
Navigate to other key components, including the WebLogic Server managed
server on which the WebCenter Portal application is running, and the MDS
repository.
Note:
To find out more about the performance metrics displayed on the home page,
what to look out for, and how to diagnose issues with your installation, see
Using Key Performance Metric Data to Analyze and Diagnose System Health .
The home page for WebCenter Portal also displays a WebCenter Portal menu.
Figure 3-3
Menu for the WebCenter Portal Application
From the WebCenter Portal menu, you can:
•
Drill down to detailed performance metrics for all components
•
Select and chart live metrics
3-4
Chapter 3
Navigating to the Home Page for WebCenter Portal
•
Start and stop the WebCenter Portal application
•
Analyze diagnostic information and configure logs
•
Export and import the WebCenter Portal application
•
Register and manage portlet producers
•
Configure application settings
•
Manage back-end services
•
Manage external applications
•
Configure security policies and roles
•
Configure ADF and MDS options
•
View web services-related information
3.2.2 Navigating to the WebCenter Portal Home Page
To navigate to the main home page for WebCenter Portal:
1. Log on to Fusion Middleware Control.
2. Click the Target Navigation icon at the top of the page.
3. In the Target Navigation, expand WebCenter > Portal > Server.
4. Select WebCenter Portal (WC_Portal) to navigate to the home page for your
WebCenter Portal installation (Figure 3-4).
Figure 3-4
Navigating to the WebCenter Portal Home Page
Notice how the Navigator menu changes to WebCenter Portal.
3-5
Chapter 3
Navigating to Dependent Components
Figure 3-5
Displaying the WebCenter Portal Home Page and Menu
Another way to access the context menu for a particular component is to right-click
the node in the navigation tree. For example, if you right-click the WebCenter
Portal (WC_Portal) node (under the Server node on the left in Figure 3-4), the same
WebCenter Portal menu displays.
3.3 Navigating to Dependent Components
From WebCenter Portal pages it is easy to navigate to pages belonging to related
components, such as WebLogic Server domains, servers, Java components, and
MDS repository.
On the WebCenter Portal home page, click the links in the Related Components
section to navigate to WebCenter Portal application itself, WebLogic Server installation
pages, or MDS repository pages in Fusion Middleware Control. See also, Navigating
to the Home Page for WebCenter Portal.
3-6
4
Starting and Stopping Managed Servers
and Applications for Oracle WebCenter
Portal
Most configuration changes that you make to WebCenter
Portal through Fusion Middleware Control or WLST commands are
not dynamic. For changes to take effect, you must restart managed
servers.
There are exceptions. Portlet producer and external application registrations are
dynamic. Any new portlet producers and external applications that you register are
immediately available in WebCenter Portal. Also, any changes to existing connections
take effect immediately.
Note:
Beginning with 12c (12.2.1.3.0), Oracle WebCenter Portal has deprecated
support for Jive features (announcements and discussions). If you are
upgrading from a prior release, these features remain available in your existing
installations that are being upgraded.
This chapter includes the following topics:
•
Starting Node Manager
•
Starting and Stopping Managed Servers for WebCenter Portal Application
Deployments
•
Starting and Stopping the WebCenter Portal Application
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin, or Operator role through the Oracle WebLogic Server
Administration Console.
See also, Understanding Administrative Operations, Roles, and Tools.
4-1
Chapter 4
Starting Node Manager
Note:
You can perform all start and stop operations from the Oracle WebLogic
Server Administration Console too. See Starting and Stopping Servers in
Administering Server Startup and Shutdown for Oracle WebLogic Server.
Node Manager must be running before you can start and stop administration
servers, managed servers, and WebCenter Portal through Fusion Middleware
Control or Oracle WebLogic Server Administration Console. Alternatively, you
can start administration servers or managed servers from the command line
using the startWeblogic.sh or startManagedWebLogic.sh scripts, respectively.
4.1 Starting Node Manager
Node Manager must be running before you can start and stop administration servers,
managed servers, and WebCenter Portal through Fusion Middleware Control or
Oracle WebLogic Server Administration Console.
For information on how to start Node Manager with startNodeManager.sh, see Using
Node Manager in Administering Node Manager for Oracle WebLogic Server.
4.2 Starting and Stopping Managed Servers for WebCenter
Portal Application Deployments
This section includes the following sections:
•
Oracle WebCenter Portal Managed Servers
•
Starting and Stopping Managed Servers
4.2.1 Oracle WebCenter Portal Managed Servers
Most WebCenter Portal configuration changes that you make, through Fusion
Middleware Control or using WLST, are not dynamic; you must restart the managed
server on which the application is deployed for your changes to take effect.
When you start or restart a managed server, all applications deployed on the managed
server start automatically.
Table 4-1
Oracle WebCenter Portal Managed Servers and Applications
Managed Server
Application(s)
WC_Portal
webcenter (WebCenter Portal application)
webcenter-help (WebCenter Portal Online Help)
analytics-collector (Analytics)
4-2
Chapter 4
Starting and Stopping Managed Servers for WebCenter Portal Application Deployments
Table 4-1
(Cont.) Oracle WebCenter Portal Managed Servers and Applications
Managed Server
Application(s)
WC_Portlet
portalTools (OmniPortlet)
wsrp-tools (WSRP Tools)
pagelet-producer (Pagelet Producer)
WC_Collaboration
owc_discussions (Discussions Server)
While a specific order in which to start managed servers is not mandated, if you must
start multiple managed servers, it is good practice to start the managed server on
which WebCenter Portal is deployed last.
4.2.2 Starting and Stopping Managed Servers
To start, stop, or restart a WebCenter Portal managed server through Fusion
Middleware Control:
1. Log in to Fusion Middleware Control.
2. Click the Target Navigation icon and expand WebLogic Domain in the Target
Navigation pane.
3. Expand wc_domain, and select the managed server you want to start or stop
(Figure 4-2).
The home page for the managed server displays.
Figure 4-1
Accessing Managed Server Home Page
4. From the WebLogic Server menu:
4-3
Chapter 4
Starting and Stopping the WebCenter Portal Application
•
To start the managed server, select Control > Start Up.
•
To stop the managed server, select Control > Shut Down.
Figure 4-2
Managed Server Start Up or Shut Down
Alternatively, right-click the name of the managed server in the Target Navigation
pane to access menu options for the managed server.
To start and stop WebCenter Portal managed servers using command line tools, see
Starting and Stopping Oracle WebLogic Server Instances in Administering Oracle
Fusion Middleware.
4.3 Starting and Stopping the WebCenter Portal Application
You can start, restart, and shut down WebCenter Portal by using Fusion Middleware
Control or WLST.
•
Starting WebCenter Portal Using Fusion Middleware Control
•
Stopping WebCenter Portal Using Fusion Middleware Control
•
Starting WebCenter Portal Using WLST
•
Stopping WebCenter Portal Using WLST
4.3.1 Starting WebCenter Portal Using Fusion Middleware Control
Starting WebCenter Portal makes the application available to its users; stopping it
makes it unavailable.
4-4
Chapter 4
Starting and Stopping the WebCenter Portal Application
To start WebCenter Portal through Fusion Middleware Control:
1. In Fusion Middleware Control, navigate to the home page for WebCenter Portal.
2. From the WebCenter Portal menu, select Control > Start Up.
Alternatively, right-click WC_Portal in the Target Navigation pane to access this
menu option.
A progress message displays.
3. Click Close.
Note how the application status changes to Up (Green arrow).
4.3.2 Starting WebCenter Portal Using WLST
Use the WLST command startApplication to start WebCenter Portal. For command
syntax and detailed examples, see startApplication in WLST Command Reference for
WebLogic Server.
For information on how to run WLST commands, see Running Oracle WebLogic
Scripting Tool (WLST) Commands.
4.3.3 Stopping WebCenter Portal Using Fusion Middleware Control
When you stop the WebCenter Portal application no one can use it. Stopping an
application does not remove its source files from the server; you can later restart a
stopped application to make it available again.
When you stop WebCenter Portal, the managed server on which the WebCenter
Portal application is deployed (WC_Portal) remains available.
To stop a WebCenter Portal application through Fusion Middleware Control:
1. In Fusion Middleware Control, navigate to the home page for WebCenter Portal.
2. From the WebCenter Portal menu, select Control > Shut Down.
Alternatively, right-click WC_Portal in the Target Navigation pane to access this
menu option.
3. Click OK to continue.
A progress message displays.
4. Click Close.
Note how the status changes to Down (Red arrow).
4.3.4 Stopping WebCenter Portal Using WLST
Use the WLST command stopApplication to stop the WebCenter Portal application.
For command syntax and detailed examples, see stopApplication in WLST Command
Reference for WebLogic Server.
For information on how to run WLST commands, see Running Oracle WebLogic
Scripting Tool (WLST) Commands.
4-5
Chapter 4
Starting and Stopping the WebCenter Portal Application
4-6
Part III
Administering Tools and Services
This part of Administering Oracle WebCenter Portal provides information about the
administration tasks for tools, services, portlet producers, and external applications
used by Oracle WebCenter Portal.
•
Managing Tools and Services
•
Managing Connections to Oracle WebCenter Content Server
•
Managing Analytics
•
Managing Calendar Events
•
Integrating Other Oracle Applications
•
Managing Instant Messaging and Presence
•
Managing Mail
•
Managing People Connections
•
Managing RSS
•
Managing Oracle Secure Enterprise Search in WebCenter Portal
•
Managing Subscriptions and Notifications
•
Managing the SOA Connection for WebCenter Portal Membership Workflows
•
Managing Portlet Producers
•
Managing Pagelet Producer
•
Managing External Applications
•
Managing REST Services
5
Managing Tools and Services
WebCenter Portal supports tools and services that expose collaborative, social
networking, and personal productivity features in portals. While certain features are
available by default, for other features you need to install and configure additional
back-end servers like WebCenter Content.
Note:
Beginning with 12c (12.2.1.3.0), Oracle WebCenter Portal has deprecated
support for Jive features (announcements and discussions). If you are
upgrading from a prior release, these features remain available in your existing
installations that are being upgraded.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role in WebCenter Portal Administration.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
The tasks described are performed by a system administrator at the
application level. Working with tools and services at the portal level is an
application specialist or portal manager task, as described in the Introduction
to Portal Tools and Services in Building Portals with Oracle WebCenter Portal.
Topics:
•
About Tools and Services
•
Enabling and Disabling Tools and Services in WebCenter Portal
5.1 About Tools and Services
WebCenter Portal offers tools and services that allow portal members to collaborate
and communicate through various task flows that are associated with these tools and
services. Some tools, such as personal notes, are ready to use out-of-the-box and
require no further configuration. Other tools, such as documents, and other services,
such as mail, require connections to the back-end server and require additional
configuration.
5-1
Chapter 5
About Tools and Services
Tools and services available out-of-the-box
The following table lists the tools and services available out-of-the-box in WebCenter
Portal:
Table 5-1
Tools and services available out-of-the-box
Tools and
Services
Description
External
Repository
Analytics
Enables you to
display usage and
performance metrics
for your portal
application
Managing Analytics
Announcem
ents
Provides the ability to
post announcements
about important
activities and events
to all authenticated
users
Managing Announcements and
Discussions
Discussions
Provides the ability to
create threaded
discussions, posting
and responding to
questions and
searching for
answers
Managing Announcements and
Discussions
Documents
Provides content
management and
storage capabilities,
including file upload,
file and folder
creation and
management, file
check out, versioning,
and so on. The
documents tool also
supports the wiki and
blog functionality.
Oracle
WebCenter
Content
For More Information
Managing Connections to Oracle
WebCenter Content Server
5-2
Chapter 5
About Tools and Services
Table 5-1
(Cont.) Tools and services available out-of-the-box
Tools and
Services
Description
External
Repository
For More Information
Events
Provides the ability to
create and maintain a
schedule of events
relevant to a wider
group of
authenticated users.
Also provides access
to your personal
events from your
Outlook calendar if
the Exchange server
is configured.
Group events are available out-ofthe-box and Personal events need
additional configuration.
Links
Provides the ability to
view, access, and
associate related
information; for
example, you can link
to a document from
an event
Linking Information in WebCenter
Portal in Using Portals in Oracle
WebCenter Portal
Lists
Provides the ability to
create, publish, and
manage lists
Adding Lists of Information to a
Portal in Building Portals with Oracle
WebCenter Portal
Notes
Provides the ability to
"jot down" and retain
bits of personally
relevant information
Notifications
Provides a means of
subscribing to
services and
application objects
and, when those
objects change,
receiving notification
across one or more
messaging channels
Managing Calendar Events
Managing Subscriptions and
Notifications
5-3
Chapter 5
About Tools and Services
Table 5-1
(Cont.) Tools and services available out-of-the-box
Tools and
Services
Description
People
Connections
Provides social
networking
capabilities, such as
creating a personal
profile, displaying
current status, and
viewing other users'
activities.
External
Repository
For More Information
Configuring People Connections for
WebCenter Portal
Note: People Connection is available
out-of-the-box and need additional
configuration.
See Configuring People Connections
for WebCenter Portal
You can set options
for people connection
features.
People Connections
include:
•
•
•
•
•
Activity Stream
for viewing user
activities
generated
through
application or
social networking
actions.
Connections for
connecting to
other application
users to share
information,
comment on
performance,
exchange
messages, and
track activity
Feedback for
giving ad hoc
performance
feedback to other
users
Message Board
for posting
messages to
other users
Profile for
entering
information about
yourself and
viewing the
information of
other users
5-4
Chapter 5
About Tools and Services
Table 5-1
Tools and
Services
(Cont.) Tools and services available out-of-the-box
Description
•
External
Repository
For More Information
Publisher for
publishing status
messages and
posting files and
links
RSS
Provides the ability to
access the content of
many different web
sites from a single
location—a news
reader
Tags
Provides the ability to
assign one or more
personally-relevant
keywords to a given
page
Managing RSS
Tools and services available with additional configuration
Some Tools and services become available in WebCenter Portalwhen you configure
connections to the appropriate back-end applications. Portal managers are
responsible for managing tools and services in their individual portals. As the system
administrator, you can set up some additional configurations in the WebCenter Portal
Administration Tools and Services page.
5-5
Chapter 5
About Tools and Services
Figure 5-1
WebCenter Portal Tools and Services Page
The following table lists the tools and services that you can configure in WebCenter
Portal Cloud Administration Tools and Services page.
Table 5-2 Tools and Services Configuration in WebCenter Portal
Administration
Tool
Description
or
Servic
e
Event
s
Exter
nal
Appli
catio
ns
External Repository
More Information
Provides the ability to
create and maintain a
schedule of events
relevant to a wider group
of authenticated users.
Also provides access to
your personal events from
your Outlook calendar if
the Exchange server is
configured.
Group events are available
out-of-the-box and
Personal events need
additional configuration.
Provides an option register
new external applications,
or edit and deregister the
existing external
applications.
Managing External
Applications at Runtime.
Managing Calendar
Events
5-6
Chapter 5
About Tools and Services
Table 5-2 (Cont.) Tools and Services Configuration in WebCenter Portal
Administration
Tool
Description
or
Servic
e
External Repository
More Information
Insta
nt
Mess
aging
and
Prese
nce
(IMP)
Provides the ability to
observe the status of other
authenticated users
(online, offline, busy, or
away) and to contact them
instantly
Microsoft Exchange server
Managing Instant
Messaging and Presence
Mail
Provides access to mail
services and ability to
perform basic operations
such as read, reply, and
forward within WebCenter
Portal.
Microsoft Exchange
Server
Using Instant Messaging
and Presence Viewer in
Using Portals in Oracle
WebCenter Portal
Configuring Send Mail
Notifications for
WebCenter Portal.
Specify the default mail
client for either the local
mail client or WebCenter
Portal's mail service.
5-7
Chapter 5
About Tools and Services
Table 5-2 (Cont.) Tools and Services Configuration in WebCenter Portal
Administration
Tool
Description
or
Servic
e
Peopl
e
Conn
ectio
ns
Provides social networking
capabilities, such as
creating a personal profile,
displaying current status,
and viewing other users'
activities.
External Repository
More Information
Configuring People
Connections for
WebCenter Portal
You can set options for
people connection
features.
People Connections
include:
•
•
•
•
•
•
Activity Stream for
viewing user activities
generated through
application or social
networking actions.
Connections for
connecting to other
application users to
share information,
comment on
performance,
exchange messages,
and track activity
Feedback for giving
ad hoc performance
feedback to other
users
Message Board for
posting messages to
other users
Profile for entering
information about
yourself and viewing
the information of
other users
Publisher for
publishing status
messages and
posting files and links
5-8
Chapter 5
Enabling and Disabling Tools and Services in WebCenter Portal
Table 5-2 (Cont.) Tools and Services Configuration in WebCenter Portal
Administration
Tool
Description
or
Servic
e
Portl
et
Prod
ucers
External Repository
Provides option to register
new portlet producers, or
edit and deregister existing
portlet producers.
More Information
Managing Portlet
Producers
.
Porta
l
Serve
r
Conn
ectio
ns
Provides option to register
new portal servers for
deploying WebCenter
Portal.
Searc
h
Provides the ability to
search services, the
application, or an entire
site.
Creating a Portal Server
Connection.
Oracle Secure Enterprise
Search
Managing Search in
WebCenter Portal
Administration.
You can customize your
search setting based on
the need, change the
search scope, and
configure the filtering
options for advanced
search.
5.2 Enabling and Disabling Tools and Services in
WebCenter Portal
You, as a system administrator, are responsible for managing connections to external
servers and maintain the database schema and Metadata Service (MDS) repositories
where application data, specific to WebCenter Portal Cloud, is stored.
When a valid connection exists, the associated tool or service is available in
WebCenter Portal. With the exception of the Mail service, if the tool or service is not
part of a template, then portal managers or application specialists must enable the tool
or service within a portal. The Mail service is enabled upon portal creation, and, if it is
configured by the system administrator, then it cannot be disabled for individual
portals. If a tool is included in a portal template, then it is enabled when it is first used.
Portal Managers can manually disable a tool in the portal, with the exception of the
Mail service.
If a portal manager manually enables a tool in a portal, WebCenter Portal handles any
necessary configuration with the back-end server. For example, when the portal
5-9
Chapter 5
Enabling and Disabling Tools and Services in WebCenter Portal
manager enables discussions in a portal, WebCenter Portal configures discussions
storage for that portal on the discussions server and performs role-mapping based
authorization, that is, WebCenter Portal roles that allow users to work with the
discussions in the portal, are mapped to corresponding roles on the discussions
server. If role-mapping fails, the portal manager is notified by email, and users are
unable to access discussions.
If a tool is enabled in the template used to create a new portal, WebCenter Portal
handles the back-end server configuration when someone accesses that tool for the
first time. For example, the first time someone navigates to the Discussions page in a
portal at /webcenter/portal/PortalName/Discussions, WebCenter Portal configures
discussions storage for that portal on the discussions server, performs role-mapping
based authorization, and then the discussions page displays.
When a back-end server is not configured, intentionally or otherwise, WebCenter
Portal Cloud cannot offer features or functionality related to that tool:
•
Associated task flows are not available in the resource catalog.
•
Existing task flows display a message indicating that the tool or service is
unavailable.
•
Tool or service is not listed as available to portal managers—through the portal's
administration settings.
If a tool or service is temporarily unavailable, you can use Fusion Middleware Control
to investigate, diagnose, and solve issues relating to services. Most tools and services
are optional. If you decide not to offer a particular tool or service in your application,
temporarily or permanently, consider removing any associated task flows that display
by default out-of-the-box.
The following tools and services can be automatically enabled on first use, if the portal
template includes it:
•
Announcement
•
Discussion
•
Events
•
Lists
•
Documents
Note:
In most cases, the portal managers manage tools and services for their own
portal, but WebCenter Portal system administrators can also perform this task
if required to do so. For more details about enabling and disabling tools and
services in a portal, see Enabling and Disabling Tools and Services Available
to a Portal in Building Portals with Oracle WebCenter Portal.
5-10
6
Managing Connections to Oracle
WebCenter Content Server
You can create connections to Oracle WebCenter Content Server to enable content
integration within Oracle WebCenter Portal.
This chapter includes the following topics:
•
About Oracle WebCenter Content Server Connections
•
Prerequisites for Configuring Oracle WebCenter Content Server
•
Configuration Roadmap for Oracle WebCenter Content Server
•
Configuring Oracle WebCenter Content Server
•
Creating a Connection to Oracle WebCenter Content Server
•
Setting Connection Properties for the Default Oracle WebCenter Content Server
Connection
•
Modifying Oracle WebCenter Content Server Connection Details
•
Deleting Oracle WebCenter Content Server Connections
•
Changing the Maximum File Upload Size
•
Configuring Content Manager for Oracle Content and Experience Cloud
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role in WebCenter Portal granted through WebCenter
Portal Administration.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
6.1 About Oracle WebCenter Content Server Connections
By leveraging the functionality of Oracle WebCenter Content Server, Oracle
WebCenter Portal provides content management and storage capabilities, including
content upload, file and folder creation and management, file check out, versioning,
and so on.
To provide content integration in WebCenter Portal, you must configure at least one
WebCenter Content Server connection and mark it as the default connection
(sometimes referred to as the active or primary connection). Before creating a
connection to WebCenter Content Server, you must complete the required
prerequisites.
6-1
Chapter 6
About Oracle WebCenter Content Server Connections
Note:
WebCenter Portal supports multiple Content Server connections.
However, iFraming is supported only for the default Content Server
connection. Therefore, when portal managers set properties for the Content
Manager task flow or Content Presenter, they cannot specify a non-default
Content Server connection if these task flows will use iFrames to display file
content, such as PDF files.
Note:
It is recommended not to change the default Oracle WebCenter Content
Server connection after it has been created as this may lead to unpredictable
issues. If you encounter any issues, contact Oracle Support.
WebCenter Portal provides content integration through:
•
Content Manager task flow, which enable users to view and manage documents
and other types of content in WebCenter Content Server.
•
Content Presenter task flow, which enables end users to select content from
WebCenter Content Server in a variety of ways and then display those items using
available display templates.
•
Wiki and Blog pages, which enable users to create collaborative portal pages.
•
Content Contribution and Publishing, which enables end users to add text,
images, and video to portal pages. A connection to WebCenter Content Server is
not required for content contribution and publishing, however if a WebCenter
Content Server connection does exist, images that are stored in WebCenter
Content Server can be published in Image components and links to WebCenter
Content Server items can be added to Image and Text components.
Any portal (including the Home portal) that enables content integration has its own
document folder in the WebCenter Content Server repository identified by WebCenter
Portal's default WebCenter Content Server connection.
The content repository identified by the default WebCenter Content Server connection
must be connected to the same identity store that is used by WebCenter Portal.
Just like other service connections, post-deployment WebCenter Content Server
connections are registered and managed through Oracle Enterprise Manager Fusion
Middleware Control or using the WLST command-line tool. Connection information is
stored in configuration files and in the Oracle Metadata Services Repository.
Always use Fusion Middleware Control or the WLST command-line tool to review and
configure back-end services for WebCenter Portal. All changes that you make, post
deployment, are stored in the MDS Repository as customizations.
6-2
Chapter 6
Prerequisites for Configuring Oracle WebCenter Content Server
Note:
WebCenter Content Server connection changes that you make through Fusion
Middleware Control or using WLST are not dynamic; you need to restart the
managed server on which WebCenter Portal is deployed for your changes to
take effect.
Once connection details are defined, users can expose the content of the connected
WebCenter Content Server repository through the Content Manager and Content
Presenter task flows. For more information, see Working with Content in a Portal in
Building Portals with Oracle WebCenter Portal and Adding Content to a Portal in Using
Portals in Oracle WebCenter Portal.
Note:
Although Microsoft SharePoint is not directly supported as a back-end content
store for WebCenter Portal, it is possible to use Content Server as a repository
for SharePoint documents. For more information, see Introduction in
Administering the Oracle WebCenter Content Storage Connector for Microsoft
SharePoint.
6.2 Prerequisites for Configuring Oracle WebCenter Content
Server
Read this section to understand the prerequisites and other considerations before
continuing with Oracle WebCenter Content Server.
This section includes the following topics:
•
Installation Prerequisites for Oracle WebCenter Content Server
•
Installation Prerequisites for Inbound Refinery
•
Configuration Prerequisites for Oracle WebCenter Content Server and Inbound
Refinery
•
Security Prerequisites for Oracle WebCenter Content Server and Inbound Refinery
6.2.1 Installation Prerequisites for Oracle WebCenter Content Server
Oracle WebCenter Content Server is installed as part of Oracle WebCenter Content,
which is an Oracle Fusion Middleware component.
For more information about installing WebCenter Content, see Installing Oracle
WebCenter Content in Installing and Configuring Oracle WebCenter Content.
If you already have an earlier version of WebCenter Content Server installed, upgrade
your installation to WebCenter Content 12c prior to configuring it. For information
about upgrading to WebCenter Content 12c, see Upgrading Your Oracle WebCenter
Content Environment in Upgrading Oracle WebCenter.
6-3
Chapter 6
Prerequisites for Configuring Oracle WebCenter Content Server
6.2.2 Installation Prerequisites for Inbound Refinery
For content integration in Oracle WebCenter Portal, it is recommended that you also
install Oracle WebCenter Content: Inbound Refinery as part of the installation of
WebCenter Content.
Inbound Refinery is a conversion server that manages file conversions for electronic
assets such as documents, digital images, and motion videos. It also provides
thumbnail functionality for documents and images and storyboarding for videos. You
can use Inbound Refinery to convert content items stored in WebCenter Content
Server. Installing Inbound Refinery is described in Configuring Inbound Refinery
Settings (Single Node) in Installing and Configuring Oracle WebCenter Content.
Note:
WebCenter Content Server and Inbound Refinery must be installed in the
same domain. Oracle recommends that you install WebCenter Content Server
and Inbound Refinery in the same domain as WebCenter Portal. When they
are installed in the same domain, no additional configuration is required to use
an external LDAP authentication provider.
6.2.3 Configuration Prerequisites for Oracle WebCenter Content
Server and Inbound Refinery
After installing Oracle WebCenter Content Server and Inbound Refinery, you should
configure the initial post-intallation settings, including additional Oracle WebCenter
Portal-specific instructions.
General post-installation settings are described in Configuring the Content Server
Instance in Installing and Configuring Oracle WebCenter Content. WebCenter Portalspecific instructions are provided in the tables below. Be sure to restart the servers
after updating the settings.
Table 6-1
Configuration Prerequisites - WebCenter Content Server
Setting
Description
Server Socket Port
This is the intradoc port that WebCenter
Portal connects to using RIDC (defaults to
4444). This value is stored in the MW_HOME/
user_projects/domains/
ucm_domain/ucm/ibr/config/config.cfg
configuration file for the WebCenter Content
Server managed server as
IntradocServerPort.
Incoming Socket Connection Address
Security Filter
Server filter specifying which machines can
access WebCenter Content Server through a
socket connection. This value is stored in the
configuration file for the managed server as
SocketHostAddressSecurityFilter.
6-4
Chapter 6
Prerequisites for Configuring Oracle WebCenter Content Server
Table 6-1
(Cont.) Configuration Prerequisites - WebCenter Content Server
Setting
Description
Full Text Search
Specifies the full-text search engine.
SearchIndexerEngineName=ORACLETEXTSEARC
H is the recommended value.
(Optional, but strongly recommended)
Table 6-2
Configuration Prerequisites - Inbound Refinery
Setting
Description
Server Socket Port
This port is used for communication between
WebCenter Content Server and Inbound
Refinery. This value was entered on the postinstallation configuration page, and can be
found on the Inbound Refinery configuration
information page under Server Port. You
can also find it in the MW_HOME/
user_projects/domains/
ucm_domain/ucm/ibr/config/config.cfg file
as IntradocServerPort.
Incoming Socket Connection Address
Security Filter
Server filter specifying which machines can
access Inbound Refinery through RIDC. This
value is stored in the configuration file for the
managed server as
SocketHostAddressSecurityFilter.
6.2.4 Security Prerequisites for Oracle WebCenter Content Server and
Inbound Refinery
Oracle WebCenter Content Server and Inbound Refinery must be installed in the same
domain. Oracle recommends that you install WebCenter Content Server and Inbound
Refinery in the same domain as Oracle WebCenter Portal. When they are installed in
the same domain, no additional configuration is required to use an external LDAP
authentication provider.
WebCenter Content Server must be configured to use the same identity store LDAP
server as WebCenter Portal. For information on how to reassociate the identity store
with an external LDAP server, see Reassociating the Identity Store with an External
LDAP Server.
Oracle also recommends that you install and configure a single sign-on solution to
avoid users having to log in twice when accessing WebCenter Content Server and
other WebCenter Portal components. For more information about single sign-on
solutions, see Configuring Single Sign-On.
6-5
Chapter 6
Configuration Roadmap for Oracle WebCenter Content Server
6.3 Configuration Roadmap for Oracle WebCenter Content
Server
To provide content integration, you must configure Oracle WebCenter Content Server
to work with Oracle WebCenter Portal.
The flow chart in Figure 6-1 and tasks inTable 6-3 provide an overview of the tasks
required to configure Content Server for WebCenter Portal.
Figure 6-1
Configuring WebCenter Content Server for WebCenter Portal
6-6
Chapter 6
Configuration Roadmap for Oracle WebCenter Content Server
Table 6-3
WebCenter Portal Configuration Tasks for WebCenter Content Server
Task
Description
Documentation
Enable the mandatory
components
Mandatory
See Enabling Mandatory
Components.
You must enable the
WebCenterConfigure
component (which configures
an instance of WebCenter
Content Server for
WebCenter Portal).
You must also enable the
FrameworkFolders
component (which provides a
hierarchical folder interface to
content in WebCenter
Content Server).
Also enable the
AutoSuggestConfig compone
nt. This component sets the
necessary AutoSuggest
feature environment variables
for Web UI.
Configure the Dynamic
Converter component
Mandatory
Configure the Inbound
Refinery
Optional, but strongly
recommended
This component enables
HTML renditions. Slide
Previewer is available in
WebCenter Portal when both
DynamicConverter and the
WebCenterConfigure
components are installed.
See Configuring the Dynamic
Converter Component.
See Configuring the Inbound
Refinery.
This is a conversion server
that manages file
conversions for electronic
assets such as documents,
digital images, and motion
videos. It also provides
thumbnail functionality for
documents and images and
storyboarding for videos. You
can use Inbound Refinery to
convert content items stored
in WebCenter Content
Server.
Configure Secure Sockets
Layer (SSL) for WebCenter
Content Server
Optional, but strongly
recommended
To ensure secure identity
propagation, you should set
up SSL for WebCenter
Content Server.
See Setting Up SSL for
Oracle WebCenter Content
Server.
6-7
Chapter 6
Configuration Roadmap for Oracle WebCenter Content Server
Table 6-3 (Cont.) WebCenter Portal Configuration Tasks for WebCenter
Content Server
Task
Description
Documentation
Configure the SES Crawler
Optional
See Setting Up Oracle
WebCenter Content Server
for Oracle SES.
You can override the default
search adapters and use
Oracle SES to get unified
ranking results for
WebCenter Portal resources
such as documents, pages,
people, and so on.
Configure Site Studio
Optional, but strongly
recommended
Configuring Site Studio lets
you use Site Studio to create
and use Site Studio assets
(region definitions and
display templates) in Content
Presenter. Unless you are
absolutely sure you will not
need Site Studio, Oracle
strongly recommends
installing and configuring it so
you don't have to come back
to it later.
Enable a Full-Text Search
Option
Optional, but strongly
recommended
See Setting Up Site Studio.
See also Oracle Site Studio
Software Suite in Managing
Oracle Site Studio.
See Enabling Full-Text
Search.
Although configuring full-text
searching and indexing
capabilities is nominally
optional, Oracle strongly
recommends that you use the
OracleTextSearch search
option for full-text search.
Note that this option should
only be used in conjunction
with an Oracle database. For
MS-SQL, use the
DATABASE.FULLTEXT
option.
Create Content Profiles
Optional
Users have the option to
upload content based on
Content Profiles
See Creating Content
Profiles in Oracle WebCenter
Content Server.
6-8
Chapter 6
Configuring Oracle WebCenter Content Server
Table 6-3 (Cont.) WebCenter Portal Configuration Tasks for WebCenter
Content Server
Task
Description
Documentation
Enable Digital Asset Manager
Optional
See Enabling Digital Asset
Manager.
If you want to use Content
Presenter to use different
renditions of images in your
portal, you may want to
enable Digital Asset Manager
(DAM) in WebCenter Content
Server.
Additional Optional
Configurations
Optional
Register Content Server
Mandatory
After completing the rest of
your configuration, you can
optionally configure desktop
integration, configure the
FileStore Provider
component, and set up Node
Manager.
Although in most cases the
connection will be configured
when WebCenter Portal first
starts up, you should at least
test it to make sure it has
been configured correctly for
your environment, and that
data has been correctly
seeded.
Enable Annotations for
WebCenter Content Server
Optional
To work with annotations in
WebCenter Content, you
need to have one of the
following permissions:
•
•
•
See Additional Optional
Configurations for Oracle
WebCenter Content Server.
See Configuring the Default
Oracle WebCenter Content
Server Connection for Oracle
WebCenter Portal.
See About Permissions in
Administering Oracle
WebCenter Content
Standard Annotation (S)
Restricted Annotation (T)
Hidden Annotation (H)
6.4 Configuring Oracle WebCenter Content Server
After installing or upgrading to Oracle WebCenter Content 12c, there are several
configuration tasks to perform to ensure that Oracle WebCenter Content Server works
with Oracle WebCenter Portal.
The configuration tasks are listed in Table 6-3.
6-9
Chapter 6
Configuring Oracle WebCenter Content Server
Note:
Prior to beginning the configuration you must have completed the installation
and configuration steps described in Prerequisites for Configuring Oracle
WebCenter Content Server, which define the starting point for the
configuration steps in this section.
Caution:
To avoid conflicts and ensure you can migrate documents between multiple
WebCenter Content Server instances, make sure that you have entered a
unique Auto Number Prefix for your WebCenter Content Server instance. To
check that the Auto Number Prefix is unique across WebCenter Content
Server instances, log into WebCenter Content Server and navigate to
Administration > Admin Server > General Configuration.
This section includes the following topics:
•
Enabling Mandatory Components
•
Configuring the Dynamic Converter Component
•
Configuring the Inbound Refinery
•
Setting Up SSL for Oracle WebCenter Content Server
•
Setting Up Site Studio
•
Enabling Full-Text Search
•
Creating Content Profiles in Oracle WebCenter Content Server
•
Enabling Digital Asset Manager
•
Additional Optional Configurations for Oracle WebCenter Content Server
•
Registering the Default Oracle WebCenter Content Server Repository
6.4.1 Enabling Mandatory Components
A component is a functional unit that can be plugged into Oracle WebCenter Content
Server to provide additional features or to modify existing functionality.
To prepare WebCenter Content Server for Oracle WebCenter Portal, you must:
•
Enable FrameworkFolders
For information, see Enabling the FrameworkFolders Component
•
Enable WebCenterConfigure
For information, see Enabling the WebCenterConfigure Component
•
Enable AutoSuggestConfig
AutoSuggestConfig sets the necessary AutoSuggest feature environment
variables for Web UI. For enabling the component, follow the same procedure that
6-10
Chapter 6
Configuring Oracle WebCenter Content Server
you used for enabling other components, such as FrameworkFolders and
WebCenterConfigure.
6.4.1.1 Enabling the FrameworkFolders Component
FrameworkFolders provides a hierarchical folder interface similar to a conventional file
system, for organizing and locating some or all of the content in Oracle WebCenter
Content Server. In addition, it enables you to use WebCenter Content Server mobile
applications to access content in portals and leverage the ADF content UI.
To enable the FrameworkFolders component:
1. Log on to WebCenter Content Server as an administrator.
2. From the Main menu, choose Administration, then Admin Server, then
Component Manager.
3. On the Component Manager page, select the FrameworkFolders check box.
4. Click Update.
5. Click Advanced Component Manager.
6. On the Advanced Component Manager page, ensure that:
•
FrameworkFolders is listed in the Enabled Components section
•
Folders_g is listed in the Disabled Components section
7. Restart the WebCenter Content Server instance.
6.4.1.2 Enabling the WebCenterConfigure Component
You must enable the WebCenterConfigure component to configure Oracle WebCenter
Content Server for Oracle WebCenter Portal.
Table 6-4 describes the tasks performed in WebCenter Content Server when you
enable this component.
To enable the WebCenterConfigure component:
1. Log on to WebCenter Content Server as an administrator.
2. From the Main menu, choose Administration, then Admin Server, then
Component Manager.
3. On the Component Manager page, select the WebCenterConfigure check box.
Tip:
On the Component Manager page, you can choose to select other
components like Dynamic Converter if you plan to use them as you'll
otherwise need to enable them later.
4. Click Update.
5. Click Advanced Component Manager.
6. On the Advanced Component Manager page, ensure that WebCenter Configure is
listed in the Enabled Components section.
7. Restart the WebCenter Content Server instance.
6-11
Chapter 6
Configuring Oracle WebCenter Content Server
Enabling the WebCenterConfigure component performs the following tasks in
WebCenter Content Server:
Table 6-4
Tasks Associated with the WebCenterConfigure Component
Tasks
Pointers to Verify the Completion of Tasks
Enables accounts
Content Server > Administration > Admin
Server > General Configuration > Enable
Accounts checkbox
or
MW_HOME/user_projects/domains/
ucm_domain/ucm/cs/config/config.cfg file.
The setting in this file is UseAccounts=1.
Allows updates to documents that are yet to
be released
Content Server > Administration > Admin
Server > General Configuration > Additional
Configuration Variables
or
MW_HOME/user_projects/domains/
ucm_domain/ucm/cs/config/config.cfg
The setting is AllowUpdateForGenwww=1
Adds metadata fields:
•
xWCTags
•
xWCPageId
•
xWCWorkflowAssignment
•
xWCWorkflowApproverUserList
Sets Folder settings if the Folders_g
component is enabled:
•
•
System Default Information Field
Configuration: Doc Type = Document
Information Field Inherit Configuration
xWCWorkflowAssignment
You can view, edit, and add metadata fields
here: Content Server > Administration >
Admin Applets > Configuration Manager >
Information Fields tab.
Content Server > Administration > Folder
Configuration > System Default Information
Field Configuration
Content Server > Administration > Folder
Configuration > Information Field Inherit
Configuration
xWCWorkflowApproverUserList
Adds the WCWorkflowApproverUserToken
workflow token
Content Server > Administration > Admin
Applets > Workflow Admin > Options >
Tokens menu
Adds three DynamicConverter templates
If the DynamicConverter component is
enabled, the DynamicConverter service is
called to create the three DynamicConverter
templates:
•
•
•
SLIDE-PREVIEW
SLIDE-PREVIEW-TEXT
SLIDE-PREVIEW-LARGE
6-12
Chapter 6
Configuring Oracle WebCenter Content Server
Table 6-4
(Cont.) Tasks Associated with the WebCenterConfigure Component
Tasks
Pointers to Verify the Completion of Tasks
Overrides certain behavior of the Site Studio
Switch Content wizard to make Site Studio
work in WebCenter Portal
This provides access to the Site Studio
Switch Content wizard and the Site Studio
Contributor editor from within Content
Presenter to allow for adding and editing Site
Studio documents from WebCenter Portal.
•
The contentwizard.hcsp and
contentwizard.js files are copied from
the /WebCenterConfigure.zip/
component/WebCenterConfigure/
publish/contentwizard/ directory to the
OCS_HOME/cs/weblayout/
resources/wcm/custom/sitestudio/
contentwizard/webcenter/ directory.
•
The wcm.sitestudio.form.js file is
copied from the /
WebCenterConfigure.zip/component/
WebCenterConfigure/publish/
contentwizard/ directory to the
OCS_HOME/cs/weblayout/
resources/wcm/custom/sitestudio/
directory.
6.4.2 Configuring the Dynamic Converter Component
Configure the Dynamic Converter component to enable the Slide Previewer capability
in Oracle WebCenter Portal.
The Slide Previewer makes use of the HTML renditions generated on the fly by the
Dynamic Converter.
Note:
The Inbound Refinery must also be configured or any previews will fail. See
Configuring the Inbound Refinery for the steps to configure the Inbound
Refinery.
The configuration for the Dynamic Converter consists of two steps:
•
Enabling the Dynamic Converter. See Enabling the Dynamic Converter
Component.
Tip:
You may have already enabled the Dynamic Converter when you were
enabling the mandatory components.
6-13
Chapter 6
Configuring Oracle WebCenter Content Server
•
Defining the file types for which the Dynamic Converter is available. See
Specifying the File Type, File Size, and Timeout Settings.
6.4.2.1 Enabling the Dynamic Converter Component
The Dynamic Converter generates HTML renditions on the fly that can be used by the
Slide Previewer in Oracle WebCenter Portal.
To enable the Dynamic Converter component:
1. Log on to WebCenter Content Server as an administrator.
2. From the Main menu, choose Administration, then Admin Server, then
Component Manager.
3. On the Component Manager page, select the DynamicConverter checkbox.
4. Click Update.
5. Restart the WebCenter Content Server instance.
6.4.2.2 Specifying the File Type, File Size, and Timeout Settings
After enabling the Dynamic Converter component, you must define the file types for
which Dynamic Converter is available. You can also specify the maximum file size that
can be processed by Dynamic Converter and amount of time after which conversion
operations will fail.
To set the file types supported, the maximum file size allowed, and the timeout
settings in Dynamic Converter:
1. Log on to WebCenter Content Server as an administrator.
2. From the Main menu, choose Administration, then Dynamic Converter Admin,
then Configuration Settings.
Note:
The Dynamic Converter Admin menu option is not visible until after you
restart the WebCenter Content Server instance after enabling the Dynamic
Converter component.
3. In the Conversion Formats section, select the file formats from the drop-down list
for which the Dynamic Converter will be enabled. Choose all the document formats
for which you want to be able to generate HTML renditions, such as Word, Excel,
PowerPoint, and PDF.
4. In the Maximum File Size field, specify the maximum size of files that Dynamic
Converter will process.
5. In the Time Out field, specify the amount of time after which dynamic conversions
that take longer will fail.
6-14
Chapter 6
Configuring Oracle WebCenter Content Server
Note:
For information about specifying the maximum upload size for files uploaded
using Content Manager or through features such as a wiki, blog, or activity
stream, see Oracle WebCenter Portal Configuration. For information about
setting the timeout settings on the Inbound Refinery server, see Specifying the
Timeout Setting for File Conversions.
6.4.3 Configuring the Inbound Refinery
The Inbound Refinery is a conversion server that manages file conversions for
electronic assets such as documents, digital images, and motion videos. It also
provides thumbnail functionality for documents and images and storyboarding for
videos.
Optional, but strongly recommended
You can use Inbound Refinery to convert content items stored in Oracle WebCenter
Content Server. Note that if you enabled the DynamicConverter component (used to
generate slide previews), you must also configure the IBR.
To configure Inbound Refinery, you must set up an outgoing provider from WebCenter
Content Server to Inbound Refinery, and specify the file types that will be converted.
Although optional, you may also want to enable the conversion of wikis and blogs to
PDF.
Prior to configuring Inbound Refinery, you should have installed Inbound Refinery, and
completed the initial post-install configuration as described in Configuration
Prerequisites for Oracle WebCenter Content Server and Inbound Refinery.
This section contains the following subsections:
•
Creating an Outbound Provider
•
Selecting the File Formats To Be Converted
•
Enabling the Conversion of Wikis and Blogs into PDFs
•
Specifying the Timeout Setting for File Conversions
6.4.3.1 Creating an Outbound Provider
Before Oracle WebCenter Content Server can send files to Inbound Refinery for
conversion, you must set up an outgoing provider from WebCenter Content Server to
the Inbound Refinery with the Handles Inbound Refinery Conversion Jobs option
checked.
To create an outbound provider:
1. From the WebCenter Content Server Administration menu, select Providers.
2. In the Create a New Provider section of the Providers page, click Add in the
outgoing row.
3. Enter values for these fields:
•
Provider Name: Any short name with no spaces describing the Inbound
Refinery instance the outgoing provider is for. It is a good idea to use the same
name as the Inbound Refinery Instance Name.
6-15
Chapter 6
Configuring Oracle WebCenter Content Server
•
Provider Description: A description of the outgoing provider.
•
Server Host Name: The name of the host machine where the Inbound
Refinery instance is running (for example, myhost.example.com).
•
HTTP Server Address: The address of the Inbound Refinery instance (for
example, http://myhost.example.com:16250 where 16250 is the web port).
•
Server Port: The IntradocServerPort value for the Inbound Refinery instance.
This value was entered on the post-installation configuration page, and can be
found on the Inbound Refinery configuration information page under Server
Port. You can also find it in the MW_HOME/user_projects/domains/
ucm_domain/ucm/ibr/config/config.cfg file as IntradocServerPort.
To display the Inbound Refinery configuration information page:
a.
Log in to WebCenter Content Server and choose Administration >
Configuration for instanceName.
b.
Click Server Configurations to display the server configurations.
Or log into the IBR at Administration > Admin Server > General
Configuration.
•
Instance Name: The instance name for Inbound Refinery (the IDC_Name value
in the config.cfg file). This value was entered on the post-installation
configuration page as Server Instance Name. To find the instance name, log
into the Inbound Refinery, and navigate to Administration -> Configuration
for instanceName.
•
Relative Web Root: The web root of the Inbound Refinery instance (for
example, /ibr/).
4. Under Conversion Options, check Handles Inbound Refinery Conversion Jobs.
Do not check Inbound Refinery Read Only Mode.
5. Click Add.
6. Restart WebCenter Content Server.
7. Go back to the Providers page, and check that the Connection State value is good
for the provider.
If the value is not good, double-check that you entered all the preceding entries
correctly, and check that the WebCenter Content Server and Inbound Refinery
instances can ping each other.
6.4.3.2 Selecting the File Formats To Be Converted
To tell Oracle WebCenter Content Server which files to send to Inbound Refinery to be
converted, you need to select the file formats.
To select the file formats to be converted:
1. From the WebCenter Content Server Administration menu, select Refinery
Administration and then File Formats Wizard.
6-16
Chapter 6
Configuring Oracle WebCenter Content Server
Note:
Refinery Administration is not listed when there is no valid outgoing provider
to an Inbound Refinery instance.
WebCenter Content Server displays the File Formats Wizard page. This page
configures which file formats will be sent to Inbound Refinery for conversion when
they are checked into WebCenter Content Server.
2. Select the file formats that you want to be converted.
Make sure you check all the file types you want sent to Inbound Refinery for
conversion. Do not check HTML, and also do not check wiki and blog unless you
have enabled their conversion through the WebCenterConversions component as
described in Enabling the Conversion of Wikis and Blogs into PDFs.
3. Click Update.
6.4.3.3 Enabling the Conversion of Wikis and Blogs into PDFs
Enabling the conversion of wikis and blogs into PDFs requires you to first install the
WebCenterConversions component, then configure OpenOffice, which converts HTML
to PDF, in the Inbound Refinery server and Oracle WebCenter Content Server
respectively.
Optional
The WebCenterConversions component adds the HtmToPDFOpenOffice conversion
option, which makes use of OpenOffice conversion in Inbound Refinery (and therefore
requires OpenOffice to be configured for that Inbound Refinery).
Note that you must complete the steps below in sequence. If you enable Wiki and
Blogs by selecting them in the file Formats Wizard without first installing and enabling
the Inbound Refinery, the Wiki and Blogs documents will be stuck in the Inbound
Refinery conversion queues.
Note:
Only images that have been added through the Rich Text Editor (RTE) using
the Embed Image feature are visible in the generated PDF. Images referenced
with an external URL do not display in the PDF. For information on the RTE,
see Using the Rich Text Editor (RTE) in Using Portals in Oracle WebCenter
Portal.
See also, File Formats Converted to PDF by Open Office in Managing Oracle
WebCenter Content.
Before you can enable conversion of wikis and blogs into PDFs in WebCenter Portal,
ensure you have done the following:
•
Set up the OpenOffice integration with Inbound Refinery. See Configuring Inbound
Refinery to Use OpenOffice in Managing Oracle WebCenter Content.
6-17
Chapter 6
Configuring Oracle WebCenter Content Server
•
Set up the path to the OpenOffice class files. See Setting Classpath to OpenOffice
Class Files in Managing Oracle WebCenter Content.
To enable conversion of wikis and blogs into PDFs in WebCenter Portal:
1. Install the WebCenterConversion component:
a. Log in to the Inbound Refinery server.
b. Click Administration and then select Admin Server.
The Inbound Refinery Admin Server page displays.
c. In the Component Manager, click the advanced component manager link.
The Advanced Component Manager page displays.
d. In the Install New Component section, select the path to the
WebCenterConversions.zip, then click Install.
The WebCenterConversions.zip can be found under MW_HOME/wcportal/install/.
The WebCenterConversion component displays in the Disabled Components
box.
e. Select WebCenterConversion and click Enable.
f. Restart the Inbound Refinery server.
2. Enable Inbound Refinery to integrate with OpenOffice:
a. Log in to the Inbound Refinery server again.
b. Click Administration and then select Admin Server.
The Inbound Refinery Admin Server page displays.
c. In the Component Manager, select the OpenOfficeConversion check box.
d. Restart the Inbound Refinery server.
3. Enable the WebCenterConversion component:
a. In the Inbound Refinery server, under Conversion Settings, click the
Conversion Listing link.
This displays the Conversion Listing page.
b. In the Conversions table, select the Accept check box for HtmToPDFOpenOffice,
and click Update.
The Wiki and Blog options will now appear in WebCenter Content Server's File
Formats Wizard in the associated WebCenter Content Server instance.
4. Enable Wikis and Blogs to be converted to PDFs in WebCenter Content Server:
a. Log in to WebCenter Content Server.
b. Expand the Administration node, then Refinery Administration, and then
click File Formats Wizard.
c. Under Select File Types, select the Wiki and Blogs check boxes and click
Update.
5. Enable the PDF conversion in Inbound Refinery:
6-18
Chapter 6
Configuring Oracle WebCenter Content Server
a. Log in to the Inbound Refinery server again.
b. Select Conversion Settings, and then select Primary Web Rendition.
c. Check the Convert to PDF using Open Office option.
d. Click Update.
6.4.3.4 Specifying the Timeout Setting for File Conversions
You can optionally set the maximum and minimum amount of time for which Inbound
Refinery will process the different conversion operations.
To set the timeout settings for conversion operations:
1. Log on to the Inbound Refinery server.
2. Under Settings, select Timeouts.
3. Specify the minimum and maximum timeout settings for the various conversion
operations as required.
4. Click Update.
Note:
For information about setting the timeout settings in Dynamic Converter, see
Specifying the File Type, File Size, and Timeout Settings.
6.4.4 Setting Up SSL for Oracle WebCenter Content Server
If Oracle WebCenter Portal and the Oracle WebCenter Content Server you intend to
use for your content repository are not on the same system or the same trusted private
network, then identity propagation is not secure.
To ensure secure identity propagation you must also configure SSL for WebCenter
Content Server.
6.4.5 Setting Up Site Studio
Configuring Site Studio lets you use Site Studio to create and use Site Studio assets
(region definitions and display templates) in Content Presenter.
Optional, but strongly recommended
Although configuring Site Studio is strictly speaking optional, without it you will not be
able to create and use Site Studio-related assets in Content Presenter. Unless you are
absolutely sure you will not need Site Studio, we strongly recommend installing and
configuring it now rather than having to come back to it later.
To enable Site Studio:
1. Log in to WebCenter Content Server and open the Admin Server Page.
The Component Manager Page displays.
2. Click All Features.
All components from the Document Management, Folders, Inbound Refinery,
Integration, and Web Content Management categories are displayed.
6-19
Chapter 6
Configuring Oracle WebCenter Content Server
3. Select the checkbox for each component you want to enable. The following
components should be enabled:
•
LinkManager
•
SiteStudio
•
DBSearchContainsOpSupport (required for Full Text Search)
•
PortalVCRHelper
4. Click Update.
5. Restart the WebCenter Content Server instance.
6. Log back into WebCenter Content Server and open the Administration page.
7. Select Site Studio Administration, and then Set Default Project Document
Information.
8. Accept the defaults and click Update.
9. Select Site Studio Administration, and then Set Default Web Asset Document
Information.
10. Accept the defaults and click Update.
11. To use the Site Studio Designer, log into the WebCenter Content Server console,
navigate to My Content Server > My Downloads, then download and install Site
Studio Designer.
After setting up Site Studio, start (or restart) Oracle WebCenter Portal to seed the
WebCenter Content Server instance with the appropriate assets, such as the
RD_ARTICLE region definition.
6.4.5.1 Enabling the iFraming UI
If you want Site Studio to be displayed in Content Presenter using inline frames rather
than in separate windows, and Oracle WebCenter Portal and Oracle WebCenter
Content Server are not in the same domain (in terms of their web address), you must
configure the Oracle HTTP Server (OHS).
Notes:
•
Before enabling support for iFraming, you should already have installed
and configured OHS as described in Installing and Configuring Oracle
HTTP Server.
•
While Content Presenter allows specifying a different Content Server
connection, iFraming is supported only for the default Content Server
connection.
To enable the iFraming UI:
1. Open the mod_wl_ohs.conf file and make sure it points to the right WebCenter
Content Server instance.
The default location of this file is: OHS_HOME/Oracle_WT1/instances/instance1/
config/OHS/ohs1/mod_wl_ohs.conf
6-20
Chapter 6
Configuring Oracle WebCenter Content Server
2. Update the connection property of the Content Server to webContextRoot='/cs'.
Note:
This setting should never be set if OHS is not set up or is not working
correctly.
3. Configure OHS by updating the mod_wl_ohs.conf file with the WebCenter Content
Server and adfAuthentication protected URI information.
For example:
<Location /cs>
SetHandler weblogic-handler
WeblogicHost example.com
WeblogicPort 9400
</Location>
<Location /adfAuthentication>
SetHandler weblogic-handler
WeblogicHost example.com
WeblogicPort 9400
</Location>
If your WebCenter Content Server is configured with the Oracle AutoVue VueLink
servlet, include the additional entry:
<Location /vuelink>
SetHandler weblogic-handler
WeblogicHost example.com # Same as /cs entry
WeblogicPort 9400
# Same as /cs entry
</Location>
Note that since WebCenter Portal is now front-ended by OHS, when you access
WebCenter Portal you need to do so through OHS. Consequently, you would access
your application using the following URL:
http://host:OHSPort/webcenter
For example:
http://my.example.com:7777/webcenter
6.4.6 Enabling Full-Text Search
By default, the database used by Oracle WebCenter Content Server is set up to
provide metadata-only searching and indexing capabilities. However, you can modify
the default configuration of the database to additionally support full-text searching and
indexing.
Optional, but strongly recommended
Although nominally optional, Oracle recommends that you implement full-text search
using the OracleTextSearch option.
For more information, see Configuring OracleTextSearch for Content Server in
Installing and Configuring Oracle WebCenter Content, and Site Studio Integration in
Managing Oracle WebCenter Content.
6-21
Chapter 6
Configuring Oracle WebCenter Content Server
6.4.7 Creating Content Profiles in Oracle WebCenter Content Server
Users have the option to upload content using Content Server Profiles.
Optional
For more information on WebCenter Content Server Profiles, see Managing Content
Profiles in Managing Oracle WebCenter Content.
You can use the content check-in page to check files into WebCenter Content Server.
Required fields are indicated by an asterisk (*). All content profiles must include the
mandatory fields, otherwise the check-in will fail.
In addition to the mandatory fields needed to upload files to WebCenter Content
Server, for the upload profiles to work correctly in Document Library and Oracle
WebCenter Portal, the WebCenter Content Server profiles should also contain the
following fields:
•
xCollectionID - for the folder name to be persisted
•
xIdcProfile - for the profile value to be persisted
•
dRevLabel - required by the CHECKIN_SEL_FORM API to enable a new version to be
checked in
These fields can be added as hidden fields to the profile.
6.4.8 Enabling Digital Asset Manager
For full image rendition support, the Oracle WebCenter Content Server where your
images are checked in must have Digital Asset Manager (DAM) enabled.
Optional
For example, you may want to use a large, high resolution image when the page
containing the image is displayed using a desktop browser; a smaller, lower resolution
image for display on a mobile phone; and a medium-sized, but still low resolution
image for display on a tablet.
When DAM is enabled, different renditions are automatically created when an image is
checked in, determined by the rendition set specified during check in. DAM provides
some built-in rendition sets but the Content Server administrator can also create new
rendition sets. The individual renditions can then be referenced by name in Content
Presenter display templates by using the appropriate EL expression.
If DAM is not enabled, there is limited support only for image renditions through
Inbound Refinery with web and thumbnail renditions.
For more information about enabling DAM and creating rendition sets, see Working
with Image and Video Conversions in Managing Oracle WebCenter Content.
Note:
Oracle WebCenter Portal supports multiple renditions for images only, not
video.
6-22
Chapter 6
Configuring Oracle WebCenter Content Server
6.4.9 Additional Optional Configurations for Oracle WebCenter
Content Server
This section describes additional optional configurations that are not required for
Oracle WebCenter Content Server to function correctly, but nonetheless offer value
and comprise best practices for a WebCenter Content Server enterprise installation.
This section includes the following topics:
•
Configuring Oracle WebCenter Content Server for Desktop
•
Configuring the File Store Provider
•
Setting Up Node Manager
•
Configuring Localization Properties
•
Showing and Hiding the Wiki Markup Tab in the Rich Text Editor
•
Disabling Text Wrapping in the Rich Text Editor
6.4.9.1 Configuring Oracle WebCenter Content Server for Desktop
Oracle WebCenter Content: Desktop provides convenient access to Oracle
WebCenter Content Server files from a number of familiar desktop applications, such
as Windows Explorer, Microsoft Office applications (Word, Excel, and Powerpoint),
email clients (Microsoft Outlook and Lotus Notes), and web browsers (Internet
Explorer, Mozilla Firefox, and Google Chrome).
For the Desktop client software to connect to WebCenter Content Server, the following
system component must be enabled on the server:
•
CoreWebdav, which provides core WebDAV capabilities for the content management
integrations.
In addition, you must also enable the following components:
•
DesktopIntegrationSuite, which handles core content management integration
functions on the server.
•
DesktopTag, which manages custom properties in Microsoft Office files that are
used for content tracking purposes, and also provides the workflow processing
functionality in Microsoft Office applications.
•
Framework Folders, which enables the content folders in the integration hierarchy.
You can also enable the following component:
•
EmailMetadata, which maps email message fields to email metadata fields and is
also required for dragging and dropping emails into content folders in Microsoft
Outlook and Lotus Notes.
To configure WebCenter Content Server for Desktop:
1.
Log in to WebCenter Content Server.
2.
In the WebCenter Content Server Administration tray or menu, choose an
Admin Server, then Component Manager.
3.
On the Component Manager page, select Folders to display the Folders category
of components.
4.
Select the FrameworkFolders component.
6-23
Chapter 6
Configuring Oracle WebCenter Content Server
5.
Select the DesktopIntegrationSuite, DesktopTag, and, optionally, the
EmailMetadata components.
6.
Click the Update button, and then click OK to confirm your selections.
7.
In the first paragraph of the Component Manager page, click advanced
component manager.
8.
In the Disabled Components box on the Advanced Component Manager page,
select FolderStructureArchive, and click the Enable button.
9.
Make sure that the CoreWebdav component is enabled:
a.
Under Category Filters on the Advanced Component Manager page, select
Show System Components.
b.
If CoreWebdav is not in the Enabled Components box, select CoreWebdav in
the Disabled Components box, and click the Enable button.
10. Restart WebCenter Content Server.
For additional configuration information for Desktop, see Managing Desktop in
Managing Oracle WebCenter Content.
The Desktop client software must be installed on the computers of users wishing to
use desktop integration. For more information, see Setting Up the Desktop Client
Software on Your Computer in Using Oracle WebCenter Content: Desktop.
6.4.9.2 Configuring the File Store Provider
A file store for data management is used in Oracle WebCenter Content Server instead
of the traditional file system for storing and organizing content.
The File Store Provider component is installed, enabled, and upgraded by default for a
new WebCenter Content Server instance (with no documents in it). The File Store
Provider component automatically upgrades the default file store (DefaultFileStore) to
make use of functionality exposed by the component, including modifying the web,
vault, and web URL path expressions.
The File Store Provider component exposes the file store functionality in the
WebCenter Content Server interface and allows additional configuration options. For
example, you can configure the WebCenter Content Server instance to use binary
large object (BLOB) data types to store content in a database, instead of using a file
system.
With File Store Provider, checked-in content and associated metadata are examined
and assigned a storage rule based on criteria established by a system administrator.
Criteria can include metadata, profiles, or other considerations. The storage rule
determines how vault and web files are stored by the WebCenter Content Server
system and how they are accessed by a web server.
The File Store Provider component enables you to define data-driven rules to store
and access content managed by the WebCenter Content Server system. The
configuration steps below create a storage rule that ensures content is stored in the
database rather than on the file system.
To create a storage rule:
1. Log in to the WebCenter Content Server instance as system administrator.
2. Select Administration, then Providers.
6-24
Chapter 6
Configuring Oracle WebCenter Content Server
The Providers Page displays.
3. Click Info in the Action column next to the DefaultFileStore provider.
The File Store Provider Information Page displays.
4. Specify a name for the rule (for example, DBStorage) and select JDBC Storage.
5. Click OK.
The Edit File Store Provider Page displays.
6. Click Update.
7. Restart the WebCenter Content Server instance.
6.4.9.3 Setting Up Node Manager
As an additional step to configuring and managing Oracle WebCenter Content Server
and the other servers in the domain in which it resides, you may want to consider
using Oracle WebLogic Server Node Manager. Node Manager lets you start and stop
WebLogic Server instances remotely, monitor them, and automatically restart them
after an unexpected failure.
You can configure WebCenter Content Server, the Administration Server, and Node
Manager to work together in a WebLogic Server domain. Node Manager is installed on
all the machines that host any server instance. For more information about using Node
Manager, see Using Node Manager with Oracle WebCenter Content in Installing and
Configuring Oracle WebCenter Content.
6.4.9.4 Configuring Localization Properties
To ensure the Content Manager task flow works and displays proper translations on
non-English locales, you need to configure Content Server for localization.
To configure enable or disable locales on Content Server:
1. Log on to WebCenter Content as an administrator.
2. From the Main menu, choose Administration, and then Localization.
3. Select the check boxes for the required locales.
4. Click Update.
6.4.9.5 Showing and Hiding the Wiki Markup Tab in the Rich Text Editor
When creating or editing a wiki document in the Rich Text Editor (RTE), the Wiki
Markup tab is hidden by default. To show and hide the Wiki Markup tab, you can edit
the configuration file blog-wiki-config.xml.xml.
Optional
WARNING:
Switching between the Wiki Markup tab and other tabs in the RTE may cause
data loss. For this reason, the Wiki Markup tab is disabled by default. Before
you enable the Wiki Markup tab, consider potential issues that may result.
6-25
Chapter 6
Configuring Oracle WebCenter Content Server
To show and hide the Wiki Markup tab for portals:
1. Export the latest configuration file blog-wiki-config.xml.xml from MDS:
exportMetadata(application='webcenter', server='WC_Portal', toLocation='/scratch/
aime1', docs='/oracle/webcenter/doclib/config/mdssys/cust/site/webcenter/blogwiki-config.xml.xml')
2. If the configuration file is not found, create it at the path specified in Step 1, then
edit the file to add the following code:
<?xml version='1.0' encoding='UTF-8'?>
<mds:customization version="11.1.1.64.86" xmlns:mds="http://xmlns.oracle.com/mds"
motype_local_name="adf-blogwiki-config" motype_nsuri="http://xmlns.oracle.com/
webcenter/blogwiki/config">
<mds:modify element="(xmlns(mds_ns1=http://xmlns.oracle.com/webcenter/blogwiki/
config))/mds_ns1:adf-blogwiki-config/mds_ns1:properties/
mds_ns1:property[@name='wiki.markup.enabled']">
<mds:attribute name="value" value="false"/>
</mds:modify>
</mds:customization>
3. Edit the configuration file to change the value of element wiki.markup.enabled:
<mds:modify element="(xmlns(mds_ns1=http://xmlns.oracle.com/webcenter/blogwiki/
config))/mds_ns1:adf-blogwiki-config/mds_ns1:properties/
mds_ns1:property[@name='wiki.markup.enabled']"><mds:attribute name="value"
value="[true|false]"/></mds:modify>
where:
•
true: show the Wiki Markup tab
•
false (default): hide the Wiki Markup tab
4. Import the updated file to MDS:
importMetadata(application='webcenter', server='WC_Portal', fromLocation='/
scratch/aime1', docs='/oracle/webcenter/doclib/config/mdssys/cust/site/webcenter/
blog-wiki-config.xml.xml')
6.4.9.6 Disabling Text Wrapping in the Rich Text Editor
By default, the Rich Text Editor wraps HTML source at 68 characters. This may cause
some multibyte symbols to wrap incorrectly. If you encounter this problem, you can
disable text wrapping in the Rich Text Editor.
Optional
To disable text wrapping in the Rich Text Editor:
1. Export the latest configuration file blog-wiki-config.xml.xml from MDS:
exportMetadata(application='webcenter', server='WC_Portal', toLocation='/scratch/
aime1', docs='/oracle/webcenter/doclib/config/mdssys/cust/site/webcenter/blogwiki-config.xml.xml')
2. If the configuration file is not found, create it at the path specified in Step 1, then
edit the file to add the following code:
<?xml version='1.0' encoding='UTF-8'?>
<mds:customization version="11.1.1.64.86" xmlns:mds="http://xmlns.oracle.com/mds"
motype_local_name="adf-blogwiki-config" motype_nsuri="http://xmlns.oracle.com/
6-26
Chapter 6
Configuring Oracle WebCenter Content Server
webcenter/blogwiki/config">
<mds:modify element="(xmlns(mds_ns1=http://xmlns.oracle.com/webcenter/blogwiki/
config))/mds_ns1:adf-blogwiki-config/mds_ns1:properties/
mds_ns1:property[@name='wiki.markup.enabled']">
<mds:attribute name="value" value="false"/>
</mds:modify>
</mds:customization>
3. Edit the configuration file to change the value of element text.wrap.length to 0:
<mds:modify element="(xmlns(mds_ns1=http://xmlns.oracle.com/webcenter/blogwiki/
config))/mds_ns1:adf-blogwiki-config/mds_ns1:properties/
mds_ns1:property[@name='text.wrap.length']"><mds:attribute name="value"
value="0"/></mds:modify>
4. Import the updated file to MDS:
importMetadata(application='webcenter', server='WC_Portal', fromLocation='/
scratch/aime1', docs='/oracle/webcenter/doclib/config/mdssys/cust/site/webcenter/
blog-wiki-config.xml.xml')
6.4.10 Registering the Default Oracle WebCenter Content Server
Repository
The default connection between Oracle WebCenter Portal and Oracle WebCenter
Content Server may be configured for you when WebCenter Portal first starts up, but
Oracle strongly recommends that you test the connection and check that the expected
data has been properly seeded.
Optional, but strongly recommended
This section includes the following topics:
•
Configuring the Default Oracle WebCenter Content Server Connection for Oracle
WebCenter Portal
•
Checking the Oracle WebCenter Portal Data Seeded in Oracle WebCenter
Content Server
6.4.10.1 Configuring the Default Oracle WebCenter Content Server Connection
for Oracle WebCenter Portal
A default connection between Oracle WebCenter Portal and Oracle WebCenter
Content Server may be automatically configured when WebCenter Portal first starts
up, however, you should test the connection and check that it has been appropriately
configured for your environment.
For high availability environments, or for single sign-on environments, you may have to
modify the WebCenter Portal host and port settings.
After installing and configuring WebCenter Content Server, and restarting WebCenter
Portal, check the connection between WebCenter Portal and WebCenter Content
Server is properly configured. If your connection was not properly configured, then
configure it as shown in Setting Connection Properties for the Default Oracle
WebCenter Content Server Connection.
Some WebCenter Portal components rely on the data seeded in WebCenter Content
Server when WebCenter Portal first starts up. Before configuring other components
with WebCenter Portal, check that the expected data has been properly seeded.
6-27
Chapter 6
Configuring Oracle WebCenter Content Server
6.4.10.2 Checking the Oracle WebCenter Portal Data Seeded in Oracle
WebCenter Content Server
When Oracle WebCenter Portal first starts up, a set of default data is seeded in the
default Oracle WebCenter Content Server. The data seeded in WebCenter Content
Server for a WebCenter Portal instance is based on several properties that are set on
the default WebCenter Content Server connection.
For example:
Portal Server Identifier = /WebCenter1
Security Group = WC1
If the data is not correct, or has only been partially seeded, check the WebCenter
Portal log and your WebCenter Content Server configuration, make the necessary
corrections to these properties, and then restart the WebCenter Portal instance to
reseed the data. For information about setting the default WebCenter Content Server
connection, and setting additional properties required for WebCenter Portal's content
repository, see Setting Connection Properties for the Default Oracle WebCenter
Content Server Connection.
Table 6-5 illustrates the WebCenter Portal data that is seeded (Seeded Data), the
naming for the data seeded (Naming) and how to check that the data is created in
WebCenter Content Server (Verify).
Table 6-5
Data Seeded in WebCenter Portal
Seeded Data
Naming
Verify
Security Group
One security group is
seeded:
In WebCenter Content
Server, go to Administration
> Admin Applets > User
Admin > Security>
Permission by Group
securityGroup
For example: WC1
Roles
Two roles are seeded:
•
securityGroupUser (with
R permission on the
security group)
•
securityGroupAuthenUs
er (with RWD permission
on the security group)
For example: WC1User and
WC1AuthenUser
Root Folder name
portalServerIdentifier
(with Security Group =
securityGroup)
In WebCenter Content
Server, go to Administration
> Admin Applets > User
Admin > Security >
Permission by Role
Browse content (folder will be
listed as a top-level folder)
For example: /WebCenter1
6-28
Chapter 6
Configuring Oracle WebCenter Content Server
Table 6-5
(Cont.) Data Seeded in WebCenter Portal
Seeded Data
Naming
Verify
Default Attributes - Public
users
All public users have:
Query the
ExtendedConfigProperties
table, or after logging into
WebCenter Content Server,
click on the user name to
view the user's profile page
listing their roles and
accounts, including the
account PUBLIC and WCILS
and the role
securityGroupUser
Default Attributes Authenticated users
•
Read on the account
prefix PUBLIC
•
Read on the account
prefix WCILS
•
The securityGroup role
All Authenticated users have:
•
Read permission on the
account prefix AUTHEN
•
Read, Write, Delete,
Admin permission on the
account prefix WCILS
•
The
securityGroupAuthenUs
er role
Query the
ExtendedConfigProperties
table, or after logging into
WebCenter Content Server,
click on the user name to
view the user's profile page
listing their roles and
accounts, including the
account AUTHEN and WCILS
and the role
securityGroupAuthenUser
Table 6-6 illustrates the data that is seeded for the Home portal (Seeded Data), the
naming for the data seeded (Naming) and how to check that the data is created in
WebCenter Content Server (Verify). Note that the Home portal data is seeded only
once in a WebCenter Content Server instance, regardless of how many WebCenter
Portal instances are using the same WebCenter Content Server. Therefore, if you
have multiple WebCenter Portal instances using the same WebCenter Content Server,
they will all share the same Home portal data.
Table 6-6
Data Seeded for the Home Portal
Seeded Data
Naming
Verify
Security Group
One security group is
seeded:
In WebCenter Content
Server, go to Administration
> Admin Applets > User
Admin > Security >
Permission by Group
PersonalSpaces
6-29
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
Table 6-6
(Cont.) Data Seeded for the Home Portal
Seeded Data
Naming
Verify
Roles
Two roles are seeded:
In WebCenter Content
Server, go to Administration
> Admin Applets > User
Admin > Security >
Permission by Role
•
PersonalSpacesRole
(with R permission on the
security group
PersonalSpaces)
•
PersonalSpacesAuthenR
ole (with RWD on the
security group
PersonalSpaces)
Root Folder name
PersonalSpaces (with
Security
Group=PersonalSpaces)
Browse content (folder will be
listed as a top-level folder)
Default Attributes - Public
users
All public users have:
Query the
ExtendedConfigProperties
table, or after logging into
WebCenter Content Server,
click on the user name to
view the user's profile page
listing their roles and
accounts, including the
account PEWebCenter/PU and
the role PersonalSpacesRole
•
•
Default Attributes Authenticated users
Read on the Root
Folder's account
The PersonalSpaces role
All Authenticated users have:
•
The
PersonalSpacesAuthenR
ole role
Query the
ExtendedConfigProperties
table, or after logging into
WebCenter Content Server,
click on the user name to
view the user's profile page
listing their roles and
accounts, including the role
PersonalSpacesAuthenRole
6.5 Creating a Connection to Oracle WebCenter Content
Server
A default connection to Oracle WebCenter Content Server may be automatically
created and configured when Oracle WebCenter Portal first starts up, but you may
want to change the default settings or register other WebCenter Content Server
repositories.
This section contains the following topics:
•
About Creating a Connection to Oracle WebCenter Content Server
•
Creating a Connection to Oracle WebCenter Content Server Using Fusion
Middleware Control
6-30
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
•
Registering Oracle WebCenter Content Server Using WLST
•
Oracle WebCenter Content Server Connection Parameters for RIDC Socket Types
6.5.1 About Creating a Connection to Oracle WebCenter Content
Server
When creating a connection to Oracle WebCenter Content Server, there are several
things to think about.
Consider the following:
•
Oracle WebCenter Portal communicates with WebCenter Content Server over the
Remote Intradoc Client (RIDC). RIDC provides the ability for WebCenter Portal to
remotely execute WebCenter Content Server services. It also handles things like
connection pooling, security, and protocol specifics. RIDC supports socket-based
communication and the HTTP and JAX-WS protocols.
–
Socket — The socket protocol communicates to WebCenter Content Server
over the Intradoc socket port. This protocol requires a trusted connection
between WebCenter Portal and WebCenter Content Server and does not
perform any password validation.
The socket-based communication can also be configured to run over SSL to
provide extra security
–
HTTP — Using the HTTPClient package, RIDC communicates with the web
server attached to WebCenter Content Server. Unlike the socket protocol, this
protocol requires authentication credentials for each request.
The HTTP protocol can also be load-balanced using an HTTP load balancer
such as Oracle Traffic Director.
–
•
JAX-WS — With JAX-WS, WebCenter Portal must authenticate with
WebCenter Content Server for each connection rather than assuming any
connection from WebCenter Portal is automatically a trusted connection. The
JAX-WS protocol is only supported in Oracle WebCenter Content with a
properly configured WebCenter Content Server instance and the RIDC client
installed.
Additional configuration is required for the default WebCenter Content Server
connection:
–
A user name with administrative rights for the WebCenter Content Server
instance is required (Content Administrator). This user is used to create and
maintain folders for portal content, security groups and roles, and manage
content access rights. The default content administrator is sysadmin.
Administrative privileges are required for this connection so that operations
can be performed on behalf of WebCenter Portal users.
–
The Portal Server Identifier value is used as the name for the root folder
within the WebCenter Content Server repository under which all WebCenter
Portal content is stored. For the Portal Server Identifier value, you must
specify a WebCenter Content Server folder that does not yet exist. Use the
format: /foldername. For example: /MyWebCenterPortal. The Portal Server
Identifier cannot be /, the WebCenter Content Server root itself, and it must
be unique across different portals. The folder specified is created for you when
WebCenter Portal starts up. Invalid entries include: /, /foldername/, /
foldername/subfolder.
6-31
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
–
The Security Group, identifies a WebCenter Portal instance within this
WebCenter Content Server repository and must have a unique value (for
example: MyWCPApp). The name must be 14 characters or less, begin with an
alphabetical character, followed by any combination of alphanumeric
characters or the underscore character.
The Security Group value is used for the following:
*
To separate data when multiple WebCenter Portal instances share the
same WebCenter Content Server instance and should be unique across
applications.
*
As the name of the security group in which all data created in that
WebCenter Portal instance is stored.
*
As the prefix for the role (the name format is securityGroupUser and
securityGroupAuthenUser).
*
To stripe users permissions on accounts for the particular WebCenter
Portal instance.
*
To stripe default attributes for the particular WebCenter Portal instance.
For information about security groups and roles, see Managing Security
Groups, Roles, and Permissions in Administering Oracle WebCenter Content.
For information about folders, see Organizing Content in Managing Oracle
WebCenter Content.
•
Portal Server Identifier and Security Group values:
–
For the default connection in WebCenter Portal, the Portal Server Identifier
and Security Group values are used to create the seed data in WebCenter
Content Server to enable storage of portal-related data.
WARNING:
You should never change the Portal Server Identifier or Security Group
values separately; you should always change both. That is, if you change the
Portal Server Identifier value after configuring and running WebCenter
Portal, then you must also change the Security Group value, and vice versa.
That is, you must change both values (Portal Server Identifier and Security
Group) to unique values if WebCenter Portal already contains the seed data.
When you change these values, the existing seed data is not renamed in
WebCenter Content Server. Instead, new seed data is created using the new
values when you start the application. Once the application is started, new
WebCenter Portal data is created under the new Portal Server Identifier
folder and existing data under the old folder is no longer available. This means
that the Documents tools will now be disabled in WebCenter Portal where the
Documents tools were previously enabled, prior to changing the Portal Server
Identifier.
6-32
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
Note:
Although the Portal Server Identifier and Security Group values change, the
old folder still appears in search results, like any other folder in WebCenter
Content Server.
•
At start up, WebCenter Portal creates seed data (if it does not already exist) in the
default WebCenter Content Server repository for WebCenter Portal.
6.5.2 Creating a Connection to Oracle WebCenter Content Server
Using Fusion Middleware Control
You can register Oracle WebCenter Content Server as a content repository for Oracle
WebCenter Portal using Fusion Middleware Control.
This section includes the following topics:
•
Connecting to Oracle WebCenter Content Server Using Socket-Based
Communication
•
Connecting to Oracle WebCenter Content Server Using Secure Socket-Based
Communication
•
Connecting to Oracle WebCenter Content Server Using JAX-WS
•
Connecting to Oracle WebCenter Content Server Using HTTP
6.5.2.1 Connecting to Oracle WebCenter Content Server Using Socket-Based
Communication
The socket protocol communicates to Oracle WebCenter Content Server over the
Intradoc socket port.
To connect to WebCenter Content Server using socket-based communication:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings and then Service
Configuration.
3. On the WebCenter Portal Services Configuration page, from the list of services
select Content Repository.
4. Click Add.
5. In the Connection Name field, enter a unique name for the WebCenter Content
Server connection.
Tip:
The name must be unique (across all connection types) within WebCenter
Portal.
6. The Repository Type is Oracle Content Server.
6-33
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
7. Select Active Connection to make this the default WebCenter Content Server
connection for WebCenter Portal.
You can create connections to multiple WebCenter Content Server instances; all
connections are used. One connection must be the default connection. The default
connection is the one used by WebCenter Portal to store portal-related documents.
If this is the default connection for WebCenter Portal, some additional configuration
is required. For more information, see Setting Connection Properties for the Default
Oracle WebCenter Content Server Connection Using Fusion Middleware Control.
Note:
Deselecting this option does not disable the connection. If a connection is no
longer required, you must delete the connection.
8. From the RIDC Socket Type dropdown list, select Socket.
9. In the Server Host field, enter the host name of the machine where WebCenter
Content Server is running.
For example: mycontentserver.example.com.
10. In the Server Port field, enter the port specified for the WebCenter Content
Server’s incoming provider.
This property corresponds to the IntradocServerPort setting in the WebCenter
Content Server configuration file, which defaults to 4444.
Tip:
You can find the current value by logging into WebCenter Content Server and
navigating to Administration > Admin Server > General Configuration >
Additional Configuration Variables > IntradocServerPort.
11. In the Connection Timeout field, enter the length of time (in milliseconds) to
attempt to log in to WebCenter Content Server before issuing a connection timeout
message.
This value is also used as the socket timeout for the underlying RIDC connection
for all service requests.
If the Connection Timeout is not set, the following values are used:
•
Login timeout — the default concurrency timeout configured for the
oracle.webcenter.content resource (30 seconds or 30000 milliseconds).
•
RIDC socket timeout — the default RIDC socket timeout (60 seconds or
60000 milliseconds).
6-34
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
Tip:
It is recommended that you do not specify a value less than 60000
milliseconds for the Connection Timeout, as this would reduce the RIDC
socket timeout and increase the likelihood that long running requests time out.
For example, timeouts may occur during long running searches, long file
uploads, or long copy operations.
12. From the Authentication Method dropdown list, select:
•
Identity Propagation if WebCenter Content Server uses the same identity
store as WebCenter Portal to authenticate users.
If you select this option, you must also specify the appropriate Web Server
context root for Content Server.
•
External Application if WebCenter Content Server uses an external
application to authenticate users. Select this option if you want to use public,
shared, or mapped credentials.
If you select this option, you must also specify the appropriate Associated
External Application.
13. (Only if Authentication Method is Identity Propagation) In the Web Server
context root for Content Server field, enter the web server context root for
WebCenter Content Server if WebCenter Content Server is front-ended with Oracle
HTTP Server (OHS).
Use the format /contextRoot. For example, /cs.
Oracle recommends that you access WebCenter Portal through Oracle HTTP
Server (OHS) if you want to use Content Presenter to create or edit Site Studio
content. Without Oracle HTTP Server (and WebContextRoot configuration), it is still
possible to create or edit Site Studio content from within Content Presenter, but the
create and edit actions launch new browser windows (or tabs) rather than opening
within the Content Presenter task flow.
14. (Only if Authentication Method is External Application) From the Associated
External Application dropdown list, select the application to use to authenticate
users with WebCenter Content Server.
Tip:
If the application has not yet been registered with WebCenter Portal, select
Create New to register it now. For more information, see Registering External
Applications Using Fusion Middleware Control.
15. In the Administrator User Name field, enter the user name of a user with
administrative rights for this WebCenter Content Server instance.
This user is used to fetch content type information based on profiles and track
document changes for cache invalidation purposes.
The default value is sysadmin.
16. In the Administrator Password field, enter the password for the user specified in
the Administrator User Name field.
6-35
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
17. In the Cache Invalidation Interval field, enter the time (in minutes) to allow
between checks for external WebCenter Content Server content changes.
WebCenter Portal automatically clears items that have changed from the cache.
The minimum interval is 2 minutes.
By default, cache invalidation is disabled so no periodic check is made for content
changes (shown as 0).
18. In the Maximum Cached Document Size, enter a maximum cacheable size (in
bytes) for WebCenter Content Server binary documents.
Documents larger than this size are not cached by WebCenter Portal.
The default is 102400 bytes (100KB).
Tip:
Tune this value based on your machine’s memory configuration and the types
of binary documents that you expect to cache. Be aware that, unless
Coherence is enabled, there is no maximum total size for the cache.
If you are using Coherence, you can additionally specify the total amount of
memory to be used for binary caches. For this reason, using Coherence for
any type of production environment is strongly recommended, and is a
requirement for High Availability (HA) environments.
Note:
Most documents stored in WebCenter Content Server are considered binary
content, that is, images, plain text, Word documents, and so on. The only
exception is Site Studio content, which is stored in CDF data files and cached
separately in a Virtual Content Repository (VCR) cache (or node cache).
19. Click Test to verify if the connection you created works.
20. Click OK to save the connection.
21. To start using the connection, you must restart the managed server on which
WebCenter Portal is deployed (WC_Portal by default).
The registered connection is now available to the Content Manager and Content
Presenter task flows, which you can add to pages in WebCenter Portal.
6.5.2.2 Connecting to Oracle WebCenter Content Server Using Secure SocketBased Communication
The socket protocol communicates to Oracle WebCenter Content Server over the
Intradoc socket port. The socket-based communication can also be configured to run
over SSL to provide extra security.
Before you can connect to WebCenter Content Server using secure socket-based
communication, you must configure SSL on WebCenter Content Server.
6-36
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
To connect to WebCenter Content Server using secure socket-based communication:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings and then Service
Configuration.
3. On the WebCenter Portal Services Configuration page, from the list of services
select Content Repository.
4. Click Add.
5. In the Connection Name field, enter a unique name for the WebCenter Content
Server connection.
Tip:
The name must be unique (across all connection types) within WebCenter
Portal.
6. The Repository Type is Oracle Content Server.
7. Select Active Connection to make this the default WebCenter Content Server
connection for WebCenter Portal.
You can create connections to multiple WebCenter Content Server instances; all
connections are used. One connection must be the default connection. The default
connection is the one used by WebCenter Portal to store portal-related documents.
If this is the default WebCenter Content Server connection for WebCenter Portal,
some additional configuration is required. For more information, see Setting
Connection Properties for the Default Oracle WebCenter Content Server
Connection Using Fusion Middleware Control.
Note:
Deselecting this option does not disable the connection. If a connection is no
longer required, you must delete the connection.
8. From the RIDC Socket Type dropdown list, select Socket SSL.
9. In the Server Host field, enter the host name of the machine where WebCenter
Content Server is running.
For example: mycontentserver.example.com.
10. In the Server Port field, enter the port specified for the WebCenter Content
Server’s sslincoming provider.
This property corresponds to the IntradocServerPort setting in the WebCenter
Content Server configuration file, which defaults to 4444.
6-37
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
Tip:
You can find the current value by logging into WebCenter Content Server and
navigating to Administration > Admin Server > General Configuration >
Additional Configuration Variables > IntradocServerPort.
11. In the Connection Timeout field, enter the length of time (in milliseconds) to
attempt to log in to WebCenter Content Server before issuing a connection timeout
message.
This value is also used as the socket timeout for the underlying RIDC connection
for all service requests.
If the Connection Timeout is not set, the following values are used:
•
Login timeout — the default concurrency timeout configured for the
oracle.webcenter.content resource (30 seconds or 30000 milliseconds).
•
RIDC socket timeout — the default RIDC socket timeout (60 seconds or
60000 milliseconds).
Tip:
It is recommended that you do not specify a value less than 60000
milliseconds for the Connection Timeout, as this would reduce the RIDC
socket timeout and increase the likelihood that long running requests time out.
For example, timeouts may occur during long running searches, long file
uploads, or long copy operations.
12. From the Authentication Method dropdown list, select:
•
Identity Propagation if WebCenter Content Server uses the same identity
store as WebCenter Portal to authenticate users.
If you select this option, you must also specify the appropriate Web Server
context root for Content Server.
•
External Application if WebCenter Content Server uses an external
application to authenticate users. Select this option if you want to use public,
shared, or mapped credentials.
If you select this option, you must also specify the appropriate Associated
External Application.
13. (Only if Authentication Method is Identity Propagation) In the Web Server
context root for Content Server field, enter the web server context root for
WebCenter Content Server if WebCenter Content Server is front-ended with Oracle
HTTP Server (OHS).
Use the format /contextRoot. For example, /cs.
Oracle recommends that you access WebCenter Portal through Oracle HTTP
Server (OHS) if you want to use Content Presenter to create or edit Site Studio
content. Without Oracle HTTP Server (and WebContextRoot configuration), it is still
possible to create or edit Site Studio content from within Content Presenter, but the
create and edit actions launch new browser windows (or tabs) rather than opening
within the Content Presenter task flow.
6-38
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
14. (Only if Authentication Method is External Application) From the Associated
External Application dropdown list, select the application to use to authenticate
users with WebCenter Content Server.
Tip:
If the application has not yet been registered with WebCenter Portal, select
Create New to register it now. For more information, see Registering External
Applications Using Fusion Middleware Control.
15. In the Administrator User Name field, enter a user name with administrative rights
for this WebCenter Content Server instance.
This user is used to fetch content type information based on profiles and track
document changes for cache invalidation purposes.
Defaults to sysadmin.
16. In the Administrator Password field, enter the password for the user specified in
the Administrator User Name field.
17. In the Key Store Location field, enter the location of the keystore that contains the
private key used to sign the security assertions.
The keystore location must be an absolute path.
For example, D:\keys\keystore.xyz.
18. In the Key Store Password field, enter the password required to access the
keystore.
For example, T0PS3CR3T.
19. In the Private Key Alias field, enter the client private key alias in the keystore.
The public key corresponding to this private key must be imported in the server
keystore.
Ensure that the alias does not contain special characters or white space.
For example, enigma.
20. In the Private Key Password field, enter the password to use with the private key
alias in the keystore.
For example, c0d3bR3ak3R.
21. In the Cache Invalidation Interval field, enter the time (in minutes) to allow
between checks for external WebCenter Content Server content changes.
WebCenter Portal automatically clears items that have changed from the cache.
The minimum interval is 2 minutes.
By default, cache invalidation is disabled so no periodic check is made for content
changes (shown as 0).
22. In the Maximum Cached Document Size, enter a maximum cacheable size (in
bytes) for WebCenter Content Server binary documents.
Documents larger than this size are not cached by WebCenter Portal.
6-39
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
The default is 102400 bytes (100KB).
Tip:
Tune this value based on your machine’s memory configuration and the types
of binary documents that you expect to cache. Be aware that, unless
Coherence is enabled, there is no maximum total size for the cache.
If you are using Coherence, you can additionally specify the total amount of
memory to be used for binary caches. For this reason, using Coherence for
any type of production environment is strongly recommended, and is a
requirement for High Availability (HA) environments.
Note:
Most documents stored in WebCenter Content Server are considered binary
content, that is, images, plain text, Word documents, and so on. The only
exception is Site Studio content, which is stored in CDF data files and cached
separately in a Virtual Content Repository (VCR) cache (or node cache).
23. Click Test to verify if the connection you created works.
24. Click OK to save the connection.
25. To start using the connection, restart the managed server on which WebCenter
Portal is deployed (WC_Portal by default).
The registered connection is now available to the Content Manager and Content
Presenter task flows, which you can add to pages in WebCenter Portal.
6.5.2.3 Connecting to Oracle WebCenter Content Server Using JAX-WS
With JAX-WS, Oracle WebCenter Portal must authenticate with Oracle WebCenter
Content Server for each connection rather than assuming any connection from
WebCenter Portal is automatically a trusted connection.
To connect to WebCenter Content Server using JAX-WS:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings and then Service
Configuration.
3. On the WebCenter Portal Services Configuration page, from the list of services
select Content Repository.
4. Click Add.
5. In the Connection Name field, enter a unique name for the WebCenter Content
Server connection.
6-40
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
Tip:
The name must be unique (across all connection types) within WebCenter
Portal.
6. The Repository Type is Oracle Content Server.
7. Select Active Connection to make this the default WebCenter Content Server
connection for WebCenter Portal.
You can create connections to multiple WebCenter Content Server instances; all
connections are used. One connection must be the default connection. The default
connection is the one used by WebCenter Portal to store portal-related documents.
If this is the default content repository for WebCenter Portal, some additional
configuration is required. For more information, see Setting Connection Properties
for the Default Oracle WebCenter Content Server Connection Using Fusion
Middleware Control.
Note:
Deselecting this option does not disable the connection. If a connection is no
longer required, you must delete the connection.
8. From the RIDC Socket Type dropdown list, select JAX-WS.
9. In the Web Service URL field, enter the web service URL required to connect to
WebCenter Content Server when using the JAX-WS protocol.
Use the format http://host:port/webRoot
For example, http://myhost.com:9044/idcnativews
10. In the Client Security Policy field, enter the client security policy to use.
For example, oracle/wss11_saml_token_with_message_protection_service_policy
The JAX-WS client security policy can be any valid OWSM policy, but must match
the security policy configured for WebCenter Content Server’s Native Web Services
IdcWebLogin service.
Tip:
Leave this field blank if your environment supports Global Policy Attachments
(GPA).
11. In the Connection Timeout field, specify the length of time (in milliseconds) to
attempt to log in to WebCenter Content Server before issuing a connection timeout
message.
If the Connection Timeout is not set, the default concurrency timeout configured for
the oracle.webcenter.content resource is used (30 seconds or 30000 milliseconds).
6-41
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
12. In the Administrator User Name field, enter a user name with administrative rights
for this WebCenter Content Server instance.
This user is used to fetch content type information based on profiles and track
document changes for cache invalidation purposes.
Defaults to sysadmin.
13. In the Administrator Password field, enter the password for the user specified in
the Administrator User Name field.
14. In the Cache Invalidation Interval field, enter the time (in minutes) to allow
between checks for external WebCenter Content Server content changes.
WebCenter Portal automatically clears items that have changed form the cache.
The minimum interval is 2 minutes.
By default, cache invalidation is disabled so no periodic check is made for content
changes (shown as 0).
15. In the Maximum Cached Document Size, enter a maximum cacheable size (in
bytes) for WebCenter Content Server binary documents.
Documents larger than this size are not cached by WebCenter Portal.
The default is 102400 bytes (100KB).
Tip:
Tune this value based on your machine’s memory configuration and the types
of binary documents that you expect to cache. Be aware that, unless
Coherence is enabled, there is no maximum total size for the cache.
If you are using Coherence, you can additionally specify the total amount of
memory to be used for binary caches. For this reason, using Coherence for
any type of production environment is strongly recommended, and is a
requirement for High Availability (HA) environments.
Note:
Most documents stored in WebCenter Content Server are considered binary
content, that is, images, plain text, Word documents, and so on. The only
exception is Site Studio content, which is stored in CDF data files and cached
separately in a Virtual Content Repository (VCR) cache (or node cache).
16. Click Test to verify if the connection you created works.
17. Click OK to save the connection.
18. To start using the connection, restart the managed server on which WebCenter
Portal is deployed (WC_Portal by default).
The registered connection is now available to the Content Manager and Content
Presenter task flows, which you can add to pages in WebCenter Portal.
6-42
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
6.5.2.4 Connecting to Oracle WebCenter Content Server Using HTTP
Using the HTTPClient package, RIDC communicates with the web server attached to
Oracle WebCenter Content Server.
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings and then Service
Configuration.
3. On the WebCenter Portal Services Configuration page, from the list of services
select Content Repository.
4. Click Add.
5. In the Connection Name field, enter a unique name for the WebCenter Content
Server connection.
Tip:
The name must be unique (across all connection types) within WebCenter
Portal.
6. The Repository Type is Oracle Content Server.
7. Do not select Active Connection.
The HTTP protocol does not allow identity propagation, therefore it is not suitable to
use for the default WebCenter Content Server connection for WebCenter Portal.
That is, you should not use this protocol to connect to the back-end WebCenter
Content Server repository that is being used to store portal-related documents.
8. From the RIDC Socket Type dropdown list, select Web.
9. In the Web URL field, enter the web server URL for WebCenter Content Server.
Use the format http://host:port/webRoot/pluginRoot.
For example, http://mycontentserver/cms/idcplug
.
10. In the Connection Timeout field, specify the length of time (in milliseconds) to
attempt to log in to WebCenter Content Server before issuing a connection timeout
message.
This value is also used as the socket timeout for the underlying RIDC connection
for all service requests.
If the Connection Timeout is not set, the following values are used:
•
Login timeout — the default concurrency timeout configured for the
oracle.webcenter.content resource (30 seconds or 30000 milliseconds).
•
RIDC socket timeout — the default RIDC socket timeout (60 seconds or
60000 milliseconds).
6-43
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
Tip:
It is recommended that you do not specify a value less than 60000
milliseconds for the Connection Timeout, as this would reduce the RIDC
socket timeout and increase the likelihood that long running requests time out.
For example, timeouts may occur during long running searches, long file
uploads, or long copy operations.
11. From the Associated External Application dropdown list, select the application to
use to authenticate users with WebCenter Content Server.
Tip:
If the application has not yet been registered with WebCenter Portal, select
Create New to register it now. For more information, see Registering External
Applications Using Fusion Middleware Control.
12. In the Administrator User Name field, enter a user name with administrative rights
for this WebCenter Content Server instance.
This user is used to fetch content type information based on profiles and track
document changes for cache invalidation purposes.
Defaults to sysadmin.
13. In the Administrator Password field, enter the password for the user specified in
the Administrator User Name field.
14. In the Cache Invalidation Interval field, enter the time (in minutes) to allow
between checks for external WebCenter Content Server content changes.
WebCenter Portal automatically clears items that have changed form the cache.
The minimum interval is 2 minutes.
By default, cache invalidation is disabled so no periodic check is made for content
changes (shown as 0).
15. In the Maximum Cached Document Size, enter a maximum cacheable size (in
bytes) for WebCenter Content Server binary documents.
Documents larger than this size are not cached by WebCenter Portal.
The default is 102400 bytes (100KB).
Tip:
Tune this value based on your machine’s memory configuration and the types
of binary documents that you expect to cache. Be aware that, unless
Coherence is enabled, there is no maximum total size for the cache.
If you are using Coherence, you can additionally specify the total amount of
memory to be used for binary caches. For this reason, using Coherence for
any type of production environment is strongly recommended, and is a
requirement for High Availability (HA) environments.
6-44
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
Note:
Most documents stored in WebCenter Content Server are considered binary
content, that is, images, plain text, Word documents, and so on. The only
exception is Site Studio content, which is stored in CDF data files and cached
separately in a Virtual Content Repository (VCR) cache (or node cache).
16. Click OK to save the connection.
17. Click Test to verify if the connection you created works.
18. To start using the connection, restart the managed server on which WebCenter
Portal is deployed (WC_Portal by default).
The registered connection is now available to the Content Manager and Content
Presenter task flows, which you can add to pages in WebCenter Portal.
6.5.3 Registering Oracle WebCenter Content Server Using WLST
Use the WLST command createContentServerConnection to register Oracle WebCenter
Content Server with Oracle WebCenter Portal.
For command syntax and examples, see createContentServerConnection in
WebCenter WLST Command Reference.
To configure the connection as the default connection for WebCenter Portal, set
isPrimary='true'. If you mark a connection as primary, you must run the
setContentServerProperties WLST command to specify certain additional properties
required for the primary WebCenter Content Server connection. See Setting
Connection Properties for the Default Oracle WebCenter Content Server Connection
Using WLST.
To start using the new connection, you must restart the managed server on which
WebCenter Portal is deployed.
Note that if you are using the Content Manager or Content Presenter task flows,
WebCenter Content Server should be started first to allow for initial provisioning to
take place.
6.5.4 Oracle WebCenter Content Server Connection Parameters for
RIDC Socket Types
The configuration parameters you need to set for your Oracle WebCenter Content
Server connection depend on the RIDC socket type.
6-45
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
Table 6-7
Types
WebCenter Content Server Connection Parameters for RIDC Socket
Connection
Parameter
(WLST
Command
Argument)
RIDC Socket
Type: HTTP
RIDC Socket
Type: Socket
RIDC Socket
Type: Secure
Socket
RIDC Socket
Type: JAX-WS
Connection
Name
Mandatory
Mandatory
Mandatory
Mandatory
Repository Type
Oracle Content
Server
Oracle Content
Server
Oracle Content
Server
Oracle Content
Server
Active
Connection
Optional
Optional
Optional
Optional
Web
Socket
Socket SSL
JAX-WS
Not Applicable
Mandatory
Mandatory
Not Applicable
Not Applicable
Mandatory
Mandatory
Not Applicable
Defaults to 4444
Defaults to 4444
Not Applicable
Not Applicable
Not Applicable
Not Applicable
Not Applicable
Mandatory
(name)
(isPrimary)
RIDC Socket
Type
(socketType)
Server Host
(serverHost)
Server Port
(serverPort)
Web URL
Mandatory
(url)
Use the format
http://
host:port/
webRoot/
pluginRoot
Web Service
URL
Not Applicable
(url)
Use the format
http://
host:port/
webRoot
6-46
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
Table 6-7 (Cont.) WebCenter Content Server Connection Parameters for RIDC
Socket Types
Connection
Parameter
(WLST
Command
Argument)
RIDC Socket
Type: HTTP
RIDC Socket
Type: Socket
RIDC Socket
Type: Secure
Socket
RIDC Socket
Type: JAX-WS
Client Security
Policy
Not Applicable
Not Applicable
Not Applicable
Mandatory,
unless Global
Policy
Attachment
(GPA) is used,
in which case it
should be left
empty
(clientSecurit
yPolicy)
Must match the
corresponding
server side
policy configured
for the Content
Server’s Native
Web Services
IdcWebLogin
service
Connection
Timeout
Optional
Optional
Optional
Optional
Do not specify a
value less than
60000 (ms)
Do not specify a
value less than
60000 (ms)
Do not specify a
value less than
60000 (ms)
Defaults to
30000 (ms)
Defaults to
30000 (ms) for
login timeout
and 60000 (ms)
for RIDC socket
timeout
Defaults to
30000 (ms) for
login timeout
and 60000 (ms)
for RIDC socket
timeout
Defaults to
30000 (ms) for
login timeout
and 60000 (ms)
for RIDC socket
timeout
Authentication
Method
Not Applicable
Mandatory
Mandatory
Not Applicable
Web Server
Context Root
Not Applicable
Mandatory if
Authentication
Method is set to
Identity
Propagation
Mandatory if
Authentication
Method is set to
Identity
Propagation
Not Applicable
Not Applicable if
Authentication
Method is set to
External
Application
Not Applicable if
Authentication
Method is set to
External
Application
(timeout)
(webContextRoo
t)
6-47
Chapter 6
Creating a Connection to Oracle WebCenter Content Server
Table 6-7 (Cont.) WebCenter Content Server Connection Parameters for RIDC
Socket Types
Connection
Parameter
(WLST
Command
Argument)
RIDC Socket
Type: HTTP
RIDC Socket
Type: Socket
RIDC Socket
Type: Secure
Socket
RIDC Socket
Type: JAX-WS
Associated
External
Application
Mandatory
Mandatory if
Authentication
Method set to
External
Application
Mandatory if
Authentication
Method set to
External
Application
Not Applicable
Not Applicable if
Authentication
Method set to
Identity
Propagation
Not Applicable if
Authentication
Method set to
Identity
Propagation
Optional
Optional
Optional
Mandatory
Defaults to
sysadmin
Defaults to
sysadmin
Defaults to
sysadmin
Defaults to
sysadmin
Mandatory
Not Applicable
Not Applicable
Optional
(extAppId)
Administrator
User Name
(adminUserName)
Administrator
Password
Whether the
password is
used or not
depends on the
selected JAXWS security
policy
(adminPassword)
Key Store
Location
Not Applicable
Not Applicable
Mandatory
Not Applicable
Not Applicable
Not Applicable
Mandatory
Not Applicable
Not Applicable
Not Applicable
Mandatory
Not Applicable
Not Applicable
Not Applicable
Mandatory
Not Applicable
(keystoreLocat
ion)
Key Store
Password
(keystorePassw
ord)
Private Key
Alias
(privateKeyAli
as)
Private Key
Password
(privateKeyPas
sword)
6-48
Chapter 6
Setting Connection Properties for the Default Oracle WebCenter Content Server Connection
Table 6-7 (Cont.) WebCenter Content Server Connection Parameters for RIDC
Socket Types
Connection
Parameter
(WLST
Command
Argument)
RIDC Socket
Type: HTTP
RIDC Socket
Type: Socket
RIDC Socket
Type: Secure
Socket
RIDC Socket
Type: JAX-WS
Cache
Invalidation
Interval
Optional
Optional
Optional
Optional
Defaults to 0
(disabled)
Defaults to 0
(disabled)
Defaults to 0
(disabled)
Defaults to 0
(disabled)
Optional
Optional
Optional
Optional
Defaults to
102400 bytes
Defaults to
102400 bytes
Defaults to
102400 bytes
Defaults to
102400 bytes
(cacheInvalida
tionInterval)
Maximum
Cached
Document Size
(binaryCacheMa
xEntrySize)
6.6 Setting Connection Properties for the Default Oracle
WebCenter Content Server Connection
The default content repository is the one used by WebCenter Portal to store portalrelated documents. Some additional configuration is required for the default repository.
This section contains the following topics:
•
Setting Connection Properties for the Default Oracle WebCenter Content Server
Connection Using Fusion Middleware Control
•
Setting Connection Properties for the Default Oracle WebCenter Content Server
Connection Using WLST
6.6.1 Setting Connection Properties for the Default Oracle WebCenter
Content Server Connection Using Fusion Middleware Control
You can view, modify, and delete connection information for the Oracle WebCenter
Content Server connection that is being used by Oracle WebCenter Portal to store
portal documents.
WARNING:
You should never change the Portal Server Identifier or Security Group
values separately; you should always change both. That is, if you change the
Portal Server Identifier value after configuring and running WebCenter
Portal, then you must also change the Security Group value, and vice versa.
That is, you must change both values (Portal Server Identifier and Security
Group) to unique values if WebCenter Portal already contains the seed data.
6-49
Chapter 6
Setting Connection Properties for the Default Oracle WebCenter Content Server Connection
To set connection properties for the default WebCenter Content Server connection
using Fusion Middleware Control:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings and then Service
Configuration.
3. On the WebCenter Portal Services Configuration page, from the list of services
select Content Repository.
4. Select the default connection, and click Edit.
5. In the Portal Server Identifier field, enter a name for the folder in WebCenter
Content Server under which WebCenter Portal content is stored.
Use the format /folderName.
For example /WebCenter or /WCPMain.
The folder cannot be the WebCenter Content Server root folder (/) and it must be
unique across applications. If the folder does not exist it will be created for you.
Note:
When you change this value, the existing seed data is not renamed in
WebCenter Content Server. Instead, new seed data is created using the new
value when you start WebCenter Portal. Once WebCenter Portal is started,
new data is created under the new folder and existing data under the old
folder is no longer available. This means that the Documents tools will now be
disabled in WebCenter Portal where the Documents tools were previously
enabled, prior to changing the Portal Server Identifier.
The old folder still appears in search results, like any other root folder in
WebCenter Content Server.
WARNING:
If you change the Portal Server Identifier you must also provide a new value
for Security Group.
6. In the Content Administrator field, enter a user name with administrative rights for
the WebCenter Content Server instance.
For example, sysadmin.
This user will be used to create and maintain folders for WebCenter Portal content
and manage content access rights. Administrative privileges are required for the
default connection so that operations can be performed on behalf of WebCenter
Portal users.
7. In the Security Group field, enter a unique identifier to use as the value for the
security group assigned to files in WebCenter Content Server created in
WebCenter Portal.
6-50
Chapter 6
Setting Connection Properties for the Default Oracle WebCenter Content Server Connection
This name is used to separate data when multiple WebCenter Portal instances
share the same WebCenter Content Server instance.
The application name must be:
•
Unique across all WebCenter Portal applications.
•
Must begin with an alphabetical character, followed by any combination of
alphanumeric characters or the underscore character.
•
Must be less than or equal to 30 characters.
WARNING:
If you change the Security Group you must also provide a new value for
Portal Server Identifier.
8. Click OK to save your changes.
To start using the updated connection properties, you must restart the managed server
on which WebCenter Portal is deployed (WC_Portal by default).
6.6.2 Setting Connection Properties for the Default Oracle WebCenter
Content Server Connection Using WLST
Use WLST commands to view, set, and delete properties for the Oracle WebCenter
Content Server connection that is being used by Oracle WebCenter Portal to identify
where to store portal documents.
The following values must be set for the default WebCenter Content Server
connection:
•
portalServerIdentifier—specify a name for the folder in WebCenter Content
Server under which WebCenter Portal content is stored.
•
adminUserName—specify a user name with administrative rights for the WebCenter
Content Server instance.
•
securityGroup—specify a unique identifier to use as the value for the security
group assigned to files in WebCenter Content Server created in WebCenter Portal.
WARNING:
You should never change the portalServerIdentifier or securityGroup values
separately; you should always change both. That is, if you change the
portalServerIdentifier value after configuring and running WebCenter Portal,
then you must also change the securityGroup value, and vice versa. That is,
you must change both values (portalServerIdentifier and securityGroup) to
unique values if WebCenter Portal already contains the seed data.
Use the following commands (for command syntax and detailed examples, see the
linked section in WebCenter WLST Command Reference):
•
listContentServerProperties
6-51
Chapter 6
Modifying Oracle WebCenter Content Server Connection Details
•
setContentServerProperties
•
deleteContentServerProperties
6.7 Modifying Oracle WebCenter Content Server
Connection Details
This section contains the following topics:
•
Modifying Oracle WebCenter Content Server Connection Details Using Fusion
Middleware Control
•
Modifying Oracle WebCenter Content Server Connection Details Using WLST
•
Modifying Cache Settings for Content Presenter
•
Configuring the Cache to Check for External Oracle WebCenter Content Server
Changes
6.7.1 Modifying Oracle WebCenter Content Server Connection Details
Using Fusion Middleware Control
You can modify Oracle WebCenter Content Server connection details using Fusion
Middleware Control.
To update WebCenter Content Server connection details using Fusion Middleware
Control:
1. Log in to Fusion Middleware Control and navigate to the home page for Oracle
WebCenter Portal.
2. From the WebCenter Portal menu, select Settings and then Service
Configuration.
3. On the WebCenter Portal Services Configuration page, from the list of services
select Content Repository.
4. Select the connection name, and click Edit.
5. Edit connection details, as required.
For detailed parameter information, see Creating a Connection to Oracle
WebCenter Content Server Using Fusion Middleware Control.
6. Click Test to verify if the updated connection works.
7. Click OK to save your changes.
8. To start using the updated connection, you must restart the managed server on
which WebCenter Portal is deployed.
6.7.2 Modifying Oracle WebCenter Content Server Connection Details
Using WLST
Use the WLST command setContentServerConnection to edit Oracle WebCenter
Content Server connection details.
For command syntax and examples, see setContentServerConnection in WebCenter
WLST Command Reference.
6-52
Chapter 6
Modifying Oracle WebCenter Content Server Connection Details
To configure a particular connection as the default connection, set isPrimary='true'.
See Setting Connection Properties for the Default Oracle WebCenter Content Server
Connection Using WLST.
Note:
To start using the updated connection details, you must restart the managed
server on which WebCenter Portal is deployed.
6.7.3 Modifying Cache Settings for Content Presenter
Content Presenter, by default, is configured to use a local (in-memory) cache. Using
Coherence for any type of production environment, however, is strongly
recommended, and is a requirement for High Availability (HA) environments. You can
enable content caching with Coherence by modifying the Coherence configuration file.
Note:
Your Coherence license may or may not support multi-node environments
depending on the license option you have purchased.
To enable and test Coherence as the caching mechanism:
1. Open the ORACLE_HOME/wcportal/webcenter/modules/oracle.webcenter.framework/
content-app-lib.ear file and copy the sample-content-coherence-cache-config.xml
file from ORACLE_HOME/wcportal/webcenter/modules/oracle.webcenter.framework/
content-app-lib.ear..
You'll find the sample-content-coherence-cache-config.xml file under /content-applib.ear/APP-INF/classes/sample-content-coherence-cache-config.xml.
2. Copy the sample-content-coherence-cache-config.xml file to MW_HOME/user_projects/
applications/<Domain_Name>/custom.webcenter.spaces.fwk/APP-INF/classes/ and
rename it as content-coherence-cache-config.xml.
3. Modify the Coherence configuration file for your local environment based on the
example file (Example 6-1 ) and entry descriptions in the following table.
6-53
Chapter 6
Modifying Oracle WebCenter Content Server Connection Details
Table 6-8
Cache Entries in content-coherence-cache-config.xml
Cache Entry Name
Description
repo.ucm.nodeUidCache.*
Stores a list of nodes for a repository based
on an ID. The size of this cache entry
depends upon the number of nodes in the
active repository. This cache expires based
on when the node data is refreshed and
how many times the data is modified from
another application.
Key - Node UID - String
Value - An Oracle WebCenter Content
Server Node object
repo.ucm.nodePathToUidCache.*
Stores a list of nodes for a repository based
on a path. The size of this cache depends
upon the number of nodes in the default
repository. This cache entry expires based
on when the node data is refreshed and
how many times the data is modified from
another application. The size and expiration
time must be the same as that of
nodeUidCache.
Key - Node path - String
Value - Node UID - String
repo.ucm.securityInfoCache.*
Stores cached security information for a
node. The size of this cache depends upon
the number of nodes in the repository. This
cache expires based on the frequency of
node security data updates.
Key - Node UID - String
Value - Security information for a node
repo.ucm.typeNameCache.*
Caches Content Type information. The size
of this cache depends upon the number of
types in the repository. This cache expires
based on when the type information is
refreshed and how many times the types
are modified from another application.
Key - Content Type UID - String
Value - A ContentType object
repo.ucm.typeNamesCache.*
Caches all the type names known to
WebCenter Content Server. All type names
are cached together (one key), and thus all
expire at the same time.
This cache expires based on the frequency
of new types being created or removed.
Key - There is only one key to this cache:
typeNames
Value - An ArrayList<String> of the type
names
6-54
Chapter 6
Modifying Oracle WebCenter Content Server Connection Details
Table 6-8
(Cont.) Cache Entries in content-coherence-cache-config.xml
Cache Entry Name
Description
binaryCache.*
Caches binary property data. Only binaries
that are smaller than the repository
configuration property
binaryCacheMaxEntrySize are cached.
The size of this cache either depends on
the number and frequency of the smaller
binary properties (smaller than the
binaryCacheMaxEntrySize setting) usage,
or it is based on the total amount of memory
to be used for binary caches.
This cache expires based on when the
binary data is refreshed and how many
times this data is modified from another
application.
Key - The Node UID and binary Property
UID (nodeUid.propUid) - String
Value - The binary stream data - byte[]
Note: Most documents stored in
WebCenter Content Server are considered
binary content, that is, images, plain text,
Word documents, and so on. The only
exception is Site Studio content which is
stored in CDF data files and cached
separately in a Virtual Content Repository
(VCR) cache (or node cache).
repo.ucm.searchCriteriaCache.*
Caches a set of search query to parameters
based on the WebCenter Content Server
search grammar. The size of this cache
depends upon the number of unique
searches expected to be repeatedly
performed.
The expiration must be set to eventually
expire unused searches and save on the
cache memory.
Key - A set of search query parameters.
Value - A set of search query parameters,
in Content Server terms.
6-55
Chapter 6
Modifying Oracle WebCenter Content Server Connection Details
Table 6-8
(Cont.) Cache Entries in content-coherence-cache-config.xml
Cache Entry Name
Description
repo.ucm.indexedFieldsCache.*
Holds the indexed (searchable) system
properties for the repository. There are
three keys in this cache:
•
indexedFields holds all WebCenter
Content Server indexed fields.
•
indexedFolderProps holds indexed
system properties for folders.
indexedDocProps holds indexed
•
system properties for documents.
This cache expires based on the frequency
of the indexed fields changes.
Key - String
Value - Map<String,Boolean> holds a key
for each indexed property name, and a
Boolean indicating if that property is also
sortable.
repo.ucm.securityUserCache.*
Caches the mapping between local user
names (current application) and the name
of the same user in WebCenter Content
Server. The size of this cache depends
upon the number of simultaneous and/or
frequent users.
This cache expires based on the frequency
of user identity mapping updates.
Key - Local user Id - String
Value - WebCenter Content Server user Id
- String
repo.ucm.profileTriggerValueCache.*
Caches the profile trigger value for a given
profile, so it is available when documents
are created. The maximum number of
entries in this cache is implicitly limited to
the maximum number of profiles on the
WebCenter Content Server instance. The
cache entry size is small. The primary entry
to vary is the expiration, which depends
upon how often the profile trigger field
values are modified in WebCenter Content
Server. These values change rarely once a
profile is configured on the WebCenter
Content Server system. Therefore, the
expiration should be set appropriately.
Key - The WebCenter Content Server
profile name - String
Value - The WebCenter Content Server
profile trigger value - String
6-56
Chapter 6
Modifying Oracle WebCenter Content Server Connection Details
Table 6-8
(Cont.) Cache Entries in content-coherence-cache-config.xml
Cache Entry Name
Description
repo.ucm.resultOfAQueryCache.*
Include this parameter when you upgrade
WebCenter Portal from 11g to 12c.
Caches the result of a given query. The
result of a query execution on Content
Server depends on the security permission
for a given user. The cache is maintained
per user, so results are different for different
users.
Modify the high units and expiry delay
parameter as per your requirement.
For example: <expiry-delay>10m</expirydelay> <high-units>1000</high-units> .
Key - the combination of the use and the
search query
Value - the list of WebCenter Content node
object
repo.ucm.contentsUnderAFolderCache.*
Include this parameter when you upgrade
WebCenter Portal from 11g to 12c.
Caches the contents under a folder. The
content shown to the user depends on the
security permission on Content Server. The
cache is maintained per user, so the list of
content is different for different users.
Modify the high units and expiry delay
parameter as per your requirement.
For example: <expiry-delay>10m</expirydelay> <high-units>1000</high-units> .
Key - the combination of the use and the
folder identifier.
Value - Array of node object
4. Add the following to the setDomainEnv.sh file so that you can test that Coherence
has been properly configured:
JAVA_OPTIONS="${JAVA_OPTIONS} -Dtangosol.coherence.management=all"
export JAVA_OPTIONS
5. Restart the WC_Portal server and connect to it by entering jconsole from the
command line and choosing the process corresponding to WC_Portal to open
JConsole.
6. In JConsole, check for Coherence in the MBeans tab.
6-57
Chapter 6
Modifying Oracle WebCenter Content Server Connection Details
Note:
•
There must be something in the cache for the MBeans to appear in
Jconsole. That is, you must have created and accessed a Content
Presenter page for the MBeans to exist.
•
Once a Content Presenter page exists, thus populating the cache, in
JConsole connected to the WC_Portal server, you can open Coherence >
Cache > LocalCache and see multiple entries for repo.ucm.*.{ucmconnection-name}. For example, repo.ucm.typeNameCache.{ucm-connectionname}
Example 6-1
Sample Coherence Configuration File
<!DOCTYPE cache-config SYSTEM "cache-config.dtd">
<cache-config>
<caching-scheme-mapping>
<cache-mapping>
<cache-name>repo.ucm.nodeUidCache.*</cache-name>
<scheme-name>ContentNodeCaches</scheme-name>
</cache-mapping>
<cache-mapping>
<cache-name>repo.ucm.nodePathToUidCache.*</cache-name>
<scheme-name>ContentNodeCaches</scheme-name>
</cache-mapping>
<cache-mapping>
<cache-name>repo.ucm.securityInfoCache.*</cache-name>
<scheme-name>ContentNodeCaches</scheme-name>
</cache-mapping>
<cache-mapping>
<cache-name>repo.ucm.typeNameCache.*</cache-name>
<scheme-name>ContentTypeCaches</scheme-name>
</cache-mapping>
<cache-mapping>
<cache-name>repo.ucm.typeNamesCache.*</cache-name>
<scheme-name>ContentTypeCaches</scheme-name>
</cache-mapping>
<cache-mapping>
<cache-name>binaryCache.*</cache-name>
<scheme-name>ContentBinaryCaches</scheme-name>
</cache-mapping>
<cache-mapping>
<cache-name>repo.ucm.searchCriteriaCache.*</cache-name>
<scheme-name>ContentSearchCaches</scheme-name>
</cache-mapping>
<cache-mapping>
<cache-name> repo.ucm.indexedFieldsCache.*</cache-name>
<scheme-name>ContentSearchCaches</scheme-name>
</cache-mapping>
<cache-mapping>
<cache-name>repo.ucm.securityUserCache.*</cache-name>
<scheme-name>ContentSecurityCaches</scheme-name>
</cache-mapping>
<cache-mapping>
<cache-name>repo.ucm.profileTriggerValueCache.*</cache-name>
<scheme-name>ContentProfileCaches</scheme-name>
</cache-mapping>
<cache-mapping>
6-58
Chapter 6
Modifying Oracle WebCenter Content Server Connection Details
<cache-name>binaryContentTypeCache.*</cache-name>
<scheme-name>ContentBinaryCaches</scheme-name>
</cache-mapping>
<cache-mapping>
<cache-name>repo.ucm.resultOfAQueryCache.*</cache-name>
<scheme-name>ContentResultOfAQueryCaches</scheme-name>
</cache-mapping>
<cache-mapping>
<cache-name>repo.ucm.contentsUnderAFolderCache.*</cache-name>
<scheme-name>ContentUnderAFolderCaches</scheme-name>
</cache-mapping>
</caching-scheme-mapping>
<caching-schemes>
<!-The following schemes are all local. For a clustered deployment,
a distributed, replcated, or other clustered scheme is recommended.
See Coherence documentation for more information.
-->
<local-scheme>
<scheme-name>ContentNodeCaches</scheme-name>
<expiry-delay>1m</expiry-delay>
<high-units>100</high-units>
</local-scheme>
<local-scheme>
<scheme-name>ContentTypeCaches</scheme-name>
<expiry-delay>30m</expiry-delay>
<high-units>50</high-units>
</local-scheme>
<local-scheme>
<scheme-name>ContentBinaryCaches</scheme-name>
<expiry-delay>1m</expiry-delay>
<high-units>100000</high-units>
<unit-calculator>
<class-scheme>
<class-name>com.tangosol.net.cache.SimpleMemoryCalculator</class-name>
</class-scheme>
</unit-calculator>
</local-scheme>
<local-scheme>
<scheme-name>ContentSearchCaches</scheme-name>
<expiry-delay>5m</expiry-delay>
<high-units>50</high-units>
</local-scheme>
<local-scheme>
<scheme-name>ContentSecurityCaches</scheme-name>
<expiry-delay>10m</expiry-delay>
<high-units>50</high-units>
</local-scheme>
<local-scheme>
<scheme-name>ContentProfileCaches</scheme-name>
<expiry-delay>1h</expiry-delay>
<high-units>100</high-units>
</local-scheme>
<local-scheme>
<scheme-name>ContentResultOfAQueryCaches</scheme-name>
<expiry-delay>10m</expiry-delay>
<high-units>1000</high-units>
</local-scheme>
<local-scheme>
<scheme-name>ContentUnderAFolderCaches</scheme-name>
<expiry-delay>10m</expiry-delay>
<high-units>1000</high-units>
6-59
Chapter 6
Modifying Oracle WebCenter Content Server Connection Details
</local-scheme>
<!-<class-scheme>
<scheme-name>ContentDisabledCaches</scheme-name>
<class-name>com.tangosol.util.NullImplementation$NullMap</class-name>
</class-scheme>
-->
</caching-schemes>
</cache-config>
6.7.4 Configuring the Cache to Check for External Oracle WebCenter
Content Server Changes
This section describes how you can change the Content Server's Cache Invalidation
Interval so that changes are picked up.
This section includes the following topics:
•
Modifying Oracle WebCenter Content Server's Contributor Data Files
•
Modifying Oracle WebCenter Content Server's Cache Invalidation Interval
•
Testing the Cache Settings
6.7.4.1 Modifying Oracle WebCenter Content Server's Contributor Data Files
The Content Presenter task flow enables Oracle WebCenter Portal users with PageEdit permissions to customize the selection and presentation of content. In Content
Presenter you can select a single item of content, contents under a folder, a list of
items, or a query for content and then select a Content Presenter template with which
to render that content on a page in WebCenter Portal.
As well as displaying Oracle WebCenter Content Server folders and files, Content
Presenter also integrates with Oracle Site Studio to let you to create, access, edit, and
display Site Studio contributor data files (that is, a WebCenter Content Server
document) in either a Site Studio region template, or in a custom Content Presenter
display template. For more information about creating Content Presenter display
templates, see Developing Content Presenter Display Templates in Developing for
Oracle WebCenter Portal.
In some cases you may want to modify WebCenter Content Server's contributor data
files directly through WebCenter Content Server. This operation is completely
supported. However, if a contributor data file is being modified through a method other
than using WebCenter Portal, a running WebCenter Portal page that also uses the
same data file will not immediately see those updates. This is due to the WebCenter
Portal page using Content Presenter to display the contents of the data file while
WebCenter Portal is using the cached version of the data file. Fortunately, there is a
way to configure the cache so that changes like this are picked up quickly and
automatically.
6.7.4.2 Modifying Oracle WebCenter Content Server's Cache Invalidation
Interval
By changing the Oracle WebCenter Content Server's Cache Invalidation Interval, you
can enable the cache to be monitored by the cache sweeper utility.
The cache sweeper queries for changes in WebCenter Content Server, flagging the
cache as "dirty" if there have been any changes. This causes the application to
6-60
Chapter 6
Modifying Oracle WebCenter Content Server Connection Details
retrieve a new copy of the document from WebCenter Content Server that replaces
the cached version.
By default, the initial value for the Cache Invalidation Interval is set to 0 (minutes). This
means that the sweeper has been turned off. To turn the sweeper on, you need to set
a value (in minutes). The minimum value that can be set is 2 (minutes). You can do
this from the Cache Details page in Fusion Middleware Control or using a WLST
command.
This section includes the following topics:
•
Modifying the Cache Invalidation Interval Using Fusion Middleware Control
•
Modifying the Cache Invalidation Interval Using WLST
6.7.4.2.1 Modifying the Cache Invalidation Interval Using Fusion Middleware Control
You can change the Cache Invalidation Interval using Fusion Middleware Control.
To change the Cache Invalidation Interval using Fusion Middleware Control:
1. Log in to Fusion Middleware Control and navigate to the home page for Oracle
WebCenter Portal.
2. From the WebCenter Portal menu, select Settings and then Service
Configuration.
3. On the WebCenter Portal Services Configuration page, from the list of services
select Content Repository.
4. Select the connection name and click Edit.
5. In the Cache Details section, set the Cache Invalidation Interval to 2 (the shortest
time allowed) or a similarly low value.
Note:
In some instances, once the value of the Cache Invalidation Interval has been
set (and saved) in Fusion Middleware Control, it becomes sticky and the
interval value can only be set back to 0 using the setContentServerConnection
WLST command.
6.7.4.2.2 Modifying the Cache Invalidation Interval Using WLST
You can update the value for the Cache Invalidation Interval using the
setContentServerConnection WLST command.
Run the command as follows:
setContentServerConnection(appName, name, [socketType, url, serverHost, serverPort,
keystoreLocation, keystorePassword, privateKeyAlias, privateKeyPassword,
webContextRoot, clientSecurityPolicy, cacheInvalidationInterval,
binaryCacheMaxEntrySize, adminUsername, adminPassword, extAppId, timeout, isPrimary,
server, applicationVersion])
For example:
6-61
Chapter 6
Modifying Oracle WebCenter Content Server Connection Details
setContentServerConnection(appName='webcenter',name='UCM', socketType='socket',
serverHost='webcenter.oracle.local', serverPort='4444', webContextRoot='/cs',
cacheInvalidationInterval='2',
binaryCacheMaxEntrySize='1024',adminUsername='sysadmin',isPrimary=1)
Tip:
To get the other parameter values required to execute the command, you can
use the listContentServerConnections(appName=‘webcenter',verbose=true)
command.
Note:
You must restart the Oracle WebCenter Portal managed server (WC_Portal) for
the change to take effect.
6.7.4.3 Testing the Cache Settings
Once the sweeper is turned on, only cache objects that have been changed will be
invalidated.
To test this out, configure Oracle WebCenter Content Server so that it monitors and
reports on events.
To configure Oracle WebCenter Content Server to monitor and report on events:
1. Log in to the WebCenter Content Server console application, and under the
Administration menu item, select System Audit Information.
If your console is using the left menu display option, the Administration link will be
located there.
2. Under the Tracing Sections Information, add in only system and requestaudit in the
Active Sections. Check Full Verbose Tracing, check Save, then click the Update
button. Once this is done, select the View Server Output menu option. This will
change the browser view to display the log. This is all that is needed to configure
WebCenter Content Server.
For example, the following is the View Server Output with the cache invalidation
interval set to 2 (minutes) Note the time stamp:
requestaudit/6 08.30 09:52:26.001 IdcServer-68
GET_FOLDER_HISTORY_REPORT
[dUser=sysadmin][IsJava=1] 0.016933999955654144(secs)
requestaudit/6 08.30 09:52:26.010 IdcServer-69
GET_FOLDER_HISTORY_REPORT
[dUser=sysadmin][IsJava=1] 0.006134999915957451(secs)
requestaudit/6 08.30 09:52:26.014 IdcServer-70
GET_DOCUMENT_HISTORY_REPORT
[dUser=sysadmin][IsJava=1] 0.004271999932825565(secs)
... other trace info ...
requestaudit/6 08.30 09:54:26.002 IdcServer-71
GET_FOLDER_HISTORY_REPORT
[dUser=sysadmin][IsJava=1] 0.020323999226093292(secs)
requestaudit/6 08.30 09:54:26.011 IdcServer-72
GET_FOLDER_HISTORY_REPORT
[dUser=sysadmin][IsJava=1] 0.017928000539541245(secs)
6-62
Chapter 6
Modifying Oracle WebCenter Content Server Connection Details
requestaudit/6 08.30 09:54:26.017 IdcServer-73
GET_DOCUMENT_HISTORY_REPORT
[dUser=sysadmin][IsJava=1] 0.010185999795794487(secs)
3. Once the tracing logs are reporting correctly, the next step is set up Oracle
WebCenter Portal to test the sweeper. You can do this by setting up two pages with
Content Presenter task flows, with each task flow using a different custom Content
Presenter display template, and assigning each page a different contributor data
file (document in the cache).
When the WebCenter Portal pages containing the content is loaded in the browser
for the first time, you can see the tracing information in the Content Server output
viewer. For example:
requestaudit/6 08.30 11:51:12.030 IdcServer-129 CLEAR_SERVER_OUTPUT
[dUser=weblogic] 0.029171999543905258(secs)
requestaudit/6 08.30 11:51:12.101 IdcServer-130 GET_SERVER_OUTPUT
[dUser=weblogic] 0.025721000507473946(secs)
requestaudit/6 08.30 11:51:26.592 IdcServer-131 VCR_GET_DOCUMENT_BY_NAME [dID=919]
[dDocName=DF_UCMCACHETESTER]
[dDocTitle=DF_UCMCacheTester][dUser=weblogic]
[RevisionSelectionMethod=LatestReleased][IsJava=1] 0.21525299549102783(secs)
requestaudit/6 08.30 11:51:27.117 IdcServer-132 VCR_GET_CONTENT_TYPES
[dUser=sysadmin][IsJava=1] 0.5059549808502197(secs)
requestaudit/6 08.30 11:51:27.146 IdcServer-133 VCR_GET_CONTENT_TYPE
[dUser=sysadmin][IsJava=1] 0.03360399976372719(secs)
requestaudit/6 08.30 11:51:27.169 IdcServer-134 VCR_GET_CONTENT_TYPE
[dUser=sysadmin][IsJava=1] 0.008806000463664532(secs)
requestaudit/6 08.30 11:51:27.204 IdcServer-135 VCR_GET_CONTENT_TYPE
[dUser=sysadmin][IsJava=1] 0.013265999965369701(secs)
requestaudit/6 08.30 11:51:27.384 IdcServer-136 VCR_GET_CONTENT_TYPE
[dUser=sysadmin][IsJava=1] 0.18119299411773682(secs)
requestaudit/6 08.30 11:51:27.533 IdcServer-137 VCR_GET_CONTENT_TYPE
[dUser=sysadmin][IsJava=1] 0.1519480049610138(secs)
requestaudit/6 08.30 11:51:27.634 IdcServer-138 VCR_GET_CONTENT_TYPE
[dUser=sysadmin][IsJava=1] 0.10827399790287018(secs)
requestaudit/6 08.30 11:51:27.687 IdcServer-139 VCR_GET_CONTENT_TYPE
[dUser=sysadmin][IsJava=1] 0.059702999889850616(secs)
requestaudit/6 08.30 11:51:28.271 IdcServer-140 GET_USER_PERMISSIONS
[dUser=weblogic][IsJava=1] 0.006703000050038099(secs)
requestaudit/6 08.30 11:51:28.285 IdcServer-141 GET_ENVIRONMENT [dUser=sysadmin]
[IsJava=1] 0.010893999598920345(secs)
requestaudit/6 08.30 11:51:30.433 IdcServer-142 GET_SERVER_OUTPUT
[dUser=weblogic] 0.017318999394774437(secs)
requestaudit/6 08.30 11:51:41.837 IdcServer-143 VCR_GET_DOCUMENT_BY_NAME [dID=508]
[dDocName=113_ES]
[dDocTitle=Landing Home][dUser=weblogic][RevisionSelectionMethod=LatestReleased]
[IsJava=1] 0.15937699377536774(secs)
requestaudit/6 08.30 11:51:42.781 IdcServer-144 GET_FILE [dID=326]
[dDocName=WEBCENTERORACL000315][dDocTitle=Duke][dUser=anonymous]
[RevisionSelectionMethod=LatestReleased][dSecurityGroup=Public][xCollectionID=0]
0.16288499534130096(secs)
The highlighted sections show where the two example data files
DF_UCMCACHETESTER and 113_ES were called by the WebCenter Portal VCR
connection to WebCenter Content Server. Note the
VCR_GET_DOCUMENT_BY_NAME invocation.
On subsequent refreshes of these two pages, you will notice (after you refresh
WebCenter Content Server's View Server Output) that there are no further traces of
the same VCR_GET_DOCUMENT_BY_NAME invocations. This is because the
pages are getting the documents from the cache.
6-63
Chapter 6
Modifying Oracle WebCenter Content Server Connection Details
4. The next step is to go through the back door and change one of the documents
through the Content Server console. To do this, locate the data file document, and
from the Content Information page, select Edit Data File.
This invokes the Site Studio Contributor, where you can make some modifications.
When you refresh the Content Server View Server Output, the tracing displays the
operations performed on the document.
requestaudit/6 08.30 11:56:59.972 IdcServer-255 SS_CHECKOUT_BY_NAME [dID=922]
[dDocName=DF_UCMCACHETESTER][dUser=weblogic]
[dSecurityGroup=Public] 0.05558200180530548(secs)
requestaudit/6 08.30 11:57:00.065 IdcServer-256 SS_GET_CONTRIBUTOR_CONFIG
[dID=922][dDocName=DF_UCMCACHETESTER]
[dDocTitle=DF_UCMCacheTester][dUser=weblogic][dSecurityGroup=Public]
[xCollectionID=0] 0.08632399886846542(secs)
requestaudit/6 08.30 11:57:00.470 IdcServer-259 DOC_INFO_BY_NAME [dID=922]
[dDocName=DF_UCMCACHETESTER]
[dDocTitle=DF_UCMCacheTester][dUser=weblogic][dSecurityGroup=Public]
[xCollectionID=0] 0.02268899977207184(secs)
requestaudit/6 08.30 11:57:10.177 IdcServer-264 GET_FOLDER_HISTORY_REPORT
[dUser=sysadmin][IsJava=1] 0.007652000058442354(secs)
requestaudit/6 08.30 11:57:10.181 IdcServer-263 GET_FOLDER_HISTORY_REPORT
[dUser=sysadmin][IsJava=1] 0.01868399977684021(secs)
requestaudit/6 08.30 11:57:10.187 IdcServer-265 GET_DOCUMENT_HISTORY_REPORT
[dUser=sysadmin][IsJava=1] 0.009367000311613083(secs)
(internal)/6 08.30 11:57:26.118 IdcServer-266 File to be removed: /oracle/app/
admin/domains/webcenter/ucm/cs/vault/~temp/703253295.xml
(internal)/6 08.30 11:57:26.121 IdcServer-266 File to be removed: /oracle/app/
admin/domains/webcenter/ucm/cs/vault/~temp/703253295.xml
requestaudit/6 08.30 11:57:26.122 IdcServer-266 SS_SET_ELEMENT_DATA [dID=923]
[dDocName=DF_UCMCACHETESTER]
[dDocTitle=DF_UCMCacheTester][dUser=weblogic][dSecurityGroup=Public]
[xCollectionID=0][StatusCode=0][StatusMessage=Successfully checked in content
item 'DF_UCMCACHETESTER'.] 0.3765290081501007(secs)
requestaudit/6 08.30 11:57:30.710 IdcServer-267 DOC_INFO_BY_NAME [dID=923]
[dDocName=DF_UCMCACHETESTER]
[dDocTitle=DF_UCMCacheTester][dUser=weblogic][dSecurityGroup=Public]
[xCollectionID=0] 0.07942699640989304(secs)
requestaudit/6 08.30 11:57:30.733 IdcServer-268 SS_GET_CONTRIBUTOR_STRINGS
[dUser=weblogic] 0.0044570001773536205(secs)
After refreshing the first page, you should see that the updates have been applied.
Note that the refresh time may vary since the Cache Invalidation Interval (set to 2
minutes) is not determined by when changes occur. The sweeper just runs every
two minutes.
When you refresh the WebCenter Content Server View Server Output, for this
example, the tracing displays the following information:
requestaudit/6 08.30 11:59:10.171 IdcServer-270 GET_FOLDER_HISTORY_REPORT
[dUser=sysadmin][IsJava=1] 0.00952600035816431(secs)
requestaudit/6 08.30 11:59:10.179 IdcServer-271 GET_FOLDER_HISTORY_REPORT
[dUser=sysadmin][IsJava=1] 0.011118999682366848(secs)
requestaudit/6 08.30 11:59:10.182 IdcServer-272 GET_DOCUMENT_HISTORY_REPORT
[dUser=sysadmin][IsJava=1] 0.007447000127285719(secs)
requestaudit/6 08.30 11:59:16.885 IdcServer-273 VCR_GET_DOCUMENT_BY_NAME [dID=923]
[dDocName=DF_UCMCACHETESTER]
[dDocTitle=DF_UCMCacheTester][dUser=weblogic]
[RevisionSelectionMethod=LatestReleased][IsJava=1] 0.0786449983716011(secs)
6-64
Chapter 6
Deleting Oracle WebCenter Content Server Connections
After the specified Cache Invalidation Interval time, the sweeper is invoked (tracked
by the GET_ calls). Since a change has been noted, the next call is to the
VCR_GET_DOCUMENT_BY_NAME to retrieve a new version of the modified data file.
Navigating back to the second page and viewing the server output, there are no
further VCR_GET_DOCUMENT_BY_NAME to retrieve the data file. This simply means that the
data file was just retrieved from the cache. Looking at the example server output,
we can see that there was only one request for the VCR_GET_DOCUMENT_BY_NAME:
requestaudit/6 08.30 12:08:00.021 Audit Request Monitor Request Audit Report over
the last 120 Seconds for server webcenteroraclelocal16200****
requestaudit/6 08.30 12:08:00.021 Audit Request Monitor -Num Requests 8 Errors 0
Reqs/sec. 0.06666944175958633
Avg. Latency (secs) 0.02762500010430813 Max Thread Count 2
requestaudit/6 08.30 12:08:00.021 Audit Request Monitor 1 Service
VCR_GET_DOCUMENT_BY_NAME
Total Elapsed Time (secs) 0.09200000017881393 Num requests 1 Num errors 0 Avg.
Latency (secs) 0.09200000017881393
requestaudit/6 08.30 12:08:00.021 Audit Request Monitor 2 Service
GET_PERSONALIZED_JAVASCRIPT
Total Elapsed Time (secs) 0.054999999701976776 Num requests 1 Num errors 0 Avg.
Latency (secs) 0.054999999701976776
requestaudit/6 08.30 12:08:00.021 Audit Request Monitor 3 Service
GET_FOLDER_HISTORY_REPORT
Total Elapsed Time (secs) 0.028999999165534973 Num requests 2 Num errors 0 Avg.
Latency (secs) 0.014499999582767487
requestaudit/6 08.30 12:08:00.021 Audit Request Monitor 4 Service
GET_SERVER_OUTPUT
Total Elapsed Time (secs) 0.017999999225139618 Num requests 1 Num errors 0 Avg.
Latency (secs) 0.017999999225139618
requestaudit/6 08.30 12:08:00.021 Audit Request Monitor 5 Service GET_FILE
Total Elapsed Time (secs) 0.013000000268220901 Num requests 1 Num errors 0 Avg.
Latency (secs) 0.013000000268220901
requestaudit/6 08.30 12:08:00.021 Audit Request Monitor ****End Audit Report*****
6.8 Deleting Oracle WebCenter Content Server Connections
This section includes the following topics:
•
Deleting Oracle WebCenter Content Server Connections Using Fusion Middleware
Control
•
Deleting Oracle WebCenter Content Server Connections Using WLST
Note:
Delete a WebCenter Content Server connection only if it is not in use. If a
connection is marked as the default connection, it should first be removed
from the active list, and then deleted.
6-65
Chapter 6
Changing the Maximum File Upload Size
6.8.1 Deleting Oracle WebCenter Content Server Connections Using
Fusion Middleware Control
You can delete an Oracle WebCenter Content Server connection using Fusion
Middleware Control.
To delete a content repository connection:
1. Log in to Fusion Middleware Control and navigate to the home page for Oracle
WebCenter Portal.
2. From the WebCenter Portal menu, select Settings and then Service
Configuration.
3. On the WebCenter Portal Services Configuration page, from the list of services
select Content Repository.
4. Select the connection name, and click Delete.
5. To effect this change you must restart the managed server on which WebCenter
Portal is deployed.
6.8.2 Deleting Oracle WebCenter Content Server Connections Using
WLST
Use the WLST command deleteContentServerConnection to remove a content
repository connection.
For command syntax and examples, see deleteContentServerConnection in
WebCenter WLST Command Reference.
Note:
To effect this change you must restart the managed server on which Oracle
WebCenter Portal is deployed.
6.9 Changing the Maximum File Upload Size
You can specify the maximum upload size for files.
For files uploaded from features such as a wiki or blog, the maximum file upload size
is 2 GB. For information about changing the maximum upload size, see webcenterconfig.xml.
The maximum upload size for files uploaded using Content Manager is 50 MB. For
information about changing the maximum upload size, see Modifying the File Upload
Size in Content Manager.
6-66
Chapter 6
Configuring Content Manager for Oracle Content and Experience Cloud
6.10 Configuring Content Manager for Oracle Content and
Experience Cloud
The Content Manager task flow also supports Hybrid Enterprise Content Management
(HECM), which helps portal members to easily and rapidly access enterprise content
in Oracle Content and Experience Cloud.
To do so, you must configure the Oracle Content and Experience Cloud integration
with Content Server. For more information, see Configuring Document Cloud Service
Integration Settings in Administering Oracle WebCenter Content.
To view Oracle Content and Experience Cloud content in Content Manager, you will
need to perform the following steps to customize properties in Structure view to allow
for page stretching:
1.
In WebCenter Portal administration, go to the System Pages page.
2.
For the Documents page (which exposes Content Manager), click the Customize
link.
3.
In Structure view, select the region[Edit Task Flow] node, and click the Show the
properties of region icon.
4.
In the Parameters tab, set dimensionsFrom to parent.
5.
In Structure view, select the showDetailFrame node (the task flow container), and
click the Show the properties of showDetailFrame icon.
6-67
Chapter 6
Configuring Content Manager for Oracle Content and Experience Cloud
6.
In the Component Properties dialog, set either of the following:
•
In the Display Options tab, set StretchContent to true.
•
In the Content Style tab, set the height as required. For example, 800px.
6-68
7
Managing Analytics
Configure and manage Analytics in WebCenter Portal to display usage and
performance metrics for a portal.
Always use Fusion Middleware Control or the WLST command-line tool to review and
configure back-end services for WebCenter Portal. Any configuration changes that you
make post-deployment are stored in the MDS metadata store as customizations. Any
changes that you make to Analytics Collector configuration are stored in the Analytics
database.
Note:
Changes that you make to Analytics configuration through Fusion Middleware
Control or using WLST are not dynamic so you must restart the managed
server on which the Analytics Collector or portal application is deployed for
your changes to take effect.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role granted through WebCenter Portal Administration.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
Topics:
•
About Analytics in WebCenter Portal
•
Configuration Roadmap for Analytics
•
Analytics Prerequisites
•
Configuring Analytics Collector Settings
•
Registering an Analytics Collector for Your Application
•
Validating Analytic Event Collection
•
Viewing the Current WebCenter Portal's Analytic Event List
•
Purging Analytics Data
•
Partitioning Analytics Data
7-1
Chapter 7
About Analytics in WebCenter Portal
7.1 About Analytics in WebCenter Portal
Analytics allows WebCenter Portal administrators and business users to track and
analyze portal usage. Analytics provides the following basic functionality:
•
Usage Tracking Metrics: Analytics collects and reports metrics for common
portal functions, including community, page, and portlet visits.
•
Behavior Tracking: Users can analyze portal metrics to determine usage
patterns, such as portal visit duration and usage over time.
•
User Profile Correlation: Users can correlate metric information with user profile
information. Usage tracking reports can be viewed and filtered by user profile data
such as country, company, or state. For more information, see Query Options in
Building Portals with Oracle WebCenter Portal.
An overview of Analytics components and ready-to-use task flows are described in the
following sections:
•
Analytics Components
•
Analytics Task Flows
7.1.1 Analytics Components
The following figure illustrates components for Analytics in WebCenter Portal:
•
WC_Portal – The managed server on which Oracle WebCenter Portal and the
Analytics Collector is deployed are deployed.
•
Event Data – Analytics tracks and collects a defined set of events. A
comprehensive set of the most common events are provided out-of-the-box.
•
Open Usage API – The OpenUsage API sends metrics to the Analytics Collector
using UDP (User Datagram Protocol).
•
Analytics Collector – The Analytics Collector component gathers event data.
Analytics Collectors can be clustered to provide increased scalability and
reliability.
•
Analytics Database – The Analytics database (ACTIVITIES) stores metrics
gathered from portal and non-portal events.
•
Analytics Task Flows – Analytics provides a series of task flows to report metrics
for common portal functions.
•
MDS – The Metadata Service (MDS) repository that stores task flow
customizations.
7-2
Chapter 7
About Analytics in WebCenter Portal
Figure 7-1
Analytics Components
7.1.2 Analytics Task Flows
Table 7-1 lists the Analytics task flows available with WebCenter Portal. For detailed
information about these task flows and how to use them, see About Analytics in
Building Portals with Oracle WebCenter Portal.
Table 7-1
Analytics Task Flows in WebCenter Portal
Analytics Task Flows
Description
WebCenter Portal Traffic
A summarized view for common events within the portal.
Page Traffic
Displays the number of page visits and the number of unique users that
visited any page within the portal.
Login Metrics
Reports portal logins.
Portlet Traffic
Displays usage data for a portlet.
Portlet Response Time
Displays performance data for a portlet.
Portlet Instance Traffic
Displays usage data for a portlet instance.
When the same portlet displays on several different pages, each
placement is considered as a portlet instance.
Portlet Instance Response Time
Displays performance data for a portlet instance.
Search Metrics
Tracks portal searches.
Wiki Metrics
Tracks most popular/least popular wikis.
Blog Metrics
Tracks most popular/least popular blogs.
7-3
Chapter 7
Configuration Roadmap for Analytics
Table 7-1
(Cont.) Analytics Task Flows in WebCenter Portal
Analytics Task Flows
Description
Discussion Metrics
Tracks most popular/least popular discussions.
Note:
Beginning with 12c (12.2.1.3.0), Oracle WebCenter Portal has
deprecated support for Jive features (announcements and
discussions). If you are upgrading from a prior release, these features
remain available in your existing installations that are being upgraded.
Portal Traffic
Displays usage data for a portal.
Portal Response Time
Displays page performance data for a portal.
7.2 Configuration Roadmap for Analytics
The flow chart in Figure 7-2 and tasks in Table 7-2 provide an overview of the
prerequisites and tasks required to get Analytics working in WebCenter Portal.
Figure 7-2
Configuring Analytics for Use in WebCenter Portal
7-4
Chapter 7
Analytics Prerequisites
Table 7-2
Configuring Analytics for Use in WebCenter Portal
Actor
Task
Link
Administrator
1. Install Oracle WebCenter Portal
and the Oracle WebCenter Portal
Analytics Collector component
See About Oracle
WebCenter Portal
Installation in Installing and
Configuring Oracle
WebCenter Portal
Administrator
2. (Optional) Configure Analytics
Collector settings using either of the
following tools:
See Configure Analytics
Collector Settings
•
•
Administrator
3. Configure a connection between
the Oracle WebCenter Portal and the
Analytics Collector using either of the
following tools:
•
•
WebCenter Portal
Administrator
Fusion Middleware Control
WLST
See Registering an
Analytics Collector for Your
Application
Fusion Middleware Control
WLST
4. Test that analytics data is available
in WebCenter Portal
•
•
4.a Log in to WebCenter
Portalwith administrator
privileges
4.b Open the main Analytics
business role page to see live
data: http://host:port/
webcenter/portal/system/
Analytics
7.3 Analytics Prerequisites
This section includes the following topics:
•
Analytics – Installation
•
Analytics – Configuration
•
Analytics – Security Considerations
•
Analytics – Limitations
7.3.1 Analytics – Installation
The Analytics Collector is an optional installation option for Oracle WebCenter Portal.
To install this product, select Oracle WebCenter Portal Analytics Collector in the
Fusion Middleware Configuration Wizard. For detailed installation instructions, see
About Oracle WebCenter Portal Installation in Installing and Configuring Oracle
WebCenter Portal.
The Analytics schema (ACTIVITIES) and the WebCenter Portal schema (WEBCENTER) can
be installed on the same database or on separate databases.
7-5
Chapter 7
Configuring Analytics Collector Settings
7.3.2 Analytics – Configuration
The Analytics Collector is configured to receive events out-of-the-box, using
installation defaults. If the default values are not suitable for your installation or you
have a cluster, you may configure different values using WLST or MBeans Browser.
For more information, see Configuring Analytics Collector Settings.
Out-of-the-box, WebCenter Portal is not configured to send events to the Analytics
Collector. If you want to collect usage and performance metrics for WebCenter Portal
you must register the Analytics Collector and enable event collection. For more
information, see Registering an Analytics Collector for Your Application. Once
connected, analytics data is collected and displays in your application (through
Analytics task flows) without further configuration.
7.3.3 Analytics – Security Considerations
In WebCenter Portal, resource catalogs display Analytics task flows only to users with
appropriate permissions:
•
Administrators – Users with the Administrator role have access to all Analytics
task flows
•
Portal Managers – Within a particular portal, members with the Portal Manager role
have access to Analytics task flows that display usage data for that portal only
Analytics usage data is valuable for portal analysis but might be regarded as private or
sensitive to portal users. To protect security and privacy interests associated with
usage metrics WebCenter Portal administrators and individual portal managers must
manage page security such that only appropriate, specified users have access to
pages that expose analytics data. See About Analytics in Building Portals with Oracle
WebCenter Portal.
7.3.4 Analytics – Limitations
Analytics task flows do not display custom event information.
7.4 Configuring Analytics Collector Settings
During installation, the Analytics Collector is configured to receive events using the
following default values:
•
Collector Host Name - localhost
•
Default Port - 31314
•
Maximum Port Number - 31314
•
Broadcast Type - Unicast
•
Clustering - The clustering settings do not apply. Clustering is not supported in
this version.
7-6
Chapter 7
Configuring Analytics Collector Settings
Note:
If the database used by WebCenter Portal uses a National Character Set set
to something other than AL16UTF16, the Analytics startup listener may fail to
start. The National Character Set option is configure through the Database
Configuration Assistant when the database is created. Oracle recommends
that you keep the National Character Set set to its default value of
AL16UTF16 to avoid potential issues.
If these default values are not suitable for your installation or you have a cluster, you
can configure suitable values using WLST or the MBeans Browser in Fusion
Middleware Control:
•
Setting Analytics Collector Properties Using WLST
•
Setting Analytics Collector Properties Using Fusion Middleware Control
These Analytics Collector configuration settings are stored in the Analytics database
(ACTIVITIES).
7.4.1 Setting Analytics Collector Properties Using WLST
Use the WLST command setAnalyticsCollectorConfig to set event collection
properties for the Analytics Collector. For command syntax and examples, see
setAnalyticsCollectorConfig in WebCenter WLST Command Reference.
Note:
To start using the property values you must restart the managed server on
which the Analytics Collector application is deployed (WC_Portal).
7.4.2 Setting Analytics Collector Properties Using Fusion Middleware
Control
Use the Systems MBeans Browser in Fusion Middleware Control to set event
collection properties for the Analytics Collector:
To configure the Analytics Collector (deployed on the WC_Portal managed server):
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. Open the System MBean Browser. From the WebCenter Portal menu, select
System MBean Browser.
3. Navigate to: Application Defined MBeans >oracle.webcenter.analytics
>Server: WC_Portal >Application: analytics-collector >CollectorConfiguration
>Configuration
Alternatively, search for CollectorConfiguration or filter the System MBean Browser
tree using the MBean pattern: oracle.webcenter.analytics:*
7-7
Chapter 7
Configuring Analytics Collector Settings
Figure 7-3
System MBeans Browser - Analytics Collector Properties
4. Modify configuration properties for the Analytics Collector.
Table 7-3
Analytics Collector - Configuration Properties
Field
Description
BroadcastType
Specify the network channel on which the Analytics Collector
broadcasts a 'heartbeat' to advertise its location to event
producers. Valid values are Broadcast and Multicast:
Broadcast - use the standard network broadcast channel.
Multicast - use a special fixed multicast address.
ClusterEnabled
The clustering settings do not apply. Clustering is not
supported in this version.
ClusterName
The clustering settings do not apply. Clustering is not
supported in this version.
CollectorHeartbeatFreque
ncy
The clustering settings do not apply. Clustering is not
supported in this version.
CollectorDefaultPort
Enter the default port number on which the Analytics
Collector listens. The default value is 31314.
CollectorHostName
Enter the name of the host on which the Analytics Collector is
running.
The default setting is localhost.
7-8
Chapter 7
Registering an Analytics Collector for Your Application
Table 7-3
(Cont.) Analytics Collector - Configuration Properties
Field
Description
CollectorMaximumPort
Enter the highest port number that an Analytics Collector can
use when allocating a listener.
This property is mostly used in a clustered environment
where multiple collectors run in the same box. Each collector
listens for incoming UDP messages on a free port within a
given port range. The range is from the default port number
to the maxPort number.
5. To start using the new settings restart the managed server on which the Analytics
Collector application is deployed (WC_Portal).
7.5 Registering an Analytics Collector for Your Application
Events raised in WebCenter Portal using OpenUsage APIs can be sent to an Analytics
Collector for use by Analytics. If you intend to use any of the features or task flows
provided by these tools you must connect WebCenter Portal to an Analytics Collector.
While you can register multiple Analytics Collector connections for WebCenter Portal,
only one Analytics Collector is used (i.e., the default (or active) connection).
To start using a new configuration you must restart the managed server on which
WebCenter Portal is deployed.
This section includes the following subsections:
•
Registering an Analytics Collector Using Fusion Middleware Control
•
Registering an Analytics Collector Using WLST
•
Disabling WebCenter Portal Event Collection
7.5.1 Registering an Analytics Collector Using Fusion Middleware
Control
To register an Analytics Collector for WebCenter Portal:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. Open the Service Configuration page. From the WebCenter Portal menu, select
Settings > Service Configuration.
3. From the list of services on the WebCenter Portal Service Configuration page,
select Analytics.
4. To connect to an Analytics Collector, click Add (Figure 7-4).
7-9
Chapter 7
Registering an Analytics Collector for Your Application
Figure 7-4
Configuring Analytics Collector Connections
5. Enter a unique name for this connection.
The name must be unique (across all connection types) within WebCenter Portal.
Figure 7-5
Add Analytics Collector Connection
6. Select Active Connection to use this connection for Analytics.
While you can register multiple Analytics Collector connections for WebCenter
Portal, only one connection is used—the default (or active) connection.
7. Select Enable WebCenter Portal Event Collection to send analytics events
raised using OpenUsage APIs to the Analytics Collector.
Deselect this option if you do not want to collect analytics data.
8. Enter connection details for the Analytics Collector.
7-10
Chapter 7
Registering an Analytics Collector for Your Application
Table 7-4
Analytics Collector Connection - Connection Details
Field
Description
Messaging Mode
This property specifies whether to send events to a clustered
Analytics Collector in multicast mode or a single Analytics
Collector using unicast communication. Clustering the
Analytics Collector is not supported in the current release, so
the only valid value for this release is Unicast.
Collector Host Name
If the messaging mode is set to Unicast, enter the host name
where the Analytics Collector is running.
The default setting is localhost.
Collector Port
Enter the port on which the Analytics Collector listens for
events. The default value is 31314.
9. Click OK to save.
10. To start using the new (active) connection you must restart the managed server on
which WebCenter Portal is deployed.
7.5.2 Registering an Analytics Collector Using WLST
Use the WLST command createAnalyticsCollectorConnection to create an Analytics
Collector connection for WebCenter Portal. To update an existing connection, use
setAnalyticsCollectorConnection. For command syntax and examples, see
createAnalyticsCollectorConnection and setAnalyticsCollectorConnection in
WebCenter WLST Command Reference.
Note:
To start using the new connection, ensure that isEnabled=1 and default=1, and
then restart the managed server on which WebCenter Portal is deployed.
7.5.3 Disabling WebCenter Portal Event Collection
If you do not want to collect events raised using OpenUsage APIs, you can stop event
transmission temporarily or permanently.
This section includes the following subsections:
•
Disabling WebCenter Portal Event Collection Using Fusion Middleware Control
•
Disabling WebCenter Portal Event Collection Using WLST
7.5.3.1 Disabling WebCenter Portal Event Collection Using Fusion Middleware
Control
To disable event collection for WebCenter Portal:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
7-11
Chapter 7
Validating Analytic Event Collection
2. Open the Service Configuration page. From the WebCenter Portal menu, select
Settings > Service Configuration.
3. From the list of services on the WebCenter Portal Service Configuration page,
select Analytics.
4. Select the connection in the table, and then click Edit.
5. Deselect Enable WebCenter Portal Event Collection (Figure 7-6).
Figure 7-6
Disabling Analytics Event Collection
6. To effect this change you must restart the managed server on which WebCenter
Portal is deployed.
7.5.3.2 Disabling WebCenter Portal Event Collection Using WLST
To disable event collection using WLST, run the setAnalyticsCollectorConnection
command with the isEnabled argument set to 0 (false). For command syntax and
examples, see setAnalyticsCollectorConnection in WebCenter WLST Command
Reference.
7.6 Validating Analytic Event Collection
You can check whether events reach the Analytics Collector by checking the trace log
at:
<base_domain_name>/servers/WC_Portal/logs/analytics-collector/collector.trc
Event messages are similar to the following:
[2015-09-16T07:13:56.906-07:00] [WC_Utilities] [TRACE] []
[SRC_METHOD: OnMessageReceived] Event = [[
EVENT_TYPE: {http://www.myorg.com/videoapp}VIDEOVIEWS
VERSION: 3.0.XXXX
AS_DIMENSION_USER.USERID: testuser01
VIDEO.RESOURCEID: video8736
VIDEO.TITLE: Project Kick Off
VIDEO.LOOP: false
QUALITY: 720
PROPERTY_VERSION: 3.0.XXXX
To display analytics collector configuration information, enter the following URL:
7-12
Chapter 7
Viewing the Current WebCenter Portal's Analytic Event List
http://hostname:WC_Portal_port/collector
This page lists the following:
•
Collector Default Port
•
Collector Max Port
•
Collector Server Name
•
Broadcast Type
•
Cluster Enabled
•
Cluster Name
•
Partitioning Enabled
•
Time Dimension for This Year
•
Space Dimension Exists (for WebCenter Portal)
7.7 Viewing the Current WebCenter Portal's Analytic Event
List
Use the Systems MBeans Browser in Fusion Middleware Control to see which events
an Analytics Collector is configured to collect.
To display the current list of analytics events:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. Open the System MBean Browser. From the WebCenter Portal menu, select
System MBean Browser.
3. Navigate to: Application Defined MBeans> oracle.webcenter.analytics >
Server: WC_Portal> Application: analytics-collector> CollectorServices>
Services
Alternatively, search for CollectorServices or filter the System MBean Browser tree
using the MBean pattern: oracle.webcenter.analytics:*
4. Select the Operations tab.
7-13
Chapter 7
Purging Analytics Data
Figure 7-7
System MBeans Browser - Register Analytics Events
5. Click listRegisteredEventTypes.
6. Click Invoke.
Alternatively, use the WLST command listAnalyticsEventTypes. For command syntax
and examples, see listAnalyticsEventTypes in WebCenter WLST Command
Reference.
7.8 Purging Analytics Data
For information about purging analytics data, see Purging Oracle WebCenter Portal's
Analytics Data in Administering Oracle Fusion Middleware.
7.9 Partitioning Analytics Data
For information about partitioning analytics data, see Partitioning Oracle WebCenter
Portal's Analytics Data in Administering Oracle Fusion Middleware.
7-14
8
Managing Calendar Events
Configure and manage events to expose personal Microsoft Exchange calendars
inWebCenter Portal portals.
Always use Fusion Middleware Control or the WLST command-line tool to review and
configure back-end services for WebCenter Portal. Any configuration changes that you
make, post deployment, are stored in the MDS metadata store as customizations.
Note:
Configuration changes for events, through Fusion Middleware Control or using
WLST, are not dynamic, so you must restart the managed server on which
WebCenter Portal is deployed for your changes to take effect.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role granted through WebCenter Portal Administration.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
For troubleshooting, see Troubleshooting Issues with Events.
Topics:
•
About Events Connections
•
Configuring Personal Events for WebCenter Portal
•
Events Prerequisites for Personal Events
•
Registering Events Servers
•
Choosing the Active Events Server Connection
•
Modifying Events Server Connection Details
•
Deleting Event Server Connections
8.1 About Events Connections
In WebCenter Portal, events provides portal calendars that you can use to schedule
meetings, appointments, and any other type of team, project, or group occasion.
Events also enables you to access your personal Microsoft Exchange calendar, where
you can schedule events that are not related to a particular portal.
8-1
Chapter 8
Configuring Personal Events for WebCenter Portal
Personal calendars are available through a Microsoft Exchange Server; therefore, a
connection to that server is required. You can register the Microsoft Exchange Server
connection through the Fusion Middleware Control Console or using WLST.
You must mark a connection as active for events to work. You can register additional
Microsoft Exchange Server connections, but only one connection is active at a time.
To view personal events in WebCenter Portal, users must have an account on the
Microsoft Exchange Server.
8.2 Configuring Personal Events for WebCenter Portal
Use the roadmaps in this section as a guide through the configuration process for
providing access to personal events:
The flow chart (Figure 8-1) and table (Table 8-1) in this section provide an overview of
the prerequisites and tasks required for personal events to work in WebCenter Portal.
Figure 8-1
Table 8-1
Configuring Personal Events for WebCenter Portal
Configuring the Personal Events for WebCenter Portal
Actor
Task
Administrator
1. Install WebCenter Portal
Subtask
Link
See About Oracle
WebCenter Portal
Installation in Installing
and Configuring Oracle
WebCenter Portal
8-2
Chapter 8
Events Prerequisites for Personal Events
Table 8-1
(Cont.) Configuring the Personal Events for WebCenter Portal
Actor
Task
Subtask
Link
Administrator
2.Install and configure Microsoft
Exchange Server release 2013,
2010, or 2007.
2.a Configure MS Exchange
Server 2013
See Microsoft Exchange
Server 2013
Prerequisites
•
Install Microsoft Exchange
Server 2013
2.c Ensure SSL is enabled
•
Install Microsoft Exchange
Server 2010
2.a Configure MS Exchange
Server 2010
Administrator
2.b Edit security settings
2.b Edit security settings
See Microsoft Exchange
Server 2010
Prerequisites
2.c Ensure SSL is enabled
Administrator
•
Install Microsoft Exchange
Server 2007
2.a Configure MS Exchange
Server 2007
2.b Edit security settings
See Microsoft Exchange
Server 2007
Prerequisites
2.c (Optional) Enable SSL
Administrator
3. Configure a connection
between WebCenter Portal and
the events server using either
Fusion Middleware Control or
WLST
End User
4. Test that the personal calendar
is working in WebCenter Portal
See Registering Events
Servers
3.a Log in to WebCenter Portal
and add an Events task flow to a
page in your Home portal
In Building Portals with
Oracle WebCenter
Portal, see:
3.b Click Login to Personal
Calendar on the Events task flow
and enter your Microsoft
Exchange Server login
credentials
•
•
Adding an Events
Task Flow to a
Page
Accessing Your
Personal Events
8.3 Events Prerequisites for Personal Events
This section includes the following subsections:
•
Microsoft Exchange Server 2013 Prerequisites
•
Microsoft Exchange Server 2010 Prerequisites
•
Microsoft Exchange Server 2007 Prerequisites
8.3.1 Microsoft Exchange Server 2013 Prerequisites
This section describes the Microsoft Exchange Server 2013 prerequisites when used
as the server for personal events.
This section includes the following subsections:
•
Microsoft Exchange Server 2013 - Installation
8-3
Chapter 8
Events Prerequisites for Personal Events
•
Microsoft Exchange Server 2013 - Configuration
•
Microsoft Exchange Server 2013 - Security Considerations
•
Microsoft Exchange Server 2013 - Limitations
8.3.1.1 Microsoft Exchange Server 2013 - Installation
Refer to the Microsoft Exchange Server 2013 documentation for installation
information.
8.3.1.2 Microsoft Exchange Server 2013 - Configuration
To use Microsoft Exchange Server 2013 as the server for personal events, you must
edit the Microsoft Exchange Server 2013 web service WSDL to specify the location of
the web service.
To specify the location of the Microsoft Exchange Server 2013 web service:
1. Open the WSDL file for the Microsoft Exchange Server web service.
For example:
C:\Program Files\Microsoft\Exchange Server\ClientAccess\exchweb\ews\Services.wsdl
2. Add a service section that points to your Microsoft Exchange Server web service.
For example:
<wsdl:definitions>
...
<wsdl:service name="ExchangeServices">
<wsdl:port name="ExchangeServicePort" binding="tns:ExchangeServiceBinding">
<soap:address location="https://server.example.com/EWS/Exchange.asmx"/>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
8.3.1.3 Microsoft Exchange Server 2013 - Security Considerations
Events includes a Microsoft Exchange Server 2013 adapter that communicates with
the Microsoft Exchange Server 2013 generic web service through a JAX-WS proxy. To
set up the communication between the adapter and the web service, you must edit the
Microsoft Exchange Server security settings. You must enable Basic authentication.
Further, you must enable anonymous access to Services.wsdl, Messages.xsd, and
Types.xsd so that JAX-WS can access them to create the service port before
committing any web service call. This involves creating a virtual directory and enabling
anonymous authentication and disabling Windows authentication.
To edit Microsoft Exchange Server security settings:
1. On Microsoft Exchange Server, open Internet Information Services (IIS) Manager.
2. Under Node computer_name > Sites > Default Web Site > EWS, double-click
Authentication under IIS.
3. Right-click Basic Authentication and select Enable to enable Basic Authentication
for the EWS application.
8-4
Chapter 8
Events Prerequisites for Personal Events
4. Under Sites, right-click Default Web Site and select Add Virtual Directory to
create a virtual directory that will be used to provide anonymous access to
Services.wsdl, Messages.xsd, and Types.xsd.
5. In the Add Virtual Directory dialog, in the Alias field, specify the name of the virtual
directory, for example ExchWS.
6. In the Physical Path field, specify the path to the virtual directory. For example
(Figure 8-2):
C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\exchweb\ews
Figure 8-2
Creating a Virtual Directory
7. Click Connect as.
8. In the Connect As dialog, ensure Application user (pass-thorough
authentication) is selected.
9. Click OK.
10. Under Default Web Site > ExchWS, double-click Authentication under IIS.
11. Right-click Anonymous Authentication and select Enable (Figure 8-3).
Figure 8-3
Enabling Anonymous Authentication
12. Right-click Anonymous Authentication and select Edit.
13. In the Edit Anonymous Authentication Credentials dialog, ensure Application pool
identity is selected.
8-5
Chapter 8
Events Prerequisites for Personal Events
14. Right-click Windows Authentication and select Disable.
Events uses Basic Authentication to communicate with the Microsoft Exchange
Server. To secure the communication, ensure that SSL is enabled. For more
information, see:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/
56bdf977-14f8-4867-9c51-34c346d48b04.mspx?mfr=true
You must also ensure that the SSLAlwaysNegoClientCert property is set to true in IIS.
The SSLAlwaysNegoClientCert property controls SSL client connection negotiations.
For example, use the following command to set the SSLAlwaysNegoClientCert property:
CScript.exe adsutil.vbs SET w3svc/1/SSLAlwaysNegoClientCert true
For more information about the SSLAlwaysNegoClientCert property, see:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/
bce0fb87-79ea-40cd-963f-239545b61a12.mspx?mfr=true
For information about setting the SSLAlwaysNegoClientCert property, see:
https://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/
d3df4bc9-0954-459a-b5e6-7a8bc462960c.mspx?mfr=true to understand how to use
adsutil.vbs
8.3.1.4 Microsoft Exchange Server 2013 - Limitations
There are currently no known limitations.
8.3.2 Microsoft Exchange Server 2010 Prerequisites
This section describes the Microsoft Exchange Server 2010 prerequisites when used
as the server for personal events.
This section includes the following subsections:
•
Microsoft Exchange Server 2010 - Installation
•
Microsoft Exchange Server 2010 - Configuration
•
Microsoft Exchange Server 2010 - Security Considerations
•
Microsoft Exchange Server 2010 - Limitations
8.3.2.1 Microsoft Exchange Server 2010 - Installation
Refer to the Microsoft Exchange Server 2010 documentation for installation
information.
8.3.2.2 Microsoft Exchange Server 2010 - Configuration
To use Microsoft Exchange Server 2010 as the server for personal events, you must
edit the Microsoft Exchange Server 2010 web service WSDL to specify the location of
the web service.
To specify the location of the Microsoft Exchange Server 2010 web service:
8-6
Chapter 8
Events Prerequisites for Personal Events
1. Open the WSDL file for the Microsoft Exchange Server web service.
For example:
C:\Program Files\Microsoft\Exchange Server\ClientAccess\exchweb\ews\Services.wsdl
2. Add a service section that points to your Microsoft Exchange Server web service.
For example:
<wsdl:definitions>
...
<wsdl:service name="ExchangeServices">
<wsdl:port name="ExchangeServicePort" binding="tns:ExchangeServiceBinding">
<soap:address location="https://server.example.com/EWS/Exchange.asmx"/>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
8.3.2.3 Microsoft Exchange Server 2010 - Security Considerations
Events includes a Microsoft Exchange Server 2010 adapter that communicates with
the Microsoft Exchange Server 2010 generic web service through a JAX-WS proxy. To
set up the communication between the adapter and the web service, you must edit the
Microsoft Exchange Server security settings. You must enable Basic authentication.
Further, you must enable anonymous access to Services.wsdl, Messages.xsd, and
Types.xsd so that JAX-WS can access them to create the service port before
committing any web service call. This involves creating a virtual directory and enabling
anonymous authentication and disabling Windows authentication.
To edit Microsoft Exchange Server security settings:
1. On Microsoft Exchange Server, open Internet Information Services (IIS) Manager.
2. Under Node computer_name > Sites >Default Web Site > EWS, double-click
Authentication under IIS.
3. Right-click Basic Authentication and select Enable to enable Basic Authentication
for the EWS application.
4. Under Sites, right-click Default Web Site and select Add Virtual Directory to
create a virtual directory that will be used to provide anonymous access to
Services.wsdl, Messages.xsd, and Types.xsd.
5. In the Add Virtual Directory dialog, in the Alias field, specify the name of the virtual
directory, for example ExchWS.
6. In the Physical Path field, specify the path to the virtual directory. For example
(Figure 8-4):
C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\exchweb\ews
8-7
Chapter 8
Events Prerequisites for Personal Events
Figure 8-4
Creating a Virtual Directory
7. Click Connect as.
8. In the Connect As dialog, ensure Application user (pass-thorough
authentication) is selected.
9. Click OK.
10. Under Default Web Site > ExchWS, double-click Authentication under IIS.
11. Right-click Anonymous Authentication and select Enable (Figure 8-5).
Figure 8-5
Enabling Anonymous Authentication
12. Right-click Anonymous Authentication and select Edit.
13. In the Edit Anonymous Authentication Credentials dialog, ensure Application pool
identity is selected.
14. Right-click Windows Authentication and select Disable.
Events uses Basic Authentication to communicate with the Microsoft Exchange
Server. To secure the communication, you must enable SSL. For more information,
see:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/
56bdf977-14f8-4867-9c51-34c346d48b04.mspx?mfr=true
You must also ensure that the SSLAlwaysNegoClientCert property is set to true in IIS.
The SSLAlwaysNegoClientCert property controls SSL client connection negotiations.
8-8
Chapter 8
Events Prerequisites for Personal Events
For example, use the following command to set the SSLAlwaysNegoClientCert property:
CScript.exe adsutil.vbs SET w3svc/1/SSLAlwaysNegoClientCert true
For more information about the SSLAlwaysNegoClientCert property, see:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/
bce0fb87-79ea-40cd-963f-239545b61a12.mspx?mfr=true
8.3.2.4 Microsoft Exchange Server 2010 - Limitations
There are currently no known limitations.
8.3.3 Microsoft Exchange Server 2007 Prerequisites
This section describes the Microsoft Exchange Server 2007 prerequisites when used
as the server for personal events.
This section includes the following subsections:
•
Microsoft Exchange Server 2007 - Installation
•
Microsoft Exchange Server 2007 - Configuration
•
Microsoft Exchange Server 2007 - Security Considerations
•
Microsoft Exchange Server 2007 - Limitations
8.3.3.1 Microsoft Exchange Server 2007 - Installation
Refer to the Microsoft Exchange Server 2007 documentation for installation
information.
8.3.3.2 Microsoft Exchange Server 2007 - Configuration
To use Microsoft Exchange Server 2007 as the server for personal events, you must
edit the Microsoft Exchange Server 2007 web service WSDL to specify the location of
the web service.
To specify the location of the Microsoft Exchange Server 2007 web service:
1. Open the WSDL file for the Microsoft Exchange Server web service.
For example:
C:\Program Files\Microsoft\Exchange Server\ClientAccess\exchweb\ews\Services.wsdl
2. Add a service section that points to your Microsoft Exchange Server web service.
For example:
<wsdl:definitions>
...
<wsdl:service name="ExchangeServices">
<wsdl:port name="ExchangeServicePort" binding="tns:ExchangeServiceBinding">
<soap:address location="https://server.example.com/EWS/Exchange.asmx"/>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
8-9
Chapter 8
Events Prerequisites for Personal Events
8.3.3.3 Microsoft Exchange Server 2007 - Security Considerations
Events includes a Microsoft Exchange Server 2007 adapter that communicates with
the Microsoft Exchange Server 2007 generic web service through a JAX-WS proxy. To
set up the communication between the adapter and the web service, you must edit the
Microsoft Exchange Server security settings.
To edit security settings:
1. On the Microsoft Exchange Server, open Internet Information Services (IIS)
Manager.
2. Under Node computer_name > Web Sites >Default Web Site > EWS, click
Properties.
3. On the Directory Security tab, in the Authentication and access control, click Edit.
4. Select Basic authentication.
5. Click OK.
You must enable anonymous access to Services.wsdl, Messages.vsd, and Types.vsd
so that JAX-WS can access them to create the service port before committing any
web service call.
6. Right-click Services.wsdl and select Edit.
7. On the File Security tab, in the Authentication and access control, click Edit.
8. Select Enable anonymous access.
9. Click OK.
10. Repeat steps 6 through 9 for Messages.xsd and Types.xsd.
Events uses Basic Authentication to communicate with the Microsoft Exchange
Server. To secure the communication, ensure that SSL is enabled. For more
information, see:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/
56bdf977-14f8-4867-9c51-34c346d48b04.mspx?mfr=true
You must also ensure that the SSLAlwaysNegoClientCert property is set to true in IIS.
The SSLAlwaysNegoClientCert property controls SSL client connection negotiations.
For example, use the following command to set the SSLAlwaysNegoClientCert property:
CScript.exe adsutil.vbs SET w3svc/1/SSLAlwaysNegoClientCert true
For more information about the SSLAlwaysNegoClientCert property, see:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/
bce0fb87-79ea-40cd-963f-239545b61a12.mspx?mfr=true
For information about setting the SSLAlwaysNegoClientCert property, see:
https://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/
d3df4bc9-0954-459a-b5e6-7a8bc462960c.mspx?mfr=true to understand how to use
adsutil.vbs
8-10
Chapter 8
Registering Events Servers
8.3.3.4 Microsoft Exchange Server 2007 - Limitations
There are currently no known limitations.
8.4 Registering Events Servers
You can register multiple events servers for WebCenter Portal, but only one is active
at a single time.
To start using a new (active) connection you must restart the managed server on
which the application is deployed.
This section includes the following topics:
•
Registering Events Servers Using Fusion Middleware Control
•
Registering Event Servers Using WLST
8.4.1 Registering Events Servers Using Fusion Middleware Control
To register an events server:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings > Service Configuration.
3. On the WebCenter Portal Service Configuration page, select Personal Events.
4. To connect to a new events server instance, click Add.
The Add Personal Events Connection page appears (Figure 8-6).
Figure 8-6
Configuring Events Connections
5. Enter a unique name for this connection, specify the version of Microsoft Exchange
Server, and indicate whether this connection is the active (or default) connection for
WebCenter Portal.
8-11
Chapter 8
Registering Events Servers
Table 8-2
Personal Events Connection - Name
Field
Description
Connection Name
Enter a unique name for the connection. The name must be
unique (across all connection types) within WebCenter
Portal.
Connection Type
Select the Microsoft Exchange Server you want to connect
to:
•
•
•
Active Connection
Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
Microsoft Exchange Server 2013
Select to use this connection for events in WebCenter Portal.
While you can register multiple events server connections,
only one connection is used by events—the default (or
active) connection.
6. Enter connection details for the events server.
Table 8-3
Personal Events - Connection Details
Field
Description
Web Service URL
Enter the URL of the web service exposing the event
application.
Use the format:
protocol://host:port/appWebServiceInterface/WSName
For example
http://myexchange.com:80/ExchangeWS/
PersonalEventsWebService.asmx
http://myexchange.com:80/EWS/Services.wsdl
Associated External
Application
Associate events with an external application. External
application credential information is used to authenticate
users against the Microsoft Exchange Server hosting events.
7. Click OK to save this connection.
8. To start using the new (active) connection you must restart the managed server on
which WebCenter Portal is deployed.
8.4.2 Registering Event Servers Using WLST
Use the WLST command createPersonalEventConnection to create an events server
connection. Use setPersonalEventConnection to alter an existing connection. For
command syntax and examples, see createPersonalEventConnection and
setPersonalEventConnection in WebCenter WLST Command Reference.
8-12
Chapter 8
Choosing the Active Events Server Connection
Note:
To start using the new (active) connection you must restart the managed
server on which WebCenter Portal is deployed.
8.5 Choosing the Active Events Server Connection
You can register multiple events server connections with WebCenter Portal, but only
one connection is active at a time.
This section includes the following topics:
•
Choosing the Active Events Server Using Fusion Middleware Control
•
Choosing the Active Events Server Connection Using WLST
8.5.1 Choosing the Active Events Server Using Fusion Middleware
Control
To change the active connection:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings > Service Configuration.
3. On the WebCenter Portal Services Configuration page, select Personal Events.
The Manage Personal Events Connections table indicates the current active
connection, if any.
Figure 8-7
Active Connection for Personal Events
4. Select the connection you want to make the active (or default) connection, and then
click Edit.
5. Select the Active Connection check box.
6. Click OK to update the connection.
7. To start using the new (active) connection you must restart the managed server on
which WebCenter Portal is deployed.
8-13
Chapter 8
Modifying Events Server Connection Details
8.5.2 Choosing the Active Events Server Connection Using WLST
Use the WLST command setPersonalEventConnection with default=true to activate an
existing events server connection. For command syntax and examples, see
setPersonalEventConnection in WLST Command Reference for WebLogic Server.
To subsequently disable an events connection, run the same WLST command with
default=false. Connection details are retained but the connection is no longer named
as an active connection.
Note:
To start using the active connection you must restart the managed server on
which WebCenter Portal is deployed.
8.6 Modifying Events Server Connection Details
You can modify events server connection details at any time.
To start using the updated (active) connection you must restart the managed server on
which WebCenter Portal is deployed.
This section includes the following subsections:
•
Modifying Events Server Connection Details Using Fusion Middleware Control
•
Modifying Events Server Connection Details Using WLST
8.6.1 Modifying Events Server Connection Details Using Fusion
Middleware Control
To update connection details for an events server:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings > Service Configuration.
3. On the WebCenter Portal Service Configuration page, select Personal Events.
4. Select the connection name, and click Edit.
5. Edit connection details, as required.
For detailed parameter information, see Table 8-3
6. Click OK to save your changes.
7. To start using the updated (active) connection you must restart the managed server
on which WebCenter Portal is deployed.
8-14
Chapter 8
Deleting Event Server Connections
8.6.2 Modifying Events Server Connection Details Using WLST
Use the WLST command setPersonalEventConnection to edit an existing events server
connection. For command syntax and examples, see setPersonalEventConnection in
WebCenter WLST Command Reference .
Note:
To start using the updated (active) connection you must restart the managed
server on which WebCenter Portal is deployed.
8.7 Deleting Event Server Connections
You can delete events server connections at any time, but use caution when deleting
the active connection. If you delete the active connection, users cannot create events
in their personal calendar.
This section includes the following subsections:
•
Deleting Event Server Connections Using Fusion Middleware Control
•
Deleting Event Server Connections Using WLST
8.7.1 Deleting Event Server Connections Using Fusion Middleware
Control
To delete an events server connection:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings > Service Configuration.
3. From the list on the WebCenter Portal Service Configuration page, select Personal
Events.
4. Select the connection name, and click Delete.
Note:
Before restarting the managed server, select another connection as active;
otherwise, the service is disabled.
5. To make this change you must restart the managed server on which WebCenter
Portal is deployed.
8-15
Chapter 8
Deleting Event Server Connections
8.7.2 Deleting Event Server Connections Using WLST
Use the WLST command deleteConnection to remove an events server connection.
For command syntax and examples, see deleteConnection in WebCenter WLST
Command Reference.
Note:
To effect this change you must restart the managed server on which
WebCenter Portal is deployed.
8-16
9
Integrating Other Oracle Applications
Integrate other Oracle applications, such as Siebel, E-Business Suite, JD Edwards,
PeopleSoft, and Oracle Business Intelligence, with WebCenter Portal.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role granted through WebCenter Portal Administration.
Aside from these permissions for WebCenter Portal, you may also need
additional permissions for the other Oracle applications being integrated.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
Topics:
•
About Integrating Other Oracle Applications
•
Integrating Siebel Applications
•
Integrating E-Business Suite Applications
•
Integrating JD Edwards Applications
•
Integrating PeopleSoft Applications
•
Integrating Oracle Business Intelligence Presentation Services
•
Integrating with Oracle Content and Experience Cloud
9.1 About Integrating Other Oracle Applications
Oracle WebCenter Portal is an integrated suite of technology designed to deliver a
unified, context-aware user experience. WebCenter Portal integrates structured and
unstructured content, business intelligence, business processes, communication, and
collaboration services, and removes the boundaries between enterprise applications.
By integrating other applications available within the enterprise with WebCenter Portal,
you can create context-centric, composite applications that leverage the capabilities of
these applications, extending WebCenter Portal and changing the way people work.
WebCenter Portal uses industry-standard technologies to integrate (primarily as
WSRP portlets) other application components. Figure 9-1 shows the technologies
involved in WebCenter Portal integration with other Oracle applications.
9-1
Chapter 9
Integrating Siebel Applications
Figure 9-1
WebCenter Portal Integration
Although not all applications support the same integration mechanisms, the integration
process is generally quite simple, consisting of exposing the application object to be
integrated as a portlet, registering the portlet with WebCenter Portal, adding the portlet
to a page, and then running and testing the results.
In Figure 9-1 we show the applications that can be integrated as Siebel, E-Business
Suite, JD Edwards, PeopleSoft, and Oracle Business Intelligence. These Oracle
applications are fully supported and documented within this chapter. However, you can
integrate virtually any application that can expose objects as WSRP portlets. The
process for integrating them is the same as for the Oracle applications documented
here: expose the object as a portlet, register the portlet in WebCenter Portal, and add
the portlet to a page. Refer to the documentation for one of the supported Oracle
applications for a description of how to consume an exposed portlet in WebCenter
Portal.
9.2 Integrating Siebel Applications
This section describes how to integrate a Siebel Web service in WebCenter Portal. It
also describes how to integrate Siebel objects using the Siebel Web Engine (SWE).
Siebel and WebCenter can work together to include Siebel's CRM capabilities as
portlets within WebCenter Portal. You can integrate Siebel applications as Web
services, or using the Siebel Web Engine (SWE).
•
How to Integrate Siebel Applications as Web Services
•
How to Integrate Siebel Applications Using the Siebel Web Engine
9.2.1 How to Integrate Siebel Applications as Web Services
This section describes how to integrate Siebel applications as Web services in
WebCenter Portal.
9-2
Chapter 9
Integrating Siebel Applications
To be able to add a Siebel Web service data control or a task flow containing a data
control to a portal page you must first have configured WS-Security for WebCenter
Portal. For more information about configuring WS-Security, see Configuring Web
Services Security login credentials in Oracle Fusion Middleware Administering Oracle
WebCenter Portal. For more information about Web service data controls, see
Creating Data Controls and Web Service Data Controls in Oracle Fusion Middleware
Building Portals with Oracle WebCenter Portal.
This section contains the following subsections:
•
How to Prepare the Siebel Application
•
How to Consume a Siebel Web Service Data Control
9.2.1.1 How to Prepare the Siebel Application
This section describes how to create an inbound Web service, set up operations for
the inbound service, and generate a WSDL that you will later use to create a data
control in WebCenter Portal.
This section contains the following subsections:
•
How to Create an Inbound Web Service
•
How to Create Operations for the Inbound Web Service
9.2.1.1.1 How to Create an Inbound Web Service
To create an inbound Web service:
1. Log into the Siebel application as an administrator.
2. Navigate to the Administration - Web Services page.
3. Click Inbound Web Services.
The Inbound Web Services page shows the out-of-the-box Web services and any
other Web services that are currently exposed.
4. Click Menu and select New Record from the drop-down list.
5. Enter the values for Namespace, Name, Status and Comment as appropriate for
the Web service you want to set up. For example:
Field Name
Value
Namespace
http://xmlns.oracle.com
Name
Siebel Customer Account
Status
Active
Comment
For Fusion Middleware
6. Scroll to the Service Ports pane and select New Record from the Menu drop-down
list.
7. Enter CustAccount as the Name and click Type.
8. In the Inbound Web Service Port Type pick applet, open the New tab.
9-3
Chapter 9
Integrating Siebel Applications
9. Select Business Service as the Implementation Type.
10. From the Service Name list, select Siebel Account.
11. In the Inbound Web Service Port Type pick applet, click OK to create the inbound
Web service.
12. From the Service Ports dialog's Transport drop-down list, select HTTP.
13. In the Address field, set the URL to your Siebel instance. For example:
http://xmlns.oracle.com/eai_enu/start.swe?
SWEExtSource=WebService&SWEExtCmd=Execute&UserName=SADMIN&Password=SADMIN
14. From the Menu drop-down list, select Save Record.
9.2.1.1.2 How to Create Operations for the Inbound Web Service
After creating the inbound Web service, continue by adding operations to the inbound
Web service and then create a WSDL file, follow these steps:
1. Scroll to the Operations section and select New from the Menu drop-down list.
2. In the Operation Name field, enter AccountInsert.
3. Click Method Display Name to open the Business Service Method dialog.
4. Select Insert as the Method, and click OK.
5. From the Authentication Type drop-down list, select an appropriate authentication
type:
Authentication Session Type
Type
Description
None
A single request is sent with an anonymous user login,
and the session is closed after the response is sent out.
None
In order for the anonymous session to be identified by
the SWSE Plug-in, UsernameToken and PasswordText
must be excluded in the SOAP headers.
Username and
password
None
A single request is sent with the username and
password used to log in, and the session is closed after
the response is sent out.
Username and
password
Stateless
The initial request to log in establishes a session that is
to remain open and available for subsequent requests.
Username/password are used to log in and a session
token is returned in a SOAP header included in the
outbound response. The session remains open.
Session token
(stateless)
Stateless
Request to reconnect to an established session, using
the information contained in the session token. If the
session has been closed, automatic re-login occurs.
The Siebel servers include the session token in the
SOAP header of the response. The session remains
open.
9-4
Chapter 9
Integrating Siebel Applications
Authentication Session Type
Type
Description
Session token
(stateless)
When a SOAP header carries a session token and has
the session type set to None, then the Session
Manager on the SWSE closes (logs out) of this session,
and invalidates the session token. The session token is
not used after the session is invalidated.
None
6. Click New to create a new operation.
7. In the Operation Name field, enter a name for the new operation (for example,
AccountQueryByExample).
8. Click Method Display Name for the new operation.
9. In the Business Service Method dialog, select the query method (for example,
Query By Example) and click OK.
10. Continue by adding any additional operations you may need as described in steps
6 to 9 above.
11. In the Service Ports pane, select Save Record from the Menu drop-down list.
12. In the Inbound Web Services pane, select Save Record from the Menu drop-down
list.
13. Select Clear Cache from the Menu drop-down list.
14. Click the Generate WSDL.
15. On the File Download dialog, click Open.
16. Select File --> Save As...
17. Locate the directory where you want to save the WSDL file, enter a name for the
file and click Save.
9.2.1.2 How to Consume a Siebel Web Service Data Control
This section describes how you can create a Web Service data control and add it to a
portal page. The steps in this section assume that you have prepared the application
and generated a WSDL as described in How to Prepare the Siebel Application.
Note:
Before you can add a data control or task flow containing a data control to a
portal page you must first have configured WS-Security for WebCenter Portal.
For more information about configuring WS-Security, see Configuring Web
Services Security login credentials in Administering Oracle WebCenter Portal.
To create a Web service data control:
1. In WebCenter Portal or the portal in which you want to create the data control, go to
either the Shared Assets or Assets page.
2. Select Data Controls and click Create.
The Create New Data Control dialog displays.
9-5
Chapter 9
Integrating Siebel Applications
Figure 9-2
Create New Data Control Dialog
3. In the Create New Data Control dialog, enter a Name and Description for the data
control, select Web Service as the Data Control Type, and then click Continue.
4. Enter the WSDL URL that you generated earlier and other details for the data
control and click Continue.
5. Click Show Methods.
6. Select the method(s) to make available and click Next.
7. Enter the parameter default values, if any, and click Create.
8. To make the data control available, from the Shared Assets or Assets page,
select Task Flows. The Create New Task Flow dialog displays.
Figure 9-3
Create New Task Flow Dialog
9. Enter the task flow Name and Description, select the Mashup Style to use, and
then click Create to create the task flow.
10. Select the task flow and click the Edit icon.
11. Add the data control (with parameter form) as a table onto the task flow and verify
the data.
12. To make the task flow available, navigate to Administration > Business Role
Pages.
13. Select Business Role Page and click the Create icon.
14. Edit the page and save the changes.
15. Drop the task flow onto the page and verify the data.
9.2.2 How to Integrate Siebel Applications Using the Siebel Web
Engine
As well as integrating Siebel applications using Web services, you can also integrate
Siebel applications in WebCenter Portal using the Siebel Web Engine (SWE).
9-6
Chapter 9
Integrating E-Business Suite Applications
Siebel Web Engine (SWE) is responsible for rendering the Siebel User Interface.
Siebel Web Templates provide this HTML layout information (markup information) to
the Siebel Web Engine when rendering Siebel objects in the repository definition of the
application. The markup that SWE returns can also be XML for rendering within XMLaware applications or WML (wireless markup language) for rendering on wireless
devices. This lets you request the SWE to return a Siebel View as XML, parse the data
elements, and display the result in a WebCenter Portal application.
For more information, refer to the Siebel Bookshelf Guides: Siebel Portal Framework
Guide (specifically, the section on delivering content to external Web applications),
and Configuring Siebel Business Applications Guide for details on SWE and Web
Templates.
9.3 Integrating E-Business Suite Applications
This section describes how to integrate E-Business Suite applications in WebCenter
Portal.
This section contains the following subsections:
•
About Integrating EBS Applications
•
Required Configurations for Integrating EBS
•
How to Integrate EBS Applications as WSRP Portlets
•
How to Integrate EBS Applications as Data Controls
9.3.1 About Integrating EBS Applications
This section describes the integration points and requirements integrating Oracle EBusiness Suite portlets in WebCenter Portal.
This section includes the following subsections:
•
Understanding EBS Integration
•
Requirements for Integrating EBS Applications
9.3.1.1 Understanding EBS Integration
Out of the box, Oracle E-Business Suite OA Framework-based portlets, such as
Applications Navigator, and Favorites are WSRP and JSR 168-compliant. That means
that you can access these Oracle E-Business Suite portlets from WSRP-compliant
portal servers, such as WebCenter Portal, by simply adding the portlet onto a page.
Follow the instructions in How to Add the EBS Portlet to a Portal Page to add them to
a WebCenter Portal or portal page.
You can also create new E-Business Suite portlets that are WSRP and JSR 168compliant that can similarly be added to WebCenter Portal. Creating and consuming
WSRP and JSR 168 compliant portals in WebCenter Portal is described in How to
Integrate EBS Applications.
9.3.1.2 Requirements for Integrating EBS Applications
The following requirements apply for integrating Oracle E-Business Suite portals in
WebCenter Portal:
9-7
Chapter 9
Integrating E-Business Suite Applications
•
Regions to be exposed as portlets must be created using Oracle E-Business Suite
OA Framework Release 12 as previous versions are not WSRP/JSR 168compliant.
•
Oracle E-Business Suite can be configured to use Oracle Internet Directory (OID)
and one of following single sign-on solutions:
Caution:
Both WebCenter Portal and Oracle E-Business Suite must share the same
OID instance and user IDs.
–
Oracle Single Sign-On (OSSO)
–
Oracle Access Manager (OAM)
If you are using OSSO, follow the steps in My Oracle Support document 376811.1
to integrate E-Business Suite Release 12 with OID and OSSO.
If you are using OAM, follow the steps in My Oracle Support document 975182.1
to integrate E-Business Suite Release 12 with OAM.
E-Business Suite can also be configured to OID without OAM or OSSO. For more
information, see How to Prepare OID for Use Without Single Sign-On.
Note:
Although Oracle E-Business Suite can be configured to use Oracle Internet
Directory (OID) without single sign-on, this is not a recommended approach as
users will be prompted for credentials each time they move to or from the
integrated portal or data control.
•
You must have granted WebCenter Portal access to the E-Business Suite Portlet
Producer and added and configured the appropriate users.
Note:
To complete some steps, you may need system administrator permissions.
9.3.2 Required Configurations for Integrating EBS
This section contains configurations that should be undertaken prior to attempting to
integrate portal or data controls in WebCenter Portal.
This section contains the following subsections:
•
How to Prepare OID for Use Without Single Sign-On
•
How to Create a User in EBS and Assign a Responsibility
•
How to Configure the EBS Applications Profile Options
9-8
Chapter 9
Integrating E-Business Suite Applications
•
How to Add the WebCenter Host as a Trusted Portal Using AutoConfig
9.3.2.1 How to Prepare OID for Use Without Single Sign-On
This section describes the steps to configure OID as an optional standalone
environment without using either OAM or OSSO. Note that this is not a recommended
approach as users will be prompted for credentials each time they move to or from an
integrated portal or data control. If you have installed an SSO solution, continue with
How to Create a User in EBS and Assign a Responsibility.
Caution:
Both WebCenter Portal and Oracle E-Business Suite must share the same
OID instance and the same user IDs.
1.
Register the OID instance on the host server by following the steps below:
a.
Run the following command:
$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registerinstance=yes
b.
Supply the required information at the following prompts:
Enter the host name where the Oracle iAS Infrastructure database is
installed ? <Enter the OID Host>
Enter the LDAP Port of the Oracle Internet Directory server ? <Enter the
LDAP Port>
Enter SSL LDAP Port of the Oracle Internet Directory server ? <Enter the
LDAP SSL Port>
Enter the Oracle Internet Directory Administrator (orcladmin) Bind
password ? <Password>
Enter Oracle E-Business apps database user password ? <Password>
c.
Restart all the services by navigating to $ADMIN_SCRIPTS_HOME and running:
./adstpall.sh apps/<apps to stop>
and then:
./adstrtal.sh apps/<apps to start>
2.
Register OID by following the steps below:
a.
Run the following command:
$FND_TOP/bin/txkrun.pl -script=SetSSOReg -registeroid=yes
b.
Supply the required information at the following prompts:
Enter LDAP Host name ? <Enter the OID Host>
Enter the LDAP Port on Oracle Internet Directory server ? <Enter the LDAP
Port>
Enter the Oracle Internet Directory Administrator (orcladmin) Bind
password ? <Password>
Enter the instance password that you would like to register this application
instance with ? <Password>
Enter Oracle E-Business apps database user password ? <Password>
c.
Restart all the services by navigating to $ADMIN_SCRIPTS_HOME and running:
./adstpall.sh apps/<apps to stop>
9-9
Chapter 9
Integrating E-Business Suite Applications
and then:
./adstrtal.sh apps/<apps to start>
9.3.2.2 How to Create a User in EBS and Assign a Responsibility
For integration with EBS to work, WebCenter Portal and EBS must have a common
OID identity store. With a common OID, you can either create a new user in EBS, or
use an existing user in OID, and then assign a responsibility to that user. This will
ensure that the user has access to the portlets in WebCenter Portal.
To create a new user and assign a responsibility:
1. Log into EBS as a system administrator if not already logged in.
2. In the Navigation pane, expand the System Administrator node, expand Security,
expand User, and then click Define.
The Users window displays.
Figure 9-4
Users Window
3. Enter the User Name, and Password. The Password Expiration options should be
set to None.
4. Open the Direct Responsibilities tab, and search for the Responsibility to add and
assign the Application to associate with it (for example, search for Preferences
SSWA and assign Oracle iProcurement to it), and then click Save.
9-10
Chapter 9
Integrating E-Business Suite Applications
Figure 9-5
Users Window Showing the Direct Responsibilities Tab
5. To confirm, log in with the newly created user and check that the application
associated with the Responsibility is listed.
9.3.2.3 How to Configure the EBS Applications Profile Options
This section describes how to configure EBS Applications Profile Options and is a
requirement for both SSO and non-SSO configurations.
To configure the EBS profile options:
1. Log into EBS as a system administrator.
2. In the Navigation pane, expand the System Administrator node, and then click
Define Profile Options.
3. Close the Profiles window.
4. In the Navigator, select Profile System Values and click Open.
The Find System Profile Values window displays.
9-11
Chapter 9
Integrating E-Business Suite Applications
Figure 9-6
Find System Profile Values Window
5. Enter the Profile name to update and click Find.
The System Profile Values window displays.
Figure 9-7
System Profile Values Window
Update the values for the following profiles, saving your entries after each update:
Applications SSO Enable OID Identity Add Event =Enabled
Applications SSO Login Types =Both
Application SSO LDAP Synchronization =Enabled
Applications SSO Type =SSWA w/ SSO
Link Applications user with OID user with same username =Enabled
6. Restart all the services by navigating to $ADMIN_SCRIPTS_HOME and running:
./adstpall.sh apps/<apps to stop>
and then:
./adstrtal.sh apps/<apps to start>
9-12
Chapter 9
Integrating E-Business Suite Applications
9.3.2.4 How to Add the WebCenter Host as a Trusted Portal Using AutoConfig
The EBS WSDL is protected and before you can access it you must first add an entry
for the consuming WebCenter Portal instance's host using the EBS AutoConfig tool.
Note that without this configuration step you will get a "403 Forbidden" error if you try
to access the WSDL.
To add the WebCenter Portal host as a trusted portal:
1. Log into EBS as a system administrator if you are not already logged in.
2. In the Navigation pane, expand the System Administrator node, expand Oracle
Applications Manager, and then click Workflow.
3. Open the Sitemap tab and click AutoConfig.
4. In the Edit Parameter column, click the Edit icon in the Applications Tier row.
5. Open the System tab and expand the oa_web_server node.
6. In the list of nodes, look for any that have access to Portlet Producer URLs, add the
WebCenter Host and click Save. If you need to add multiple host name, add them
separated by space.
7. Run the autoconfig script entering apps as the password when prompted:
cd $ADMIN_SCRIPTS_HOME
./adautocfg.sh
8. Restart all the services by running the following commands
from $ADMIN_SCRIPTS_HOME:
./adstpall.sh apps/<apps to stop>
and then:
./adstrtal.sh apps/<apps to start>
9.3.3 How to Integrate EBS Applications as WSRP Portlets
This section describes how to integrate EBS regions as WSRP portlets in WebCenter
Portal. To start, you'll need to generate the portlet for the region using the Portlet
Generator, and then continue by registering the producer and integrating it in
WebCenter Portal.
This section contains the following subsections:
•
How to Prepare the EBS Portlet for Remote Access
•
How to Integrate EBS Applications
9.3.3.1 How to Prepare the EBS Portlet for Remote Access
Oracle E-Business Suite provides a tool called Portlet Generator to convert existing
standalone Oracle Application Framework regions into portlets. To be available for
portletization, a region must have the following properties.
•
Regions must have an Application Module (AM) defined and must have its
standalone property set to true.
9-13
Chapter 9
Integrating E-Business Suite Applications
•
Inline regions must have an AM defined and have its standalone property set to
true.
•
Content regions must have an AM defined (content regions do not have a
standalone property)
To expose EBS functionality as a portlet using Portlet Generator:
1. Log into EBS as a system administrator.
2. In the Navigation pane, expand the Functional Administrator node, and then click
Home.
The Application Administration page displays (see Figure 9-8).
Figure 9-8
Application Administration Page
3. Open the Portletization tab and click the Search icon for the Application Short
Name field (or enter the Application Short Name if you know it).
Figure 9-9
Application Short Name Search Dialog
9-14
Chapter 9
Integrating E-Business Suite Applications
4. Select the Search By criteria (for example, select Application Name and enter Oracle
iProcurement) and search for the functionality to portletize.
5. Select the row returned in the search results and click Select.
6. Click Go to list the EBS functionality that can be portletized.
7. Click the Portletize icon for the functionality you want to expose (for example,
AdvisoryWarningRN ).
The Create Portlet dialog displays (see Figure 9-10).
Figure 9-10
Create Portlet Dialog
8. Enter the Responsibility to associate the region with (for example, Preferences
SSWA) or use the Search function.
9. Click Apply.
10. Continue by registering the EBS producer and integrating it in a portal (see How to
Integrate EBS Applications).
9.3.3.2 How to Integrate EBS Applications
This section contains the following subsections:
•
How to Prepare the EBS Portlet for Remote Access
•
How to Register the EBS WSRP Producer in WebCenter Portal
•
How to Add the EBS Portlet to a Portal Page
•
How to Test the Portlet Connection
9.3.3.2.1 How to Prepare the EBS Portlet for Remote Access
Prepare the standalone regions to be portletized as described in the section on How to
Prepare the EBS Portlet for Remote Access.
Before adding the portlets in WebCenter Portal, be sure to bounce the Apache listener
as the menu and function definitions are cached.
9.3.3.2.2 How to Register the EBS WSRP Producer in WebCenter Portal
You can register the EBS WSRP producer directly in WebCenter Portal using Fusion
Middleware Control.
9-15
Chapter 9
Integrating E-Business Suite Applications
To register the EBS WSRP producer using Fusion Middleware Control:
1. Prepare the EBS page that you want to consume in WebCenter Portal for remote
access as described in How to Prepare the EBS Portlet for Remote Access.
2. Log in to Fusion Middleware Control for the WebCenter Portal domain (WC_Domain
by default).
3. Expand WebCenter Portal in the Navigation bar and from the WebCenter Portal
menu, and select Register Producer.
The Add Portlet Producer page displays.
4. Enter a Connection Name, set the Producer Type to WSRP Producer, and paste the
WSDL endpoint URL that you copied in step 1 into the URL End Point field.
5. Click OK and verify that the producer connection was created successfully.
6. Continue by adding the portlet to a portal page as described in How to Add the EBS
Portlet to a Portal Page.
9.3.3.2.3 How to Add the EBS Portlet to a Portal Page
Follow the steps below to consume the EBS remote producer in a WebCenter Portal
page:
1. Log into WebCenter Portal and, optionally, open the target portal.
2. Go to the page, or create a new page, where you want to add the EBS portal.
3. Click Add Content and in the resource catalog, select UI Components and then
Portlets.
Note that if you've created a custom resource catalog, Portlets may not appear. In
this case, you will need to add it to the resource catalog. For information about
managing resource catalogs, see Working with Resource Catalogs in Building
Portals with Oracle WebCenter Portal.
4. Click the portlet you added in Fusion Middleware Control.
5. Click Add for the EBS portlet you want to add to your portal page.
6. On the portal page, click the portlet’s View Actions menu, and select Display
Options.
7. In the Display Options dialog, set Render Portlet in IFrameto True and click OK.
8. Continue by checking the portlet connection as described in How to Test the Portlet
Connection.
9.3.3.2.4 How to Test the Portlet Connection
Follow these steps to test the portlet connection by modifying content and checking
that the modification shows up in the EBS application.
1. On the WebCenter Portal or portal page to which you added the EBS portlet,
modify some information that you can verify the changes for in the EBS application.
2. Save your changes and confirm that the changes also appear in the EBS
application.
9-16
Chapter 9
Integrating E-Business Suite Applications
9.3.4 How to Integrate EBS Applications as Data Controls
This section describes how to add EBS applications as Web service data controls on a
WebCenter Portal page.
This section contains the following topics:
•
How to Generate the WSDL
•
How to Add a Web Service Data Control to a Portal Page
9.3.4.1 How to Generate the WSDL
This section describes how to create the WSDL.
1. Log into E-Business Suite as the SYSADMIN user.
2. In the Navigation pane, expand the Integrated SOA Gateway node and under the
Integrated SOA Gateway sub-node click Integration Repository.
3. From the Integration Repository tab, navigate to the part of the EBS application to
expose. For example, for the price request interface, you would go to Order
Management Suite > Advanced Pricing > Price List, and then selecting Price
Request from the list of integration points.
4. Click Generate WSDL to expose the integration point (for our example, a PL/SQL
API integration point) as a Web service.
5. Right-click the View WSDL link and open the link in a new tab or new window (be
sure to keep the tab or window open as you'll need it later).
6. On the Integration Repository page under Procedures and Functions (see
Figure 9-11), check the box for the object to grant access to, and then click Grant
Access.
Figure 9-11
Integration Repository - Price Request Example
9-17
Chapter 9
Integrating E-Business Suite Applications
7. Select the Grantee Type and Grantee Name (the user you want to grant access to
the exposed object), or use the Search tool. For our example, we will grant access
to ASADMIN.
Figure 9-12
Integration Repository - Create Grants Page
9.3.4.2 How to Add a Web Service Data Control to a Portal Page
Once you have the WSDL, you can continue by using it to create a web service data
control.
Note:
Before you can add a data control or task flow containing a data control to a
portal page you must first have configured WS-security for WebCenter Portal.
For more information about configuring WS-security, see Configuring Web
Services Security.
For more information about creating a web service data control, see Creating a Web
Service Data Control in Building Portals with Oracle WebCenter Portal. For information
about web service data controls, see About Web Services Data Controls in Building
Portals with Oracle WebCenter Portal.
To create a web service data control:
1. In WebCenter Portal or the portal in which you want to create the data control, go to
either the Shared Assets or Assets page.
2. Select Data Controls and click Create.
The Create New Data Control dialog displays (see Figure 9-31).
9-18
Chapter 9
Integrating JD Edwards Applications
Figure 9-13
Create New Data Control Dialog
3. In the Create New Data Control dialog, enter a Name and Description for the data
control, select Web Service as the Data Control Type, and then click Continue.
4. Enter the WSDL URL that you generated in How to Generate the WSDL and other
details for the data control and click Continue.
5. Click Show Methods.
6. Select the method(s) to make available and click Next.
7. Enter the parameter default values, if any, and click Create.
8. To make the data control available, from the Shared Assets or Assets page,
select Task Flows. The Create New Task Flow dialog displays (see Figure 9-33).
Figure 9-14
Create New Task Flow Dialog
9. Enter the task flow Name and Description, select the Mashup Style to use click
Create to create the task flow.
10. Select the task flow and click the Edit icon.
11. Add the data control (with parameter form) as a table onto the task flow and verify
the data.
12. To make the task flow available, navigate to Administration > Business Role
Pages.
13. Select Business Role Page and click the Create icon.
14. Edit the page and save the changes.
15. Drop the task flow onto the page and verify the data.
9.4 Integrating JD Edwards Applications
This section describes how to integrate JD Edwards applications into WebCenter
Portal.
This section contains the following subsections:
•
How to Prepare the JD Edwards Application for Remote Access
9-19
Chapter 9
Integrating JD Edwards Applications
•
How to Register the Producer
•
How to Add the JD Edwards Portlet to a WebCenter Portal Page
•
How to Test the Portlet Connection
9.4.1 How to Prepare the JD Edwards Application for Remote Access
Before you can add JD Edwards standalone regions to WebCenter Portal, you must
first prepare them to be portletized within JD Edwards by making them available
externally as portlets and locating the pre-configured WSDL in the webclient.war/wsdl
directory. The WSDL URL is needed so that you can register the JD Edwards WSRP
producer and consume it from a WebCenter Portal or portal page. To view the XML
content of the JDE WSDL in the browser, open the Page source of the page in the
browser. For more information, see Administering WSRP with Oracle WebCenter.
9.4.2 How to Register the Producer
You can register the JD Edwards WSRP producer directly in WebCenter Portal, as
described in the Registering Portlet Producers in Administering Oracle WebCenter
Portal. You can also register the JD Edwards WSRP producer using Fusion
Middleware Control as described in the steps below.
To register the JD Edwards WSRP producer using Fusion Middleware Control:
1. Prepare the JD Edwards page that you want to consume in WebCenter Portal for
remote access.
2. Log into Fusion Middleware Control for the WebCenter Portal domain (WC_Domain by
default).
3. Expand WebCenter Portal in the Navigation bar and from the WebCenter Portal
menu, and select Register Producer.
The Add Portlet Producer page displays.
4. Enter JDE as the Connection Name, set the Producer Type to WSRP Producer, and
paste the WSDL endpoint URL that you copied in step 1 into the URL End Point
field.
5. Click OK and verify that the producer connection was created successfully.
6. Continue by adding the portlet to a portal page as described in How to Add the JD
Edwards Portlet to a WebCenter Portal Page.
9.4.3 How to Add the JD Edwards Portlet to a WebCenter Portal Page
Follow the steps below to consume the JD Edwards remote producer in WebCenter
Portal:
1. Log into WebCenter Portal.
2. Go to the page, or create a new page, where you want to add the JD Edwards
portal.
3. Click Add Content and in the resource catalog, select UI Components and then
Portlets.
Note that if you've created a custom catalog, Portlets may not appear. In this case,
you will need to add it to the resource catalog. For information about managing
9-20
Chapter 9
Integrating PeopleSoft Applications
resource catalogs, see Working with Resource Catalogs in Building Portals with
Oracle WebCenter Portal.
4. Click the portlet you added in Fusion Middleware Control.
5. Click Add for the JD Edwards portlet you want to add to your portal page.
6. On the portal page, click the portlet’sView Actions menu, and select Display
Options.
7. In the Display Options dialog, setRender Portlet in IFrame to True and click OK.
8. Continue by checking the portlet connection as described in How to Test the Portlet
Connection.
9.4.4 How to Test the Portlet Connection
Follow these steps to test the portlet connection by modifying content and checking
that the modification shows up in the JD Edwards application.
1. On the WebCenter Portal or portal page that you added the JD Edwards portlet to,
modify some information that you can verify the changes for in the JD Edwards
application.
2. Save your changes and confirm that the changes also appear in the JD Edwards
application.
9.5 Integrating PeopleSoft Applications
This section describes how to integrate PeopleSoft applications in WebCenter Portal.
This section contains the following subsections:
•
About Integrating PeopleSoft Applications
•
How to Integrate PeopleSoft Applications as WSRP Portlets
•
How to Integrate PeopleSoft Applications as Data Controls in WebCenter Portal
9.5.1 About Integrating PeopleSoft Applications
This section describes the benefits and methods involved in integrating PeopleSoft
applications in WebCenter Portal.
This section includes the following subsections:
•
Understanding PeopleSoft Integration
•
Requirements for Integrating PeopleSoft Applications
9.5.1.1 Understanding PeopleSoft Integration
PeopleTools 8.51 and later lets you expose PeopleSoft applications as WSRP portlets
in remote applications such as WebCenter Portal. This allows people who only need
access to a small portion of PeopleSoft's functionality to access it through WebCenter
Portal without needing to open or learn the entire PeopleSoft application.
9.5.1.2 Requirements for Integrating PeopleSoft Applications
This section the prerequisites for integrating PeopleSoft objects in WebCenter Portal.
9-21
Chapter 9
Integrating PeopleSoft Applications
•
PeopleSoft 9.0 or later.
•
PeopleTools 8.51 or later.
•
When using WS-Security for automatic sign on to PeopleSoft, in order for the
SAML assertion to be valid, the date/time on the PeopleSoft and Oracle
WebCenter Portal servers must be synchronized. If this is problematic, then the
PeopleSoft web server's time may be set to be slightly ahead of the Oracle
WebCenter Portal server.
•
For PeopleTools 8.51, you may need to create and configure a custom OWSM
policy in order to fully support WS-Security. For more information, see How to
Configure WS-Security for PeopleTools 8.51.
•
For PeopleTools 8.51, only upper case subject names are supported, requiring
that only fully upper case user IDs can be used in WebCenter for the integration to
work.
9.5.2 How to Integrate PeopleSoft Applications as WSRP Portlets
This section describes how to expose PeopleSoft applications as WSRP portlets in
WebCenter Portal.
This section includes the following subsections:
•
How to Prepare the PeopleSoft Application for Remote Access
•
How to Configure WS-Security for PeopleTools 8.52 and Later
•
How to Attach a WS-Security Policy to WebCenter Portal
•
How to Integrate PeopleSoft Applications in WebCenter Portal
•
How to Configure WS-Security for PeopleTools 8.51
9.5.2.1 How to Prepare the PeopleSoft Application for Remote Access
This section describes how to prepare the PeopleSoft application so that it can be
consumed by WebCenter Portal.
To prepare the PeopleSoft application:
1. Log into PeopleSoft as an administrator.
2. Select PeopleTools from the main menu.
3. From the People Tools main menu, expand Portal.
4. Select Structure and Content.
The Structure and Content page displays a list of folders containing PeopleSoft
objects that could be exposed as a WSRP Portlet (see Figure 9-15).
9-22
Chapter 9
Integrating PeopleSoft Applications
Figure 9-15
Structure and Content Page
5. Navigate to the folder and subfolder (if required) containing the service that you
want to expose as portlet in WebCenter Portal and click Edit to open it. For
example, you could select Self Service, Personal Information, and then Personal
Information Summary.
The Content Ref Administration page displays (see Figure 9-16).
9-23
Chapter 9
Integrating PeopleSoft Applications
Figure 9-16
Content Ref Administration Page
6. On the General tab, select the WSRP Producible checkbox.
7. Save the page.
8. In the PeopleSoft Application Designer, open the component object to the Request
Details page that gets displayed in PeopleSoft, and in the Component Properties
section, check the WSRP Compliant check box.
9. From the main menu, expand PeopleTools and then Portal and select WSRP
Production.
The Producer Offered Portlets page displays (see Figure 9-17).
9-24
Chapter 9
Integrating PeopleSoft Applications
Figure 9-17
Producer Offered Portals Page
10. Verify that the service is exposed, and then expand Web Service Endpoint URL
and copy the URL (the WSDL).
11. Open a new tab in your browser, and paste the copied URL into the Navigation Bar
to access the WSDL page.
12. Copy the URL to the clipboard.
13. Continue by integrating the PeopleSoft WSRP producer in WebCenter Portal as
described in How to Integrate PeopleSoft Applications in WebCenter Portal.
9.5.2.2 How to Configure WS-Security for PeopleTools 8.52 and Later
This section describes how to create a keystore for both WebCenter Portal and
PeopleSoft, and exchange the private key between them. This step is required prior to
adding WS-Security policies for WebCenter Portal.
1.
First, we will create the WebCenter keystore as webcenter.jks with orakey as the
private key, and PeopleSoft's public key rootCA and the certificate that PeopleSoft
will use as the WS-Security recipient using the following keytool commands:
./keytool -genkeypair -keyalg RSA -dname "cn=orakey,dc=us,dc=oracle,dc=com" alias orakey -keypass password -keystore webcenter.jks -storepass password -
9-25
Chapter 9
Integrating PeopleSoft Applications
validity 720
./keytool -exportcert -v -alias orakey -keystore webcenter.jks -storepass
password -rfc -file orakey.cer
./keytool -importcert -trustcacerts -alias orakey -file orakey.cer -keystore
peoplesoft.jks -storepass password
2.
Next, we will create PeopleSoft keystore as peoplesoft.jks with rootCA as the
private key and WebCenter's public key orakey and the certificate that WebCenter
will use as the WS-Security recipient.
./keytool -genkeypair -keyalg RSA -dname "cn=rootCA,dc=us,dc=oracle,dc=com" alias rootCA -keypass password -keystore peoplesoft.jks -storepass password validity 720
./keytool -exportcert -v -alias rootCA -keystore peoplesoft.jks -storepass
password -rfc -file rootca.cer
./keytool -importcert -trustcacerts -alias rootCA -file rootca.cer -keystore
webcenter.jks -storepass password
3.
After creating the key stores for WebCenter Portal and PeopleSoft, copy the
peoplesoft.jks to the PeopleSoft host and webcenter.jks to the WebCenter host:
•
Copy peoplesoft.jks to <Domain_Home>/config/fmwconfig/
•
Copy webcenter.jks to /home/psadm2/psft/pt/8.52/webserv/<Domain_Name>/
applications/peoplesoft/pspc.war/WEB-INF/classes
4.
Install the certificate in PeopleSoft as shown below:
a.
Log into PeopleSoft as an administrator and navigate to PeopleTools >
Security > Security Objects > Digital Certificate.
The Digital Certificates page displays (see Figure 9-18).
9-26
Chapter 9
Integrating PeopleSoft Applications
Figure 9-18
b.
Digital Certificates Page
Click +to add a new entry.
We need to add digital certificates for Remote and RootCA as shown in
Figure 9-19.
9-27
Chapter 9
Integrating PeopleSoft Applications
Figure 9-19
Digital Certificates Page
c.
Enter the Type as RootCA, Alias as orakey, Issuer Allias as orakey, and then
click the Search icon (magnifying glass).
d.
Click Import and in the popup, enter the entire text of orakey.cer created
earlier and click OK.
e.
Click +to add another new entry, and enter the Type as Remote, Alias as
orakey, Issuer Allias as orakey and then click the Search icon.
f.
Click Import and in the popup, enter the entire text of orakey.cer created
earlier and click OK.
5.
Update the WSS.properties file under /home/psadm2/psft/pt/8.52/webserv/
<Domain_Name>/applications/peoplesoft/pspc.war/WEB-INF/classes to reference the
peoplesoft.jks file.
6.
Use PSCipher.sh to create an Encrypted Password and update the KeyStore
password as shown in Figure 9-20.
9-28
Chapter 9
Integrating PeopleSoft Applications
Figure 9-20
7.
PSCipher.sh
Check the local node definition in PeopleSoft:
a.
Navigate to Peopletools > Portals > Node Definitions.
The Nodes page displays.
b.
Click Search and click PSFT-HR.
9-29
Chapter 9
Integrating PeopleSoft Applications
Figure 9-21
c.
8.
Node Definitions Page
Select Password from the Authentication Option drop-down list and click
Save.
Continue by adding a WS-Security policy to WebCenter Portal as described in
How to Attach a WS-Security Policy to WebCenter Portal.
9.5.2.3 How to Attach a WS-Security Policy to WebCenter Portal
This section describes how to attach a WS-Security policy to WebCenter Portal.
Note:
Before continuing with the steps below you must have configured the
WebCenter and PeopleSoft key stores as described in How to Configure WSSecurity for PeopleTools 8.52 and Later.
•
How to Configure WSS 1.0 SAML Token with Message Integrity
•
How to Configure WSS 1.0 Username Token Without Password
•
How to Configure WSS 1.0 SAML Token with Message Protection
•
How to Configure WSS 1.0 Username Token with Password
9-30
Chapter 9
Integrating PeopleSoft Applications
9.5.2.3.1 How to Configure WSS 1.0 SAML Token with Message Integrity
Follow the steps below to configure the WSS1.0 SAML Token with Message Integrity
policy for WebCenter Portal:
1.
Navigate to the following directory on the PeopleSoft server:
/home/psadm2/psft/pt/8.53/webserv/peoplesoft/piabin
and run the following command:
./redeployWSRP.sh 6
This will update the PeopleSoft WSRP security options to use WSRPBaseService
with SAMLToken Full Security.
2.
In PeopleSoft, navigate to PeopleTools > Security > SAML Administration
Setup > SAML Inbound Setup.
The SAML Inbound Setup page displays (see Figure 9-22).
Figure 9-22
3.
SAML Inbound Setup Page
Open the Add a New Value tab and map the WebCenter Portal user with the
PeopleSoft user if they use a different OID (example settings are shown below),
and then click Save.
Example:
4.
•
Certificate Alias - orakey
•
Issuer - WWW.ORACLE.COM
•
SubjectName - pat
•
QualifierName - WWW.ORACLE.COM
•
Mapping PeopleSoft UserID - PS
Continue by registering the WSRP producer and adding the portlet to a portal
page as shown in How to Integrate PeopleSoft Applications in WebCenter Portal.
9-31
Chapter 9
Integrating PeopleSoft Applications
9.5.2.3.2 How to Configure WSS 1.0 Username Token Without Password
Follow the steps below to attach a WSS 1.0 Username Token without Password policy
to WebCenter Portal.
1.
Create a WebCenter user in PeopleSoft:
a.
In PeopleSoft, navigate to PeopleTools > Security > User Profiles > Copy
User Profiles.
The Copy User Profiles page displays (see Figure 9-23).
Figure 9-23
b.
Copy User Profiles Page - Search Criteria
Search for the user to add (PS, for example).
The search results display (see Figure 9-24).
9-32
Chapter 9
Integrating PeopleSoft Applications
Figure 9-24
c.
2.
Copy User Profiles Page - Search Results
Enter the New User ID (for example, Pat), a Description, the New Password,
check the Copy ID Type Information option and click Save.
Log into Fusion Middleware Control, select the domain and navigate to Security >
Security Provider Configuration.
The Security Provider Configuration page displays.
3.
Open the Keystore section and click Configure.
The Keystore Configuration page displays.
4.
Enter ./webcenter.jks for the KeyStore Path, orakey for the Key Alias, orakey for
the Crypt Alias. Enter the associated passwords and click OK.
Note that you must restart the entire domain for the configuration changes to take
effect.
5.
Navigate to /home/psadm2/psft/pt/8.53/webserv/peoplesoft/piabin and run the
following command:
./redeployWSRP.sh 8
This will update the PeopleSoft WSRP security options to use WSRPBaseService
with UsernameToken, No Password Full Security Option With WSS Response.
6.
Continue by registering the WSRP producer and adding the portlet to a
WebCenter Portal or portal page as shown in How to Integrate PeopleSoft
Applications in WebCenter Portal.
9.5.2.3.3 How to Configure WSS 1.0 SAML Token with Message Protection
Follow the steps below to attach the WSS1.0 SAML Token with Message Protection
policy to WebCenter Portal.
9-33
Chapter 9
Integrating PeopleSoft Applications
1.
Navigate to /home/psadm2/psft/pt/8.53/webserv/peoplesoft/piabin and run the
following command:
./redeployWSRP.sh 10
This will update the PeopleSoft WSRP security options to use WSRPBaseService
with SAMLToken Full Security Option With WSS Response.
2.
Continue by registering the WSRP producer and adding the portlet to a portal
page as shown in How to Integrate PeopleSoft Applications in WebCenter Portal.
9.5.2.3.4 How to Configure WSS 1.0 Username Token with Password
Follow the steps below to attach the WSS1.0 SAML Token with Message Protection
policy to WebCenter Portal.
1.
Navigate to /home/psadm2/psft/pt/8.53/webserv/peoplesoft/piabin and run the
following command:
./redeployWSRP.sh 7
This will update the PeopleSoft WSRP security options to use WSRPBaseService
with UsernameToken Full Security Option With WSS Response.
2.
Continue by registering the WSRP producer and adding the portlet to a
WebCenter Portal or portal page as shown in How to Integrate PeopleSoft
Applications in WebCenter Portal.
9.5.2.4 How to Integrate PeopleSoft Applications in WebCenter Portal
This section describes how to integrate a PeopleSoft application in WebCenter Portal.
This section contains the following subsections:
•
How to Register the PeopleSoft WSRP Producer for WebCenter Portal
•
How to Add the PeopleSoft Portlet to a WebCenter Portal Page
•
How to Test the Portal Portlet Connection
9.5.2.4.1 How to Register the PeopleSoft WSRP Producer for WebCenter Portal
You can register the PeopleSoft WSRP producer directly in WebCenter Portal, as
described in Registering Portlet Producers in Administering Oracle WebCenter Portal.
You can also register the PeopleSoft WSRP producer using Fusion Middleware
Control as described in the steps below.
To register the PeopleSoft WSRP producer using Fusion Middleware Control:
1.
Prepare the PeopleSoft page that you want to consume in WebCenter Portal for
remote access as described in How to Prepare the PeopleSoft Application for
Remote Access.
2.
Log into Fusion Middleware Control for the WebCenter Portal domain (WC_Domain
by default).
3.
Expand WebCenter Portal in the Navigation bar and from the WebCenter Portal
menu, select Register Producer.
The Add Portlet Producer page displays.
9-34
Chapter 9
Integrating PeopleSoft Applications
4.
Set the Producer Type to WSRP Producer, enter a Connection Name, and paste
the WSDL endpoint URL that you copied in step 1 into the URL End Point field.
5.
If required, configure WS-Security in WebCenter Portal as described in How to
Configure WS-Security for PeopleTools 8.51.
6.
Click OK and verify that the producer connection was created successfully.
7.
Continue by adding the portlet to a WebCenter Portal or portal page as described
in How to Add the PeopleSoft Portlet to a WebCenter Portal Page.
9.5.2.4.2 How to Add the PeopleSoft Portlet to a WebCenter Portal Page
Follow the steps below to add the PeopleSoft portlet to a WebCenter Portal or portal
page:
1.
Log into WebCenter Portal.
If you configured WS-Security, be sure to use the user account that was used in
the SAML Inbound Setup page in PeopleSoft (see How to Attach a WS-Security
Policy to WebCenter Portal).
2.
Go to the page, or create a new page, where you want to add the PeopleSoft
portal.
3.
Click Add Content and in the resource catalog, select UI Components and then
Portlets.
Note that if you've created a custom catalog, Portlets may not appear. In this
case, you will need to add it to the resource catalog. For information about
managing resource catalogs, see Working with Resource Catalog Components on
a Page in Building Portals with Oracle WebCenter Portal.
4.
Click the portlet you added in Fusion Middleware Control.
5.
Click Add for the PeopleSoft page you want to add to your portal page.
6.
On the portal page, click the portlet’s View Actions menu, and select Display
Options.
7.
In the Display Options dialog, set Render Portlet in IFrame to True and click OK.
8.
Continue by checking the portlet connection as described in How to Test the Portal
Portlet Connection.
9.5.2.4.3 How to Test the Portal Portlet Connection
Follow these steps to test the portlet connection by modifying content and checking
that the modification shows up in the PeopleSoft application.
1.
On the WebCenter Portal or portal page that you added the PeopleSoft portlet to,
modify some information that you can verify the changes for in the PeopleSoft
application.
2.
Save your changes and confirm that the changes also appear in the PeopleSoft
application.
9.5.2.5 How to Configure WS-Security for PeopleTools 8.51
This section describes the supported OWSM policies for PeopleTools 8.51. It is
important to note that PeopleTools release 8.51 does not support outgoing WSSecurity headers in its messages. However, some out-of-the-box Oracle WebCenter
9-35
Chapter 9
Integrating PeopleSoft Applications
Portal/OWSM policies require that both outgoing and incoming messages be secured.
To bridge this gap you may need to create custom OWSM policies. The different
integration scenarios that would require you to create custom WS-Security policies,
and the steps required on the WebCenter Portal side to configure them are also
described in this section.
For integration scenarios with PeopleTools 8.51, you can use WSS10 SAML Token
with Message Integrity, WSS10 SAML Token with Message Protection, or WSS10
Username Token with Password as the OWSM policy.
This section includes the following subsections:
•
How to Configure WS-Security for WSS10 SAML Token with Message Integrity
•
How to Configure WS-Security for WSS10 SAML Token with Message Protection
•
How to Configure WS-Security for WSS10 Username Token with Password
9.5.2.5.1 How to Configure WS-Security for WSS10 SAML Token with Message Integrity
(PeopleSoft policy: WSRPBaseService with SAMLToken Full Security Option
(timestamp) )
This section describes how to configure WS-Security for the WSS10 SAML Token with
Message Integrity (oracle/wss10_saml_token_with_message_integrity_client_policy)
policy.
To configure WS-Security:
1.
Configure the Oracle WebCenter Portal/OWSM keystore as described in
Configuring Web Services Security.
2.
Generate a certificate containing the public key of the Oracle WebCenter Portal
domain and send it to the PeopleTools administrator so it can be imported in the
PeopleTools configuration.
3.
When you register the producer, choose
wss10_saml_token_with_message_integrity_client_policy.
4.
Continue by adding the WSRP portlet to WebCenter Portal.
9.5.2.5.2 How to Configure WS-Security for WSS10 SAML Token with Message Protection
(PeopleSoft policy: WSRPBaseService with SAMLToken Full Security Option (timestamp)
With WSS Response)
The default WSS10 SAML Token with Message Protection (oracle/
wss10_saml_token_with_message_protection_client_policy) policy that ships with OWSM
requires that response also be signed and encrypted. However, PeopleTools release
8.51 and earlier cannot send WS-Security headers in response (only the initial
cookie/get portlet handle call contains security headers; subsequent calls do not) and
we therefore need to create and attach a custom policy based on the oracle/
wss10_saml_token_with_message_protection_client_policy policy.
To create a custom policy:
1.
Log into Fusion Middleware Control and navigate to the Oracle WebCenter Portal
domain (WC_Domain by default).
2.
From the WebLogic Domain menu, select Web Services > Policies.
9-36
Chapter 9
Integrating PeopleSoft Applications
3.
Select the wss10_saml_token_with_message_protection_client_policy and click
Create Like.
4.
Give the policy a new name (for example, oracle/
wss10_saml_token_with_message_protection_plaintext_response_client_policy).
5.
Open the Response tab, uncheck the Include Entire Body check boxes under
Message Signing Setting and Message Encrypt Setting, and save the policy.
6.
Check that the public certificate of the PeopleSoft keystore is imported into the
keystore used in the WebCenter Portal domain.
7.
Use WLST to register the producer using the newly created policy as shown in the
following example:
registerWSRPProducer('webcenter', 'wc-pt851-saml_msg-protection', 'http://
xmlns.oracle.com/pspc/pswsdl/ps/EMPLOYEE', timeout=100, tokenType='oracle/
wss10_saml_token_with_message_protection_plaintext_response_client_policy',
enforcePolicyURI='false', issuer='www.oracle.com',
sigKeyAlias='webcenter',sigKeyPswd='welcome1', encKeyAlias='webcenter',
encKeyPswd='welcome1', recptAlias='peopleTools_public')
Use the alias for the imported peoplesft public key as the value for the recptAlias
parameter.
Note:
You must use WLST to register the producer. Fusion Middleware Control can
only accept fixed policy names and therefore you must register the producer
with this policy using WLST by passing in enforcePolicyURI='false'.
9.5.2.5.3 How to Configure WS-Security for WSS10 Username Token with Password
(PeopleSoft policy: WSRPBaseService with UsernameToken Full Security Option With WSS
Response)
The default WSS10 Username Token with Password (oracle/
wss10_username_token_with_message_protection_client_policy) policy that ships with
OWSM requires that response also be signed and encrypted. However, PeopleTools
release 8.51 and earlier cannot send WS-Security headers in response (only the initial
cookie/get portlet handle call contains security headers; subsequent calls do not) and
we therefore need to create and attach a custom policy based on the oracle/
wss10_username_token_with_message_protection_client_policy policy.
To create a custom policy:
1.
Log into Fusion Middleware Control and navigate to the WebCenter Portal domain
(WC_Domain by default).
2.
From the WebLogic Domain menu, select Web Services > Policies.
3.
Select the wss10_username_token_with_message_protection_client_policy and click
Create Like.
4.
Give the policy a new name (for example, oracle/
wss10_username_token_with_message_protection_plaintext_response_client_policy).
5.
Open the Response tab, uncheck the Include Entire Body check boxes under
Message Signing Setting and Message Encrypt Setting, and save the policy.
9-37
Chapter 9
Integrating PeopleSoft Applications
6.
Check that the public certificate of the PeopleSoft keystore is imported into the
keystore used in the Oracle WebCenter Portal domain.
7.
Use WLST to register the producer using the newly created policy as shown in the
following example:
registerWSRPProducer('webcenter', '<Producer_Name>', '<URL>', timeout=100,
tokenType='oracle/
wss10_username_token_with_message_protection_plaintext_response_client_policy',
extApp='<Ext_App_Name>',
enforcePolicyURI='false', issuer='www.oracle.com',
sigKeyAlias='webcenter',sigKeyPswd='welcome1', encKeyAlias='webcenter',
encKeyPswd='welcome1', recptAlias='peopleTools_public')
Use the alias for the imported peoplesft public key as the value for the recptAlias
parameter.
Note:
You must use WLST to register the producer. Fusion Middleware Control can
only accept fixed policy names and therefore you must register the producer
with this policy using WLST by passing in enforcePolicyURI='false'.
9.5.3 How to Integrate PeopleSoft Applications as Data Controls in
WebCenter Portal
This section describes how to add PeopleSoft applications as Web service data
controls in WebCenter Portal.
This section includes the following subsections:
•
How to Prepare the WSDL
•
How to Create a Web Service Data Control
9.5.3.1 How to Prepare the WSDL
Follow the steps below to prepare a the WSDL.
1. Log into the PeopleSoft Console as an administrator.
2. Navigate to PeopleTools > Web Profile > Web Profile Configuration.
3. Click Search and select DEV from the results list.
9-38
Chapter 9
Integrating PeopleSoft Applications
Figure 9-25
WebProfile Configuration Page
4. Open the General tab and enter the Authentication Domain for your host.
For example, if your host name is ps.example.com, enter .example.com in the
Authentication Domain field.
5. Save your changes and close the application.
6. Open the C:\Windows\System32\drivers\etc\hosts file for editing.
7. On a new line enter the IP address and the full host name with the authentication
domain.
For example:
193.128.1.113 ps.example.com
8. Save the file and reboot the server.
9. Log into the PeopleSoft application using the following URL:
http://<host_name>:8000/ps/signon.html
For example:
http://ps.example.com:8000/ps/signon.html
10. From the Main Menu, navigate to PeopleTools > Integration Broker >
Configuration > Gateways.
9-39
Chapter 9
Integrating PeopleSoft Applications
11. Search for the GatewayID LOCAL. The Local Gateway URL is set to
http://<host_name>:8000/PSIGW/PeopleSoftListeningConnector
12. Using the Local Gateway URL, ping the gateway to make sure it's active.
13. Open the Gateway Setup Properties and log in as an administrator.
14. On the PeopleSoft Node Configuration page, check that the node being used is
PSFT_HR.
15. Ping the node
16. From the Main Menu, navigate to PeopleTools > Integration Broker >
Configuration > Service Configuration.
17. Open Setup Target Locations and check that the Target Location is set to <Local
Gateway URL>/PSFT_HR.
18. From the Main Menu, navigate to PeopleTools > Integration Broker >
Integration Setup > Nodes.
19. Click Search.
20. Click the Default Local Node PSFT_HR.
21. On the Nodes tab, check that the Default UserID is set correctly as in the example
in Figure 9-26.
Figure 9-26
Nodes Page - Node Definitions
22. Click Return to Search.
23. Click the ANONYMOUS node.
9-40
Chapter 9
Integrating PeopleSoft Applications
24. Change the Default UserID to the PeopleSoft Login ID (for example, PS) as in the
example in Figure 9-27.
Figure 9-27
Nodes Page - Nodes Definitions
25. Save the changes and navigate to Main Menu > PeopleTools > Integration
Broker > Web Services > CI-Based Services.
26. Search for and select the Component Interface Name (for example, CURRENCY) as
in the example in Figure 9-28.
9-41
Chapter 9
Integrating PeopleSoft Applications
Figure 9-28
CI-Based Services Page - Select Component Interfaces
27. Click Review CI Status.
The CI-Based Services - Review Status page displays (see Figure 9-29).
Figure 9-29
Review CI-Based Status - Review Status Page
28. Select the available methods (Get and Find, in this case) and click Display
Selected Actions.
29. On the Confirm Actions dialog, click Perform Selected actions.
30. Click View Service Definition.
31. Click Provide Web Service.
The Select Service Operations page displays (see Figure 9-30).
9-42
Chapter 9
Integrating PeopleSoft Applications
Figure 9-30
Select Service Operations Page
32. Select the Select All check box and click Next until you reach the last page.
33. Click Finish to generate the WSDL.
You should now be able to access the WSDL URL. For this example, the URL
would be:
http://ps.example.com:8000/PSIGW/PeopleSoftServiceListeningConnector/PSFT_HR/
CI_CURRENCY.1.wsdl\\\\
34. Continue by creating w Web service data control as shown in How to Create a Web
Service Data Control.
9.5.3.2 How to Create a Web Service Data Control
Once you have the WSDL, you can continue by using it to create a Web service data
control. In this section we'll continue with the example we started in How to Prepare
the WSDL.
Note:
Before you can add a data control or task flow containing a data control to a
portal page you must first have configured WS-Security for WebCenter Portal.
For more information about configuring WS-Security, see Configuring Web
Services Security in Administering Oracle WebCenter Portal.
For more information about creating a Web service data control, see Creating a Web
Service Data Control in Building Portals with Oracle WebCenter Portal. For information
about Web service data controls, see also Web Service Data Controls in Building
Portals with Oracle WebCenter Portal.
To create a Web service data control:
9-43
Chapter 9
Integrating PeopleSoft Applications
1. In WebCenter Portal or the portal in which you want to create the data control, go to
either the Shared Assets or Assets page.
2. Select Data Controls and click Create.
The Create New Data Control dialog displays (see Figure 9-31).
Figure 9-31
Create New Data Control Dialog
3. In the Create New Data Control dialog, enter a Name and Description for the data
control, select Web Service as the Data Control Type, and then click Continue.
4. Enter the WSDL URL and other details for the data control and click Continue. For
our example, the URL would be:
http://ps.example.com:8000/PSIGW/PeopleSoftServiceListeningConnector/PSFT_HR/
CI_CURRENCY.1.wsdl
5. For our example, enter the Default Value for CURRENCY_CD as USD and click Create
(see Figure 9-32).
Figure 9-32
Parameters
Create New Data Control Dialog - CI_Currency_G Method
6. To make the data control available, from the Shared Assets or Assets page,
select Task Flows. The Create New Task Flow dialog displays (see Figure 9-33).
Figure 9-33
Create New Task Flow Dialog
7. Click Create to create the task flow.
8. Select the task flow and click the Edit icon.
9-44
Chapter 9
Integrating Oracle Business Intelligence Presentation Services
9. Add the data control (with parameter form) as a table onto the task flow and verify
the data.
10. To make the task flow available, navigate to Administration > Business Role
Pages.
11. Select Business Role Page and click the Create icon.
12. Edit the page. and save the changes.
13. Drop the task flow onto the page and verify the data.
9.6 Integrating Oracle Business Intelligence Presentation
Services
This section explains how to configure WebCenter Portal to integrate with the Oracle
Business Intelligence Presentation Services catalog. At runtime, users can add
business intelligence objects to their WebCenter Portal pages.
This section includes the following subsections:
•
About Integrating Oracle Business Intelligence Presentation Services
•
How to Configure Credentials for Connecting to the Oracle BI Presentation
Catalog
•
How to Integrate Oracle Business Intelligence Objects in WebCenter Portal
9.6.1 About Integrating Oracle Business Intelligence Presentation
Services
This section explains how to configure WebCenter Portal to integrate with the Oracle
Business Intelligence Presentation Services catalog.
This section includes the following subsections:
•
Understanding Oracle Business Intelligence Presentation Services Integration
•
Requirements for Integrating Oracle Business Intelligence Presentation Services
•
Advanced Integration Options
9.6.1.1 Understanding Oracle Business Intelligence Presentation Services
Integration
Oracle WebCenter Portal users can expand and browse the Presentation Services
catalog's folders to view an analysis' views. The following view types display in the
Presentation Services catalog: table, pivot table, chart, funnel chart, gauge, narrative,
ticker and title. The following view types do not display in the Presentation Services
catalog: view selector, column selector, logical SQL, and no-results view.
Users can also browse the dashboard folder for the pages associated with the
dashboard; however, users cannot browse within the dashboard pages to see their
components (for example, any analyses embedded in the dashboard).
9-45
Chapter 9
Integrating Oracle Business Intelligence Presentation Services
9.6.1.2 Requirements for Integrating Oracle Business Intelligence Presentation
Services
You must also set up a connection to the BI application as well as configuring security
as described in Creating an Oracle BI EE Presentation Services Connection in
Developer's Guide for Oracle Business Intelligence Enterprise Edition. You will also
need to specify the credentials for the connection, as described in How to Configure
Credentials for Connecting to the Oracle BI Presentation Catalog.
The following prerequisites apply:
Oracle WebCenter Portal
•
The WC_Portal server has been installed and configured, including the database
connection, Content Server connection, and Fusion Middleware Control
OBIEE
•
Oracle Business Intelligence Applications
•
OBI Enterprise Edition version 12.2.1.1
•
OBIEE is already installed, configured, and up and running (Database –OBI
Enterprise Edition)
•
OBI Applications is installed and set up and all content is available from the OBIEE
environment (Optional)
Security
The OBIEE integration requires that the identity store user name population be the
same across WebCenter and OBIEE. This can be done by either:
•
Having WebCenter and OBIEE share the same identity store (recommended)
•
Maintaining identical user names across separate WC and OBIEE identity stores
9.6.1.3 Advanced Integration Options
As well as the approaches to adding resources described in the subsections in
Integrating Oracle Business Intelligence Presentation Services, such as adding
business intelligence analyses, dashboards, and scorecard components that can be
easily dropped onto a page, there are also options for using Web services and BI EE
Logical SQL view objects to embed business intelligence data into an application. For
more information about using Web services, see Introduction to Oracle Business
Intelligence Web Services in Integrator's Guide for Oracle Business Intelligence
Enterprise Edition. For more information about using the BI EE Logical SQL view
object, see Using the Oracle BI EE Logical SQL View Object in Developer's Guide for
Oracle Business Intelligence Enterprise Edition.
9.6.2 How to Configure Credentials for Connecting to the Oracle BI
Presentation Catalog
At design time, you need to specify credentials to connect to the Oracle BI
Presentation Catalog. These credentials are used to retrieve the list of business
intelligence objects (for example, analyses, dashboards, and scorecard components)
from the Oracle BI Presentation Catalog.
9-46
Chapter 9
Integrating Oracle Business Intelligence Presentation Services
This process ensures that the login to the Presentation Server is the same as the
current user of the application and any access checks are performed as the current
user, and data is fetched as the current user. If the ADF page contains business
intelligence objects to which the user does not have access, the ADF page returns a
message stating that the user does not have the proper permissions to access these
objects.
Note that the Perform impersonation parameter should be set to true when security
is enabled.
This section contains the following subsections:
•
How to Check for the BIImpersonateUser
•
How to Create the BIImpersonateUser
•
How to Grant Permissions to BIImpersonateUser
9.6.2.1 How to Check for the BIImpersonateUser
Use the following steps to check if a BIImpersonateUser user already exists, and that
the roles assigned to it are correct:
1. Open WLS Administration Console for your Oracle BI EE instance using an
Administrator account.
2. Locate the Domain Structure pane and select Security Realm.
The Realms pane displays.
3. In the Realms pane, select <myrealm>.
The Settings dialog displays.
4. In the Settings dialog, open the Users and Groups tab.
5. Check that BIImpersonateUser appears in the list of users.
If the BIImpersonateUser does not appear in the list, continue by creating the
BIImpersonateUser as shown in How to Create the BIImpersonateUser.
6. Log into Fusion Middleware Control with an administrator account.
7. From the Weblogic Domain menu, select Security > Application Policies.
8. On the Application Policies page under Search, choose obi from the Application
Stripe dropdown list.
9. From the Principal Type drop down list, select User.
10. In the Name field, enter BIImpersonateUser and start the search (Figure 9-34).
9-47
Chapter 9
Integrating Oracle Business Intelligence Presentation Services
Figure 9-34
Application Policies Pane - bifoundation_domain
11. If found, check that:
•
Resource Name =*
•
Resource Type =oracle.bi.user
•
Permission Actions = impersonate
•
Permission Class =oracle.security.jps.ResourcePermission
12. If the BIImpersonateUser is not found, continue by adding permissions for the
BIImpersonateUser as shown in How to Grant Permissions to BIImpersonateUser.
9.6.2.2 How to Create the BIImpersonateUser
Use the following procedures to create a BIImpersonateUser user to secure an
application that uses an Oracle BI EE Presentation Services connection and includes
Oracle BI EE objects. ADF security must be enabled for your application before you
can apply the impersonator user credentials to the Oracle BI EE Presentation Services
connection.
The Impersonate User feature secures applications that contain Oracle BI EE objects
when Oracle BI EE and ADF are not sharing an Oracle Internet Directory (OID).
Before you begin the process of creating and using Impersonate User, you must
confirm that this capability is configured in your environment.
Before you perform this procedure, make sure that either you or the Administrator
have created users in the WebLogic Server's Oracle BI EE realm and assigned the
BIConsumer group to each user in this realm. For more information, see How to
Create and Use Impersonate User in Developer's Guide for Oracle Business
Intelligence Enterprise Edition.
9-48
Chapter 9
Integrating Oracle Business Intelligence Presentation Services
Follow the steps below to create the BIImpersonateUser user:
1. Open WLS Administration Console for your Oracle BI EE instance using an
Administrator account.
2. Locate the Domain Structure pane and select Security Realm.
The Realms pane displays.
3. In the Realms pane, select <myrealm>.
The Settings dialog displays.
4. In the Settings dialog, open the Users and Groups tab.
5. Confirm that the Users tab is displaying and click New.
6. Enter BIImpersonateUser for the user name and enter a password.
7. Click OK.
9.6.2.3 How to Grant Permissions to BIImpersonateUser
Follow the steps below to use Fusion Middleware Control to grant permissions to
BIImpersonateUser:
1. From the WebLogic Domain drop down, select Security > Application Policies.
The Search pane displays.
2. On the Application Policies page under Search, choose obi from the Application
Stripe dropdown list. Set the Principle Type as User
3. Click Create.
The Create Application Grant pane displays (Figure 9-35).
Figure 9-35
Create Application Grant Pane
4. Under Permissions, click Add a new permission and perform the following
actions in the Add Permission pane.
9-49
Chapter 9
Integrating Oracle Business Intelligence Presentation Services
The Add Permission dialog displays (Figure 9-36).
Figure 9-36
Add Permission Dialog
a. In the Permission Class list, select oracle.security.jps.ResourcePermission.
b. Select Resource Types.
c. In the Resource Type list, select oracle.bi.user, and click Continue.
d. In the Resource Name field, to impersonate all users, enter *.
e. For Permissions Actions, select impersonate, and then click Select.
Clicking Select will take you back to the Create Application Grant pane.
5. Under Grantee, click Add users and perform the following actions in The Add
Principal pane:
a. In the Type list, User.
b. Click Search Roles.
c. Select BIImpersonateUser, and click OK to return to the Create Application
Grant pane.
6. In the Create Application Grant page, click OK to compete the creation of the
security grant.
7. If the changes that you made do not display, stop and restart the following servers:
•
Oracle BI EE Server
•
Oracle BI EE Presentation Server
•
WebLogic Server
9.6.3 How to Integrate Oracle Business Intelligence Objects in
WebCenter Portal
Use the following procedures to configure portal integration with the BI objects.
•
How to Add or Modify a Presentation Services Connection After Deployment
•
How to Add Oracle BI Objects to a WebCenter Portal Resource Catalog
•
How to Add Oracle BI Content at Runtime
9-50
Chapter 9
Integrating Oracle Business Intelligence Presentation Services
•
How to Modify a Business Intelligence Object's Prompt Values
•
How to Modify a Business Intelligence Task Flow's Initialization Parameters
9.6.3.1 How to Add or Modify a Presentation Services Connection After
Deployment
Before you can begin integrating BI objects in WebCenter Portal, you must first
configure a connection from WebCenter Portal to the BI server. Oracle BI EE provides
an ADF MBean that lets you add a new connection to a deployed portal or BI ADF
application. You can also modify a deployed application's existing connection. MBeans
are deployed with the application and can be accessed post-deployment using Fusion
Middleware Control.
Prior to following the steps below, you should already have followed the steps in How
to Configure Credentials for Connecting to the Oracle BI Presentation Catalogto
specify credentials to connect to the Oracle BI Presentation Catalog.
Note:
If the portal and the Oracle Business Intelligence application do not share the
same identity store, you must create the relevant users in both systems.
Follow the steps below to configure the connection after the application was deployed.
1.
Log into the FMW Control Enterprise Manager of the instance where
WebCenter Portal is installed and click on the WebLogic domain drop down
menu.
2.
From the list, select System MBean Browser.
The System MBean Browser pane displays.
3.
In the System MBean Browser pane, navigate to the ADF Connections tree node
by following the below path:
a.
Select the Application Defined MBeans tree node.
b.
Select the oracle.adf.share.connections tree node.
c.
Select the Server: <my server name> tree node.
For example, Server:DefaultServer or WC_Portal.
d.
Select the Application:<your application's name> tree node.
For example, Application:Application2 or webcenter.
e.
Open the ADF Connections tree node.
f.
Open the child ADF Connections tree node.
The corresponding MBean information displays in the Application Defined
MBean pane.
4.
In the Application Defined MBean pane, open the Operations tab and then click
createConnection to create a Presentation Services connection.
The Operation:createConnection dialog displays.
9-51
Chapter 9
Integrating Oracle Business Intelligence Presentation Services
5.
Specify the required values for the connection.
In the Connection Type value field, enter BISoapConnection, in the Connection
Name value filed, enter for example, biserver and click Invoke to create the
connection.
6.
In the System MBean Browser pane, click Refresh to refresh the tree so that the
new connection displays.
7.
Continue to expand the tree ADF Connections > BISoapConnection. You
should see the biserver connection that was created
The connection's information displays in the Application Defined MBean pane.
8.
Navigate to the Attributes tab.
9.
Enter the BISoap connection information as shown below, and then click Apply to
apply your changes.
context = analytics
host = The host name where the BI Server is running
IsStaticResourcesLocationAutomatic = true
Port = 9502(default Analytics port)
protocol = http
StaticResourcesLocation = http://machine.domain:port (This is the default URL
for the Analytics port.)
username =BIImpersonatorUser
password = BIImpersonatorUser user password
10. Keep the defaults for the rest of the fields and click Apply .
11. Click on the ADFConnections folder in the Navigation pane, open the
Operations tab, and then click Save to save the connection.
12. When you click Invoke, you should get the following message:
"Confirmation Operation executed successfully."
9.6.3.2 How to Add Oracle BI Objects to a WebCenter Portal Resource Catalog
Before you can add Oracle BI content to a portal page, you must add objects stored in
the Oracle BI Presentation Catalog to a WebCenter Portal resource catalog:
1. Log into WebCenter Portal as an administrator or application specialist.
2. In the portal browser, click the Administration tile.
3. Click Shared Assets , then Resource Catalogs.
4. Click Create.
5. In the Name field, enter the name of the resource catalog you are creating.
Complete the other fields, as necessary.
6. Make the resource catalog available by selecting its Available check box.
7. Select the new resource catalog and click Edit.
8. From the Add menu, select Add From Library.
9. Double-click Connections.
The BI Presentation Services folder displays.
10. Open this folder to display the Oracle BI objects and browse to and select the
objects that you want to add.
9-52
Chapter 9
Integrating Oracle Business Intelligence Presentation Services
11. Click Add to add the selected objects to the catalog.
For more information about managing resource catalogs at runtime, see Working
with Resource Catalogs in Building Portals with Oracle WebCenter Portal.
9.6.3.3 How to Add Oracle BI Content at Runtime
Use this procedure to create a portal page and add Oracle BI objects to it. Before you
perform this procedure, you must have added Oracle BI objects to a WebCenter Portal
resource catalog (see How to Add Oracle BI Objects to a WebCenter Portal Resource
Catalog.
1.
Log into WebCenter Portal and create a new portal or access an existing portal.
2.
Make the resource catalog containing the Oracle BI objects the default resource
catalog for portal pages. See Choosing Default Resource Catalogs
3.
In the portal editor, create a new page.
4.
In the page editor, click Add Content to open the resource catalog, and browse to
the folder containing the Oracle BI objects.
Figure 9-37
5.
Resource Catalog with the Oracle BI Component
Select an analysis or dashboard and click Add.
The object that you selected is added to the page.
9-53
Chapter 9
Integrating Oracle Business Intelligence Presentation Services
Figure 9-38
Portal Page with Oracle BI Component
9.6.3.4 How to Modify a Business Intelligence Object's Prompt Values
Use this procedure to test the portal page by changing an analysis or dashboard's filter
or prompt values.
1. Open the page that you created.
2. In the running page, click Page Actions and then click the Edit link to enter edit
mode.
3. Add an analysis or dashboard that contains a filter or prompt. For more information
about adding Oracle BI objects to the page, see How to Add Oracle BI Content at
Runtime.
4. Without exiting the edit mode of the page, save the portal page.
5. In the portal page, modify the prompt values and click OK.
6. Exit edit mode, save the page and confirm that the application correctly applied the
prompt values.
9.6.3.5 How to Modify a Business Intelligence Task Flow's Initialization
Parameters
Use the following procedure to test the business intelligence task flow's initialization
parameters.
1. Open the page that you created.
2. In the running page, click Page Actions and then click the Edit link to enter the edit
mode.
3. Add an analysis or dashboard that is part of a task flow. For more information about
adding business intelligence content to the .jspx page, see How to Add Oracle BI
Content at Runtime.
4. Without exiting the edit mode for the page, save the portal page.
5. Locate the business intelligence object and click the Edit (wrench) icon.
The Component Properties dialog displays.
9-54
Chapter 9
Integrating with Oracle Content and Experience Cloud
6. On the portal page, open the Parameters tab and modify the object's parameters
and click OK.
7. Open the Parameters tab, modify the object's parameters, and click OK.
8. Exit edit mode, save the page and confirm that the application correctly applied the
modified parameter values.
9.7 Integrating with Oracle Content and Experience Cloud
This section describes how to integrate Oracle Content and Experience Cloud with
WebCenter Portal.
It contains the following topics:
•
About Oracle Content and Experience Cloud Integration
•
Integrating Oracle Content and Experience Cloud with WebCenter Portal
•
Creating a Default Oracle Content and Experience Cloud Connection Using WLST
9.7.1 About Oracle Content and Experience Cloud Integration
The Oracle DOCS Content Manager task flow enables users to integrate Oracle
WebCenter Portal with Oracle Content and Experience Cloud and quickly access
documents in Oracle Content and Experience Cloud. You can add, view, manage, and
share documents and collaborate in cloud server with robust security from WebCenter
Portal.
The Oracle DOCS Content Manager task flow:
•
Provides easy and secure access to Oracle Content and Experience Cloud from
WebCenter Portal
•
Allows easy collaboration with other people
9.7.2 Integrating Oracle Content and Experience Cloud with
WebCenter Portal
To integrate Oracle Content and Experience Cloud with WebCenter Portal:
1. Add the WebCenter domain in Oracle Content and Experience Cloud to allow the
display of embedded content from Oracle Content and Experience Cloud within
WebCenter Portal.
9-55
Chapter 9
Integrating with Oracle Content and Experience Cloud
Note:
Log in to Oracle Content and Experience Cloud as an administrator. From the
user menu, select Administration, then Documents. On the Documents
page, enable the Embedded Content option. In the Allowed Domains field,
provide portal host name and port number.
For example: hostname:port
For more information, see Embedding Content in Other Domains in
Administering Oracle Content and Experience Cloud.
2. Register Oracle Content and Experience Cloud with WebCenter Portal. For more
information, see Creating a Default Oracle Content and Experience Cloud
Connection Using WLST.
3. Add the Oracle DOCS Content Manager task flow to a portal page. For more
information, see Adding the Oracle DOCS Content Manager Task Flow to a Page
in Building Portals with Oracle WebCenter Portal.
4. (Optional) Customize the Oracle Content and Experience Cloud connection. For
more information, see Customizing the Oracle Content and Experience Cloud URL
Connection in Building Portals with Oracle WebCenter Portal.
Note:
You can customize the Oracle Content and Experience Cloud connection to
change the default URL connection to a different connection.
9.7.3 Creating a Default Oracle Content and Experience Cloud
Connection Using WLST
Create a default Oracle Content and Experience Cloud URL Connection in Oracle
WebCenter Portal using WLST, use WLST command adf_createHttpURLConnection.
The following is the syntax for the WLST command:
adf_createHttpURLConnection(appName=<application name>, name=<connection name>,
url='http://<host>:<port>/documents')
where,
•
appName is the application name, for example webcenter.
•
name is the default URL connection. Set the name as WCP-DCS.
•
<host>:<port> is the host and the port of the of your Oracle Content and
Experience Cloud.
Example:
adf_createHttpURLConnection(appName='webcenter', name='WCP-DCS', url='http://
<host>:<port>/documents')
For more information on WLST, see Oracle WebLogic Scripting Tool (WLST).
9-56
Chapter 9
Integrating with Oracle Content and Experience Cloud
You can list the created connection and also delete the connection using the following
WLST commands
•
To list the connections created, use the following WLST command:
adf_listURLConnection(appName=<application name>)
For example:
adf_listURLConnection(appName='webcenter')
•
To delete the connection use
deleteConnection(appName=<application name>, name='connection name')
For example:
deleteConnection(appName='webcenter', name='WCP-DCS')
9-57
Chapter 9
Integrating with Oracle Content and Experience Cloud
9-58
10
Managing Search in WebCenter Portal with
Elasticsearch
Configure Elasticsearch to index and search objects in WebCenter Portal.
Permissions
To perform the tasks in this chapter, you must be granted the WebLogic Server Admin
role through the Oracle WebLogic Server Administration Console and the
Administrator role granted through WebCenter Portal Administration.
See Understanding Administrative Operations, Roles, and Tools.
Topics
•
Understanding Search with Elasticsearch
•
Configuration Roadmap for Elasticsearch in WebCenter Portal
•
Prerequisites for Configuring Elasticsearch
•
Creating a Crawl Admin User in WebCenter Portal
•
Installing Elasticsearch and Plugins
•
Configuring WebCenter Content for Search
•
Configuring WebCenter Portal for Search
•
Synchronizing Users in WebCenter Portal
•
Configuring Search Crawlers
•
Modifying Elasticsearch Global Attributes
•
Configuring Search Custom Attributes for Elasticsearch
•
Scheduling a Crawl
•
Customizing Settings in WebCenter Portal Administration
•
Troubleshooting Issues with Elasticsearch
10.1 Understanding Search with Elasticsearch
Elasticsearch is a highly scalable search engine. It allows you to store, search, and
analyze big volumes of data quickly and provides a distributed, multitenant-capable
full-text search engine with an HTTP web interface and schema-free JSON
documents.
Advantages of Elasticsearch
•
Elasticsearch provides full-text search capabilities as it is built on Lucene.
10-1
Chapter 10
Configuration Roadmap for Elasticsearch in WebCenter Portal
•
Elasticsearch is document-oriented. It stores data as structured JSON documents
and indexes all fields by default, with a higher performance result.
•
Elasticsearch is API driven; actions can be performed using a simple Restful API.
•
Elasticsearch retrieves search results fast because it searches an index instead of
searching the text directly.
You can configure Elasticsearch to search the following resources in WebCenter
Portal:
•
Documents, including wikis and blogs
•
Portals, page metadata, lists, and people resources
•
Announcements and Discussions (available only for portals upgraded from prior
releases)
10.2 Configuration Roadmap for Elasticsearch in
WebCenter Portal
Table 10-1
Roadmap - Setting Up Elasticsearch in WebCenter Portal
Actor
Task
Administrator
Creating a Crawl Admin User in WebCenter Portal
Administrator
Installing Elasticsearch and Plugins
Administrator
Configuring WebCenter Content for Search
Administrator
Configuring Search Crawlers
Administrator
Customizing Settings in WebCenter Portal Administration
Administrator
(Optional) Configuring Search Custom Attributes for Elasticsearch
Administrator
(Optional) Modifying Elasticsearch Global Attributes
10.3 Prerequisites for Configuring Elasticsearch
Ensure the following requirements:
•
Oracle WebCenter Portal is installed.
•
Optional. If you choose to use WebCenter Content for search, ensure that
WebCenter Content is configured and all required components are enabled. See
Managing Connections to Oracle WebCenter Content Server.
10.4 Creating a Crawl Admin User in WebCenter Portal
You can designate an existing user as crawl admin or create a crawl admin user (for
example, mycrawladmin) in WebCenter Portal and in your back-end identity
management server to search using Elasticsearch. You must create a crawl admin
user only once.
10-2
Chapter 10
Creating a Crawl Admin User in WebCenter Portal
Note:
See your identity management system documentation for information on
creating users.
The following example uses Oracle Directory Services Manager to create the
mycrawladmin user:
1. On the Data Browser tab, navigate to the target cn and click Create.
This example navigates to "dc=com,dc=oracle,dc=us,cn=Users".
2. In the Add Object Class dialog, select the appropriate object class, and click OK.
Figure 10-1
Oracle Directory Services Manager - Add Object Class
3. Find the distinguished name (DN) path, and click Select.
This example selects "dc=com,dc=oracle,dc=us,cn=Users".
4. In the Create New Entry dialog, enter properties, and click Next.
10-3
Chapter 10
Installing Elasticsearch and Plugins
Figure 10-2
Oracle Directory Services Manager - Create New Entry
5. When you see that the new entry was created successfully, click Finish.
Figure 10-3
Oracle Directory Services Manager - Status
10.5 Installing Elasticsearch and Plugins
To install Elasticsearch and plugins:
1. Navigate to your Oracle home directory and edit the installES.properties file:
Edit ORACLE_HOME/wcportal/es/installES.properties
Specify the required values.
The following is the example of the installES.properties file:
# A valid ORACLE_HOME. This must contain elasticsearch binaries at $ORACLE_HOME/
wcportal/es
ORACLE_HOME=/home/Oracle/product
# A valid Admin Server host which contains WebCenter Portal
ADMIN_SERVER_HOST_NAME=host.example.com
# Admin server port
ADMIN_SERVER_PORT=7001
# A valid user name of Admin Server
WLS_ADMIN_USER=weblogic
# A valid user name of the search application
SEARCH_APP_USER=mycrawladmin
# This will typically be $WEBCENTER_PORTAL_DOMAIN_HOME/config/fmwconfig
# If $WEBCENTER_PORTAL_DOMAIN_HOME is not accessible from this host,
# copy the directory $WEBCENTER_PORTAL_DOMAIN_HOME/config/fmwconfig
# from WebCenter Portal domain host to this host and provide that location
WCP_FMW_CONFIG_LOCATION=/weblogic/admin/webcenter/aserver/webcenter/config/
fmwconfig
# CURRENT_HOST_NAME is default value of ELASTIC_SEARCH_CLUSTER_NAME
# If you provide the same then it will be replaced with current hostname
# If required, you can change the value of ELASTIC_SEARCH_CLUSTER_NAME
# Make sure that you don't reuse the same cluster names in different
environments, otherwise
you might end up with nodes joining the wrong cluster. For instance you could use
10-4
Chapter 10
Installing Elasticsearch and Plugins
logging-dev, logging-stage, and
# logging-prod for the development, staging, and production clusters
ELASTIC_SEARCH_CLUSTER_NAME=CURRENT_HOST_NAME
# 9200 is default port of elastic search
# you can change ELASTIC_SEARCH_PORT value also if needed
ELASTIC_SEARCH_PORT=9200
2. Enter the following command to install Elasticsearch and plugins:
ORACLE_HOME/oracle_common/bin/wlst.sh ORACLE_HOME/wcportal/es/installES.py
ORACLE_HOME/wcportal/es/installES.properties
The following is the sample output for the successful installation:
.
.
.
Successfully connected to Admin Server "AdminServer" that belongs to domain
"wc_domain".
Unziping /Oracle_Home/wcportal/es/elasticsearch.tar.gz...
...done
-> Downloading file:////Oracle_Home/wcportal/es/webcenter-search-es-authplugin.zip
[=================================================] 100%
-> Installed orcl-wcp-es-auth-plugin
-> Downloading file:////sOracle_Home/wcportal/es/webcenter-search-es-crawl-ucmplugin.zip
[=================================================] 100%
-> Installed orcl-wcp-es-crawl-ucm-plugin
Executing /Oracle_Home/esHome/startElasticsearch.sh
Jul 26, 2017 3:50:41 AM oracle.security.jps.JpsStartup startWithRetry
INFO: Jps initializing.
Executing /Oracle_Home/esHome/stopElasticsearch.sh
Executing Oracle_Home/esHome/startElasticsearch.sh
Jul 26, 2017 3:51:36 AM oracle.security.jps.JpsStartup startWithRetry
INFO: Jps initializing.
Elasticsearch server started. Elasticsearch home is at /home/Oracle/product/esHome
3. After the successful installation, verify that the Elasticsearch is configured properly.
a.
Access the URL http://host:9200 using the Mozilla Firefox browser.
A basic authentication dialog is displayed to enter the user name and
password.
b.
Enter your crawl user name and password that you created in WebCenter
Portal. See Creating a Crawl Admin User in WebCenter Portal.
Successful login confirms that Elasticsearch Server is configured properly.
Note:
If you are unable to login or if Elasticsearch installation fails, check the logs in
the following location:
/home/Oracle/product/esHome/esNode/logs
10-5
Chapter 10
Configuring WebCenter Content for Search
10.6 Configuring WebCenter Content for Search
This topic describes how to configure WebCenter Content for search.
Note:
The following topics are applicable only if WebCenter Content is configured.
•
Creating a Crawl User in WebCenter Content
•
Configuring the SESCrawlerExport Component
10.6.1 Creating a Crawl User in WebCenter Content
This procedure describes how to create a new crawl user in WebCenter Content.
If you want users with the admin role to crawl, then use an admin user account as the
crawl user. If you want non-admin users to crawl, then create a new crawl user.
To create a crawl user in WebCenter Content:
1. Log on to WebCenter Content as an Administrator.
2. To create a role sescrawlerrole, do the following:
a. On the WebCenter Content home page, expand Administration and then Log
Files.
b. Select Admin Applets and then User Admin.
c. From the User Admin dialog, choose Security tab, then Permissions by Role.
d. In the Permissions By Role dialog, click Add New Role.
e. In the Add New Role dialog, enter a Role Name as sescrawlerrole and specify
the Role Display Name.
f. Click OK.
3. To create a user sescrawler, and assign the sescrawlerrole role to the user, do the
following:
a. On the WebCenter Content home page, expand Administration and then Log
Files.
b. Select Admin Applets and then Users and click Add.
c. Choose the Authentication Type as Local and click OK.
d. In the Add User dialog, enter the name as sescrawler and specify password.
e. Click OK.
4. On the WebCenter Content home page, expand Administration, then Admin
Server. Select General Configuration and append the
sceCrawlerRole=sescrawlerrole entry in the Additional Configuration Variables
section.
5. Restart WebCenter Content.
10-6
Chapter 10
Configuring WebCenter Content for Search
10.6.2 Configuring the SESCrawlerExport Component
Before you begin, verify that the SESCrawlerExport component is enabled. If not, enable
the component (see Enabling the WebCenterConfigure Component) and restart the
WebCenter Content server.
To configure the SESCrawlerExportcomponent for admin and non-admin users:
1. Log on to WebCenter Content as a system administrator.
2. On the WebCenter Content home page, expand Administration and select
SESCrawlerExport.
Figure 10-4
WebCenter Content Server Administration Menu
3. On the SESCrawlerExport Administration page, click Configure
SESCrawlerExport.
Figure 10-5
SESCrawlerExport Administration Page
4. On the Configure SESCrawlerExport page, set the value for Crawler Role.
•
If you want to configure SESCrawlerExport for an admin user, set the value for
the Crawler Role as admin.
10-7
Chapter 10
Configuring WebCenter Portal for Search
•
If you want to configure SESCrawlerExport for a non-admin user, set the value
for the Crawler Role as sescrawlerrole.
The following figure shows the Configure SESCrawlerExport page, where Crawler
Role is set as sescrawlerrole for a non-admin user.
Figure 10-6
Configure SESCrawlerExport Page
5. Click Update.
6. Restart WebCenter Content.
10.7 Configuring WebCenter Portal for Search
To configure WebCenter Portal for search, you need to configure the connection
between WebCenter Portal and Elasticsearch and grant the crawl application role to
the crawl admin user. Finally, you have to configure the WebCenter Content crawl
user in Elasticsearch.
Note:
Only one search connection can exist. Before running createSearchConnection
WLST command, ensure that you delete any existing search connection.
To configure WebCenter Portal for search:
1. Navigate to your Oracle home directory and invoke the WLST script.
See Running Oracle WebLogic Scripting Tool (WLST) Commands.
10-8
Chapter 10
Configuring WebCenter Portal for Search
2. Connect to the Oracle WebCenter Portal domain (WC_Portal ) server.
3. At the WLST command prompt, run the createSearchConnection WLST command to
configure a connection between WebCenter Portal and Elasticsearch:
createSearchConnection(appName, name, url, indexAliasName, appUser,
appPassword)
where
•
appName is the name of the application, for WebCenter Portal, the value is
webcenter.
•
name is the connection name. The name must be unique within the application.
For example dev-es.
•
url is the location of the Elasticsearch server. For example, http://host:9200.
•
indexAliasName is the name of the index alias in the Elasticsearch server. For
example, webcenter_portal.
The indices will be created using the alias as the prefix, as shown in the
following example:
–
<indexAliasName>_portals For example, webcenter_portal_portals
–
<indexAliasName>_documents For example, webcenter_portal_documents
Note: The name must be in lowercase alphanumeric characters and unique
across all portal servers.
•
appUser is the crawl admin user name. For example, mycrawladmin.
•
appPassword is the crawl admin user password.
The following example creates a connection between WebCenter Portal (webcenter)
and Elasticsearch located at 'http://host:9200':
createSearchConnection (appName='webcenter',name='dev-es', url='http://host:
9200', indexAliasName='webcenter_portal', appUser='mycrawladmin',
appPassword='welcome1')
4. At the WLST command prompt, run the grantAppRole WLST command to grant the
crawl application role to the crawl admin user created in WebCenter Portal. See
Creating a Crawl Admin User in WebCenter Portal.
grantAppRole(appStripe="webcenter", appRoleName="webcenter#-#defaultcrawl",
principalClass="weblogic.security.principal.WLSUserImpl",
principalName=appUser)
where
•
appUser is the crawl admin user name created in WebCenter Portal. For
example, mycrawladmin.
The following example shows how to grant the crawl application role to the crawl
admin user (mycrawladmin):
grantAppRole(appStripe="webcenter", appRoleName="webcenter#-#defaultcrawl",
principalClass="weblogic.security.principal.WLSUserImpl",
principalName="mycrawladmin")
5. At the WLST command prompt, run the createCred WLST command to configure
the WebCenter Content crawl user in Elasticsearch.
10-9
Chapter 10
Synchronizing Users in WebCenter Portal
createCred(map="oracle.es.security", key="content.crawl.credentials",
user='wcc-crawl-user', password='wcc-crawl-password', desc="UCM Crawl User")
where,
•
wcc-crawl-user is the WebCenter Content crawl user. See Creating a Crawl
User in WebCenter Content
•
wcc-crawl-password is the password of the WebCenter Content crawl user.
•
desc is the description of the WebCenter Content crawl user.
The following example shows how to configure the WebCenter Content crawl user:
createCred(map="oracle.es.security", key="content.crawl.credentials",
user='sescrawler', password='welcome1', desc="UCM Crawl User")
10.8 Synchronizing Users in WebCenter Portal
Before performing a portal full crawl, we recommend you to run the LDAP
synchronization WLST command to ensure that all users are available in portal.
To synchronize users in WebCenter Portal:
1. Navigate to your Oracle home directory and invoke the WLST script.
See Running Oracle WebLogic Scripting Tool (WLST) Commands.
2. Connect to the Oracle WebCenter Portal domain (WC_Portal ) server.
3. At the WLST command prompt, run the startSyncProfiles WLST command to
synchronize profile information.
startSyncProfiles(appName='webcenter')
Note:
Synchronizing profile information may take some time depending on the
number of users.
4. Run the isSyncProfilesRunning command to verify that the user
synchronization is complete.
isSyncProfilesRunning(appName='webcenter')
10.9 Configuring Search Crawlers
You can configure the following types of crawlers to index WebCenter Portal
resources:
•
Portal Crawler: This uses the Portal crawl source to crawl certain objects, such as
lists, page metadata, portals, and profiles.
•
Documents Crawler: This uses the Documents crawl source to crawl documents,
including wikis and blogs.
•
Discussions Crawler: This uses the Discussions crawl source to crawl discussion
forums and announcements. This option is available only for portals upgraded
from prior releases.
10-10
Chapter 10
Configuring Search Crawlers
The following topics describe how to create different crawl sources using Scheduler UI
in WebCenter Portal Administration:
•
Creating the Crawl Source for WebCenter Portal
•
Creating the Crawl Source for Documents
•
Taking a Snapshot of the Content
•
Creating the Crawl Source for Discussion Server
10.9.1 Creating the Crawl Source for WebCenter Portal
To create the crawl source using Scheduler UI in WebCenter Portal Administration:
1. Open the WebCenter Portal Administration page.
2. Click Tools and Services, and then select Search.
The Search settings page opens.
3. On the Scheduler tab, select the Portal crawl source and click Edit.
Figure 10-7
Elastic Search Setting Scheduler
4. On the Edit Portal Crawl Source page, you can modify the following source
parameters.
•
Maximum number of connection attempts: Maximum number of connection
attempts to access the configuration URL. Choose number from 2 to 10.
•
Configuration URL : URl of the RSS crawl servlet. For example: http://<wcphost>:<wcp-port>/rsscrawl
10-11
Chapter 10
Configuring Search Crawlers
Figure 10-8
Elastic Search Edit Portal Crawl Source
5. Enter the WebCenter Portal crawl admin user credentials.
6. Click Test to test the connection.
If the test is successful, the following message displays: Connection test is
successful.
7. Click Save and Close to save the changes.
10.9.2 Creating the Crawl Source for Documents
If you have configured WebCenter Content, you can create the crawl source for
Documents using Scheduler UI in WebCenter Portal Administration.
1. Open the WebCenter Portal Administration page.
2. Click Tools and Services, and then select Search.
The Search settings page opens.
3. On the Scheduler tab, select the Documents crawl source and click Edit.
10-12
Chapter 10
Configuring Search Crawlers
Figure 10-9
Elastic Search Setting Scheduler
4. On the Edit Document Crawl Source page, you can modify the following source
parameters.
•
Maximum number of connection attempts: Maximum number of connection
attempts to access the configuration URL. Choose number from 2 to 10.
•
Configuration URL : URL of the Webcenter Content SESCrawlerExport
component.
For example: http://<ucm-host>:<ucm-port>/cs/idcplg?
IdcService=SES_CRAWLER_DOWNLOAD_CONFIG&source=source_name
The source_name must be one of the strings used in Webcenter Content
SESCrawlerExport component Source Name (sceSourceName) parameter. For
more information on SESCrawlerExport Parameters, see Configuring
SESCrawlerExport Parameters in Administering Oracle WebCenter Content.
For example: http://host.example.con:port/cs/idcplg?
IdcService=SES_CRAWLER_DOWNLOAD_CONFIG&source=esDS
10-13
Chapter 10
Configuring Search Crawlers
Figure 10-10
Elastic Search Edit Document Crawl Source
5. Enter the WebCenter Content crawl admin user login credentials.
6. Click Test to test the connection.
If the test is successful, the following message displays: Connection test is
successful.
7. Click Save and Close to save the changes.
10.9.3 Taking a Snapshot of the Content
The snapshot generates a configFile.xml file at the location specified by the
SESCrawlerExport component FeedLoc parameter. XML feeds are created in the
subdirectory with the source name; for example, wikis. Performing a snapshot can
take some time depending on the number of items you have stored on the Content
Server instance and how many sources you are generating.
Note:
It is important to take a snapshot before the first crawl or any subsequent full
crawl of the source.
To take a snapshot of the content:
1. Log on to WebCenter Content as a system administrator.
2. From the Administration drop-down list, select SESCrawlerExport.
3. Select All sources, and click Take Snapshot.
10-14
Chapter 10
Configuring Search Crawlers
10.9.4 Creating the Crawl Source for Discussion Server
Create the crawl source for Discussion server using Scheduler UI in WebCenter Portal
Administration. This option is available only for portals upgraded from prior releases.
1. Open the WebCenter Portal Administration page.
2. Click Tools and Services, and then select Search.
The Search settings page opens.
3. On the Scheduler tab, select the Discussions crawl source and click Edit.
10-15
Chapter 10
Configuring Search Crawlers
Figure 10-11
Elasticsearch Setting Scheduler
4. On the Edit Discussion Crawl Source page, you can modify the following source
parameters.
•
Database Connection String: jdbc url of the discussions schema. The
format of the string is jdbc.oracle.thin@host:port:servername.
Figure 10-12
Elastic Search Edit Document Crawl Source
10-16
Chapter 10
Modifying Elasticsearch Global Attributes
5. Enter the discussions crawler schema user name (for example,
Prefix_Discussions_Crawler) and password.
6. Click Test to test the connection.
If the test is successful, the following message displays: Connection test is
successful.
7. Click Save and Close to save the changes.
10.10 Modifying Elasticsearch Global Attributes
WebCenter Portal uses Elasticsearch to index and search the objects. The attributes
wcESConnectionTimeoutPeriod and wcESReadTimeoutPeriod is used to configure the
interaction between WebCenter Portal and Elasticsearch. The
wcESDocumentsCrawlerThreads attribute is used to configure the number of threads
required to process the crawling of documents.
The following are the attributes:
•
wcESConnectionTimeoutPeriod is the connection timeout interval, in seconds.
This is the amount of time WebCenter Portal will wait to establish the connection
to the Elasticsearch server. The default value is 30 seconds.
•
wcESReadTimeoutPeriod is the read timeout interval, in seconds. Once
WebCenter Portal is connected to the Elasticsearch server, this specifies the
amount of time allowed for the Elasticsearch server to respond in a given request.
The default value is 30 seconds.
•
wcESDocumentsCrawlerThreads: The tasks for crawling the documents for
search are handled in threads. This is done by creating a thread pool with a fixed
number of threads, where each thread handles the crawl for the documents. The
attribute wcESDocumentsCrawlerThreads can be used to specify the number of
threads used to create a thread pool. The default value is 10. If a thread is not
available for a crawl task, the task is in queue, waiting for other task to complete.
You can modify the default value of the attributes in Attributes page in WebCenter
Portal administration. After you modify the value, you must restart the WebCenter
Portal server for the changes to take effect.
To modify the default value:
1. On the Settings page, click Attributes.
10-17
Chapter 10
Configuring Search Custom Attributes for Elasticsearch
Figure 10-13
Attributes for Elasticsearch Settings
2. On the Attributes page, click the Actions icon for the attribute and select Edit
Attribute.
3. In the Edit Attribute dialog, modify the attribute Value.
4. Click OK.
5. Restart WebCenter Portal.
10.11 Configuring Search Custom Attributes for
Elasticsearch
When you search using WebCenter Portal, only certain predefined attributes show up
in the search results. WebCenter Portal allows you to see additional attributes in your
search results. This can be achieved from the Search Setting page in portal
administration, where the Custom Attributes section lets you select which custom
search attributes should appear in search results and the order in which they appear.
This list in the Search Setting page is driven by search-service-attributes.xml. It
contains list of all attributes that we crawl for each service. Types in elastic search
index is defined by this metadata. You can add a new custom attribute or modify the
existing one in the search-service-attributes.xml file.
The following procedure describes how to add a new search custom attribute using
Document service as an example.
To add a new search custom attribute:
1. Update the metadata list on Oracle WebCenter Content SESCrawlerExport
component:
a. Log on to Oracle WebCenter Content as a system administrator.
b. On the WebCenter Content home page, expand Administration and select
SESCrawlerExport.
10-18
Chapter 10
Configuring Search Custom Attributes for Elasticsearch
Figure 10-14
WebCenter Content Server Administration Menu
c. On the SESCrawlerExport Administration page, click Configure
SESCrawlerExport.
Figure 10-15
SESCrawlerExport Administration Page
d. On the Configure SESCrawlerExport page, append the Metadata list with the
new custom attribute.
In this example, Web Site Object Type custom attribute (xWebsiteObjectType)
content is added to the metadata.
List.dDocAuthor,dDocAccount,dDocCreatedDate,dDocCreator,dDocFunction,dDocLastMo
difiedDate,dDocLastModifier,dDocName,
dID,dDocType,dFileSize,dFormat,dOriginalName,dOutDate,dRevLabel,dSecurityGroup,
fParentGUID,sceHostname,xClbraRoleList,
xClbraUserList,xComments,xIdcProfile,xLibraryGUID,xWCTags,xWCWorkflowApproverUs
erList,xWCWorkflowAssignment,
xAnnotationDetails,dDocTitle,xRegionDefinition, xWebsiteObjectType
2. Add a new custom attribute to the search-service-attributes.xml file:
a. At the WLST command prompt, run the exportMetadata WLST command to
export the latest search-service-attributes.xml file from MDS repository:
10-19
Chapter 10
Configuring Search Custom Attributes for Elasticsearch
exportMetadata('webcenter', 'WC_Portal', toLocation='/tmp/es', docs='/oracle/
webcenter/search/scopedMD/
s8bba98ff_4cbb_40b8_beee_296c916a23ed/search-service-attributes.xml')
b. Add the new custom attribute to the search-service-attributes.xml file.
In this example, Web Site Object Type is added to the search-serviceattributes.xml file under the oracle.webcenter.doclib service ID:
<service id="oracle.webcenter.doclib">
<attribute name="author" displayNameKey="WC_AUTHOR" displayName="Author"
type="keyword"/>
<attribute name="doc_author" displayNameKey="WC_DOC_AUTHOR"
displayName="Author" type="keyword" backendAttribute="dDocAuthor"/>
…
…
…
…
<attribute name="wcsecattr" displayNameKey="WC_SECATTR"
displayName="Security Attributes" type="keyword" hidden="true"/>
<attribute name="wcsecattr_deny" displayNameKey="WC_SECATTRDENY"
displayName="Security Deny Attributes" type="keyword" hidden="true"/>
<attribute name="xWebsiteObjectType" displayNameKey="WC_xWebsiteObjectType"
displayName="Web Site Object Type"
type="keyword" backendAttribute="xWebsiteObjectType"/>
</service>
c. Save and import the updated search-service-attributes.xml file to the MDS
repository using the importMetada WLST command:
importMetadata('webcenter', 'WC_Portal', fromLocation='/tmp/es', docs='/oracle/
webcenter/search/scopedMD/
s8bba98ff_4cbb_40b8_beee_296c916a23ed/search-service-attributes.xml')
3.
Start a full crawl for the new custom attribute to appear in the Search Settings
page. See Manually Starting a Full Crawl.
4. Access the Search Settings page in portal administration and verify if the new
attribute is appearing in the Available Attributes under Custom Attributes
section.
In this example, Web Site Object is the newly added custom attribute.
10-20
Chapter 10
Scheduling a Crawl
Figure 10-16
Verifying the Newly Added Custom Attribute
5. Select the newly added custom attribute from the list of Available Attributes and
move it to the Included Attributes column so that they appear in search results.
6. Click Apply.
7. Navigate to your portal and enter a search term in the global search field and click
the search icon.
The following figure shows search results that include the newly created custom
attributes, Web Site Object :
Figure 10-17
Search Results with the Created Custom Attribute
10.12 Scheduling a Crawl
In WebCenter Portal, you can schedule an incremental crawl or manually start a full
crawl. The following topics describe how to schedule a crawl and how to start, enable
or disable a crawl.
•
Scheduling an Incremental Crawl
•
Manually Starting a Full Crawl
10-21
Chapter 10
Scheduling a Crawl
•
Starting the Scheduled Crawler
•
Enabling and Disabling the Scheduled Crawl
10.12.1 Scheduling an Incremental Crawl
You can specify an interval between incremental crawls. By default, the crawler is set
to manual, but you can specify a different frequency, such as hourly or daily.
1. Open the WebCenter Portal Administration page.
2. Click Tools and Services, then select Search.
The Search settings page opens.
3. On the Scheduler tab, select the Portal crawl source and click Schedule.
The Schedule Portal Crawler page opens.
Figure 10-18
Elastic Search Schedule Portal Crawler
4. From the Frequency Type list, select the required frequency type.
Option
Description
Manual Launch
This is the default crawler frequency type.
Hourly
Select the following option:
•
Daily
Time Between Launches in hours
Select the following options:
•
•
Time Between Launches in days
Schedule Launching Time
10-22
Chapter 10
Scheduling a Crawl
Option
Description
Weekly
Select the following options:
•
•
Time Between Launches in weeks
Schedule Launching Time: Select the day of the
week and the time from 1 to 12 AM and PM
5. Click Save and Close.
10.12.2 Manually Starting a Full Crawl
You can manually start a full crawl to crawl all items in WebCenter Portal. We
recommend you to start a full crawl only during non peak period as it is time
consuming and crawls all the items. Full crawl has to be manually started and cannot
be scheduled to run automatically.
To start a full crawl:
1. Open the WebCenter Portal Administration page.
2. Click Tools and Services, and then select Search.
The Search settings page opens.
3. On the Scheduler tab, select the crawl source and click Schedule.
The Schedule Portal Crawler page opens.
Figure 10-19
Elastic Search Schedule Portal Crawler
4. In the Crawl All Items, click Start Crawl Now.
5. Click Save and Close to save the changes.
10-23
Chapter 10
Customizing Settings in WebCenter Portal Administration
10.12.3 Starting the Scheduled Crawler
To start the scheduled crawler:
1. Open the WebCenter Portal Administration page.
2. Click Tools and Services, and then select Search.
The Search settings page opens.
3. On the Scheduler tab, select the crawl source and click Start.
WebCenter Portal starts incremental crawl for the selected crawl source.
10.12.4 Enabling and Disabling the Scheduled Crawl
You can enable and disable the schedule crawl. When the status of the crawl is in
progress, you cannot disable a crawl.
1. Open the WebCenter Portal Administration page.
2. Click Tools and Services, and then select Search.
The Search settings page opens.
3. On the Scheduler tab, select the crawl source that you want to modify and click
Enable to enable the crawl or click Disable to disable the crawl.
10.13 Customizing Settings in WebCenter Portal
Administration
You can customize Result Types and Filtering, Search Scope, Facets and Custom
Attributes using Search Settings page in WebCenter PortalAdministration. Portal
managers can reset only the search scope for the portals that they manage.
1. Open the WebCenter Portal Administration page.
2. Click Tools and Services, and then select Search.
The Search Settings page opens.
10-24
Chapter 10
Customizing Settings in WebCenter Portal Administration
Figure 10-20
Elasticsearch Settings
3. Select the Enable filtering dropdown option to enable filtering the search results
based on selected services.
Figure 10-21
Elastic Search Settings-Result Types and Filtering
4. Choose the types of results to be included in the search result by moving them
back and forth between the Available Result Types and Included Result Types.
5. Set the search scope to include search results for the Home portal only or all
portals (including the Home portal).
10-25
Chapter 10
Customizing Settings in WebCenter Portal Administration
Figure 10-22
Elasticsearch Settings - Search Scope
6. Select which facets to display with search results and the order in which they
appear.
Figure 10-23
Elasticsearch Settings - Facets
7. In the Custom Attributes section, select which custom search attributes should
appear in search results and the order in which they appear by moving the
attributes to the Included Attributes section.
10-26
Chapter 10
Customizing Settings in WebCenter Portal Administration
Figure 10-24
Elasticsearch Settings - Custom Attributes
8. Click Apply.
10-27
Chapter 10
Customizing Settings in WebCenter Portal Administration
10-28
11
Managing Instant Messaging and Presence
Configure and manage instant messaging and presence (IMP) for WebCenter Portal.
Always use Fusion Middleware Control or WLST command-line tool to review and
configure back-end tools and services for WebCenter Portal. Any changes that you
make to these applications, postdeployment, are stored in MDS metadata store as
customizations.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role granted through WebCenter Portal Administration.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
Topics:
•
About Instant Messaging and Presence Connections
•
Instant Messaging and Presence Server Prerequisites
•
Registering Instant Messaging and Presence Servers
•
Choosing the Active Connection for Instant Messaging and Presence
•
Modifying Instant Messaging and Presence Connection Details
•
Deleting Instant Messaging and Presence Connections
•
Setting Up Instant Messaging and Presence Defaults
•
Testing Instant Messaging and Presence Connections
11.1 About Instant Messaging and Presence Connections
Instant Messaging and Presence (IMP) lets you see the presence status of other
authenticated application users (online, offline, busy, or away), and it provides quick
access to interaction options, such as instant messages (IM) and mail.
A single connection to a back-end presence server is required. WebCenter Portal is
certified with Microsoft Lync 2010.
Note:
Oracle Beehive Server connections are not supported in this release.
11-1
Chapter 11
Instant Messaging and Presence Server Prerequisites
You can register the presence server connection for your application through the
Fusion Middleware Control Console or using WLST. You must mark a connection as
active for IMP to work. You can register additional presence server connections, but
only one connection is active at a time. Configuration changes for instant messaging
and presence, through Fusion Middleware Control or using WLST, are not dynamic, so
you must restart the managed server on which WebCenter Portal is deployed for
changes to take effect.
11.2 Instant Messaging and Presence Server Prerequisites
This section describes the Microsoft Lync 2010 prerequisites as the presence server
for instant messaging and presence.
This section includes the following subsections:
•
Microsoft Lync - Installation
•
Microsoft Lync - Configuration
•
Microsoft Lync - Security Considerations
11.2.1 Microsoft Lync - Installation
Refer to the Microsoft Lync 2010 documentation for installation information.
11.2.2 Microsoft Lync - Configuration
To use Microsoft Lync 2010 as the presence server for IMP, you must deploy
WebCenter Portal's Proxy application for Microsoft Lync 2010 in one of the two
topologies:
•
Simple Deployment – All components reside on the same box
•
Remote Deployment – The proxy application and Microsoft Lync reside on
separate boxes
Microsoft Unified Communications Managed API v2.0 (UCMA) is an endpoint API that
allows advanced developers to build server applications that can interact with the Lync
environment. In a simple deployment, the UCMA is installed on the same box as Lync.
In a remote deployment, the Lync core libraries are installed on the Lync box, and the
UCMA is installed on the IIS (proxy) box.
This section includes the following:
•
Simple Deployment
•
Remote Deployment
11.2.2.1 Simple Deployment
In a simple topology, install Microsoft Unified Communications Managed API (UCMA)
2.0 on the Lync box. In this topology, WebCenter Portal's Proxy application is
deployed in the Internet Information Services (IIS) server hosted on the Lync box. The
proxy application provides web services for interacting with the Lync server, and for
sending and receiving information. WebCenter Portal talks to these web services and
presents the data.
This section includes the following:
11-2
Chapter 11
Instant Messaging and Presence Server Prerequisites
•
Installing UCMA v2.0
•
Installing WebCenter Portal's Proxy Application
11.2.2.1.1 Installing UCMA v2.0
Microsoft Unified Communications Managed API v2.0 (UCMA) is an endpoint API that
allows advanced developers to build server applications that can interact with the Lync
environment.
In a simple deployment, the UCMA is installed on the same box as Lync. In a remote
deployment, the Lync core libraries are installed on the Lync box, and the UCMA is
installed on the IIS (proxy) box.
1. Download UCMA v2.0 installation from the following location: http://
www.microsoft.com/en-us/download/details.aspx?id=9781
2. Download and run the UcmaSDKWebDownload.msi file.
Setup files are extracted to the folder C:\Microsoft Unified Communications Managed
API 2.0 SDK Installer package\amd64
3. Go to the directory (where the files from the previous step were extracted) and run
vcredist_x86.exe.
Run-time components of Visual C++ Libraries, required for UCMA APIs, are
installed.
4. Go to the directory called Setup and run UcmaRedist.msi.
UCMA 2.0 assemblies in the GAC are installed.
11.2.2.1.2 Installing WebCenter Portal's Proxy Application
1. Extract owc_ocs2007.zip. The zip file is available in WebCenter Companion
Adapters, which you can download from OTN. Navigate to the Downloads page of
WebCenter Portal, and download WebCenter Companion Adapters from under the
Prerequisites and Recommended Install Process section.
A directory named OCSWebServices is created.
2. Open the Internet Information Services (IIS) Manager.
3. Expand the server node and then Sites in the IIS Manager.
4. Right-click Lync Internal Web Site, and then select Add Application.
5. In the Add Application wizard, enter an alias for the virtual directory in the Alias
field, for example RTC.
6. Enter the path to the directory extracted from the owc_ocs2007.zip file, and then click
OK.
For example, if you extracted the zip file in C:\, then enter C:\OCSWebServices.
Alternatively, use the Browse button to navigate to that directory. Click OK.
7. Right-click the newly created application and select Edit Permissions to open the
Properties dialog.
8. In the Security tab, edit permissions to grant user Everyone read permission.
11-3
Chapter 11
Instant Messaging and Presence Server Prerequisites
9. Test the Web service by accessing the website using the following URL format:
http://localhost/lync_internal_web_site/OCSWebService.asmx.
where lync_internal_web_site is the virtual directory you created for the Oracle
RTC Web service.
For example:
http://localhost/RTC/OCSWebService.asmx
11.2.2.2 Remote Deployment
In this topology, WebCenter Portal's Proxy application is deployed on an IIS server
remote to the Lync box. That is, the IIS server and the Lync server are hosted on
separate machines.
Because this proxy application is hosted on a remote box, you must set up a trust
between the application and the Lync server. This is known as provisioning an
application. Provisioning is done through the Application Provisioner utility shipped
with Microsoft UCMA v2.0.
Figure 11-1 provides an overview of the steps (including installing UCMA v2.0) to be
performed on different deployment entities.
11-4
Chapter 11
Instant Messaging and Presence Server Prerequisites
Figure 11-1
Microsoft Lync Configuration - Remote Deployment
The details of these steps are described in the following sections.
11.2.2.2.1 Building Application Provisioner
This section lists the steps Microsoft provides for provisioning other IIS servers to
access Lync.
1. Install Visual Studio 2008 on any developer box (not necessarily IIS/Lync).
2. Install UCMA version 2.0 on the same box. The Application Provisioner application
comes with the UCMA SDK.
a. Download UCMA v2.0 installation from the following location: http://
www.microsoft.com/en-us/download/details.aspx?id=9781
11-5
Chapter 11
Instant Messaging and Presence Server Prerequisites
b. Download and run the UcmaSDKWebDownload.msi file.
Setup files are extracted to the folder C:\Microsoft Unified Communications
Managed API 2.0 SDK Installer package\amd64
c. Go to the directory where the setup files were extracted and run
vcredist_x86.exe.
Run-time components of Visual C++ Libraries, required for UCMA APIs, are
installed.
d. Go to the directory called Setup and run UcmaRedist.msi.
UCMA 2.0 assemblies in the GAC are installed.
3. Go to the directory Sample Applications\Collaboration\ApplicationProvisioner
under the location where you installed UCMA Core (for example, C:\Program Files
\Microsoft Lync 2010 R2\UCMA SDK 2.0\UCMACore\Sample Applications\Collaboration
\ApplicationProvisioner).
4. Open the application in Visual Studio 2008 and edit the Application.cs file as per
http://msdn.microsoft.com/en-us/library/gg448038.aspx.
5. Build the application using Visual Studio 2008.
This generates the ApplicationProvisioner.exe file.
6. Copy the executable file to the Lync box.
7. See the next step Provisioning WebCenter Portal's Proxy Application on Lync
Server.
11.2.2.2.2 Provisioning WebCenter Portal's Proxy Application on Lync Server
1. Run the OCSWMIBC.msi file that comes with the Lync setup package.
When a UCMA 2.0 application is deployed directly against Lync Server 2010, the
SIP domains used in the Lync Server 2010 environment must be added to the
Office Communications Server 2007 R2 SIP domain list before you run the MergeCsLegacyTopology cmdlet. The application is deployed as if it were being deployed
against OCS 2007 R2, then migrated to run against Lync Server 2010. To add the
domains, see Adding AllowedDomains Using WBemTest.
2. Run the ApplicationProvisioner.exe file, generated in the previous section.
The Application Provisioner dialog appears.
3. In the Application Provisioner dialog, enter WebCenterProxyApplication as the name
of your application for the Application name, and then click Find or Create.
4. In the Create Application Pool dialog, select the pool for your application in the
Lync Pool Fqdn list.
•
For Listening port, enter the listening port for your application (for example,
6001).
•
For Application server Fqdn, enter the fully qualified domain name (FQDN) of
the computer on which the application is deployed. (This is the IIS box.)
•
If the application is deployed on two or more computers, then select the Load
balanced application checkbox, and for Load balancer Fqdn, enter the FQDN
of the load balancer.
11-6
Chapter 11
Instant Messaging and Presence Server Prerequisites
The application pool now appears in the Application Provisioner dialog.
5. Double-click the server entry.
The View Server dialog appears. Note the information shown there; that is, Server
FQDN, port, and GRUU.
6. Migrate the newly-created trusted entry to Lync Server 2010.
See Migrating Trusted Service Entries Using Topology Builder or PowerShell
Cmdlets.
7. Create a certificate on the Lync server with the subject name as the Server FQDN
noted in the previous step using the Lync Certificate Wizard.
This certificate is used to authorize the requests coming from the IIS server.
8. After the certificate is created, view the certificate.
9. On the Details tab click Copy to File.
The Certificate Export Wizard appears.
10. Export the certificate with the private key to a file.
A .pfx (Personal Information Exchange) file with the certificate name is created.
11. See the next step Adding AllowedDomains Using WBemTest.
11.2.2.2.3 Adding AllowedDomains Using WBemTest
1. To start WBemTest.exe, type WBemTest in a command prompt window and press
Enter.
2. In the Windows Management Instrumentation Tester dialog, click Connect.
3. In the Connect dialog, click Connect.
4. In the Windows Management Instrumentation Tester dialog, click Enum Classes.
5. In the Superclass Info dialog, click OK.
6. In the Query Result dialog, scroll down to MSFT_SIPDomainData(), and double-
click this entry.
7. In the Object editor for MSFT_SIPDomainData dialog, click Instances.
The Query Result dialog appears, displaying the InstanceIDs for any instances of
the MSFT_SIPDomainData WMI class. These entries are the AllowedDomain
entries.
8. To add AllowedDomain entries, click Add.
9. In the Instance of MSFT_SIPDomainData dialog, in the Properties listbox, double-
click Address.
10. In the Property Editor dialog, select the Not NULL radio button.
11. In the Value text input pane, enter the Lync server domain; for example,
contoso.com, and click Save Property.
12. In the Instance of MSFT_SIPDomainData dialog, in the Properties listbox, double-
click Authoritative, make sure that the Authoritative property is not Null and is set
to False, and then click Save Property.
11-7
Chapter 11
Instant Messaging and Presence Server Prerequisites
13. In the Instance of MSFT_SIPDomainData dialog, in the Properties listbox, double-
click Default Domain, make sure that the Default Domain property is not Null and
is set to True, then click Save Property.
14. In the Instance of MSFT_SIPDomainData dialog, click Save Object.
15. Go to the next step Migrating Trusted Service Entries Using Topology Builder or
PowerShell Cmdlets.
11.2.2.2.4 Migrating Trusted Service Entries Using Topology Builder or PowerShell
Cmdlets
To migrate trusted service entries using Microsoft Lync Server 2010 Topology Builder:
1.
Launch Microsoft Lync Server 2010, Topology Builder.
2.
After the existing topology is loaded, under Action, select Merge 2007 or 2007 R2
Topology.
3.
Go through the resulting wizard, keeping the default options.
4.
Select Publish Topology and complete the wizard, as in the previous step.
5.
After the wizard has finished, check that it completed successfully.
There should be no errors in the user interface.
To migrate trusted service entries using Microsoft Lync Server 2010 PowerShell
Cmdlets:
1. From the Start menu, in the Microsoft Lync Server 2010 program group, open Lync
Server Management Shell.
2. Run the following PowerShell cmdlet:
Merge-CsLegacyTopology -TopologyXmlFileName D:\output.xml
3. Run the following PowerShell cmdlet:
Publish-CsTopology -FileName D:\output.xml
See IIS Server Configuration.
11.2.2.2.5 IIS Server Configuration
Because the IIS server hosts WebCenter Portal's Proxy application in the remote
deployment scenario, use the information from the previous section to make it a
trusted authority.
1. Install the certificate issued by the Lync server with the private key: Copy the .pfx
file generated in Provisioning WebCenter Portal's Proxy Application on Lync Server
to the IIS box, and double-click it.
The Certificate Import wizard appears.
2. Import the certificate in Personal Folder under LOCAL_MACHINE
3. Make an entry in C:/WINDOWS/system32/drivers/etc/hosts for the pool name of the
Lync server as follows:
<ip-address-of-lync-box> <poolname-of-lync-box>
For example:
11-8
Chapter 11
Instant Messaging and Presence Server Prerequisites
10.177.252.146 pool01.example.com
4. Because the IIS server hosts WebCenter Portal's Proxy application, install
Microsoft UCMA v2.0 on it.
a. Download UCMA v2.0 installation from the following location: http://
www.microsoft.com/en-us/download/details.aspx?id=9781
b. Download and run the UcmaSDKWebDownload.msi file.
Setup files are extracted to the folder C:\Microsoft Unified Communications
Managed API 2.0 SDK Installer package\amd64
c. Go to the directory where the setup files were extracted and run
vcredist_x86.exe.
Run-time components of Visual C++ Libraries, required for UCMA APIs, are
installed.
d. Go to the directory called Setup and run UcmaRedist.msi.
UCMA 2.0 assemblies in the GAC are installed.
5. After UCMA is installed, deploy this proxy application on the IIS server.
WebCenter Portal's Proxy application provides web services for interacting with
Lync, and for sending and receiving information. WebCenter Portal talks to these
web services and presents the data. For detailed information, see Installing
WebCenter Portal's Proxy Application.
6. Go to the location where WebCenter Portal's Proxy application was extracted, and
open Web.config and edit the appSettings XML node to add the values noted in Step
7 in the previous section (Section 12.2.2.2.5, "IIS Server Configuration").
Make sure to set the value for RemoteDeployment to true. For example, the
appsettings XML node should look somewhat like this.
<appSettings>
<add key="ApplicationName" value="WebCenterProxyApplication"/>
<add key="RemoteDeployment" value="true"/>
<add key="ApplicationFQDN" value="iis.server.com"/>
<add key="ApplicationGRUU"
value="sip:iis.server.com@EXAMPLE.COM;gruu;opaque=srvr:WebCenterProxyApplication:
7mhSo94PlUK-5Q2bKPLyMAAA"/>
<add key="ApplicationPort" value="6001"/>
</appSettings>
11-9
Chapter 11
Registering Instant Messaging and Presence Servers
Note:
If you see the following exception in the log file:
ErrorCode = -2146893039
FailureReason = NoAuthenticatingAuthority
e.Message = "Unable to perform authentication of credentials."
base {Microsoft.Rtc.Signaling.FailureResponseException} = {"Unable to
perform authentication of credentials."}
InnerException = {"NegotiateSecurityAssociation failed, error: \-2146893039"}
then add the following entry to Web.config:
<identity impersonate="true" userName="Administrator"
password="MyPassword*"/>
where username is the administrator's user name, and password is the
administrator's password.
The trust is established, and WebCenter Portal's Proxy application can talk to the Lync
server.
11.2.3 Microsoft Lync - Security Considerations
You must configure an external application for Microsoft Lync connections so that
users can supply credentials to authenticate themselves on the Lync server.
With a secured application, users get presence status. With Lync, if security is
required, then Lync should be on a private trusted network.
Lync provides an option for changing external credentials, which works as an
alternative to using an external application. A logged-in user can click any Presence
tag and select Change Credentials from the menu.
For more information, see Registering Instant Messaging and Presence Servers Using
Fusion Middleware Control.
11.3 Registering Instant Messaging and Presence Servers
You can register multiple presence server connections with WebCenter Portal, but
only one of them is active at a time.
To start using the new (active) presence server you must restart the managed server
on which WebCenter Portal is deployed.
This section includes the following subsections:
•
Registering Instant Messaging and Presence Servers Using Fusion Middleware
Control
•
Registering Instant Messaging and Presence Servers Using WLST
11-10
Chapter 11
Registering Instant Messaging and Presence Servers
11.3.1 Registering Instant Messaging and Presence Servers Using
Fusion Middleware Control
To register a presence server connection:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings > Service Configuration.
3. On the WebCenter Portal Service Configuration page, select Instant Messaging
and Presence.
4. To connect to a new presence server, click Add.
Figure 11-2
Configuring Instant Messaging and Presence
5. Enter a unique name for this connection, specify the presence server type, and
indicate whether this connection is the active (or default) connection for the
application.
Table 11-1
Instant Messaging and Presence Connection - Name
Field
Description
Connection Name
Enter a unique name for the connection. The name must be
unique (across all connection types) within WebCenter
Portal.
Connection Type
Specify the type of presence server:
Note: Microsoft Lync connections use the Microsoft Office
Communications Server 2010 connection type. (Oracle
Beehive Server connections are not supported in this
release.)
Active Connection
Select to use this connection in WebCenter Portal for instant
messaging and presence.
While you can register multiple presence server connections
for an application, only one connection is used by IMP—the
default (or active) connection.
6. Enter connection details for the server hosting instant messaging and presence.
11-11
Chapter 11
Registering Instant Messaging and Presence Servers
Table 11-2
Details
Instant Messaging and Presence Connection - Connection
Field
Description
Server URL
Enter the URL of the server hosting instant messaging and
presence.
For example: http://mylynchost.com:8888
User Domain
Enter the name of the Active Directory domain (on the
Microsoft Office Communications Server) that is associated
with this connection. The user domain is mandatory for Lync
connections.
Refer to Microsoft documentation for details on the user
domain.
Pool Name
Enter the name of the pool that is associated with this
connection. The pool name is mandatory.
Refer to Microsoft documentation for details on the pool
name.
Associated External
Application
Associate the instant messaging and presence server with an
external application. External application credential
information is used to authenticate users against the instant
messaging and presence server.
An external application is mandatory.
You can select an existing external application from the list,
or click Create New to configure a new external application.
The external application you configure for instant messaging
and presence must use the POST authentication method, and
specify an additional field named Account (Name property)
that is configured to Display to User (checked).
7. Enter a timeout in the Advanced Configuration field.
Table 11-3 Instant Messaging and Presence Connection - Advanced
Configuration
Field
Description
Connection Timeout
(seconds)
Specify a suitable timeout for the connection.
This is the length of time (in seconds) WebCenter Portal
waits for a response from the presence server before issuing
a connection timeout message.
The default is -1 which means that the default is used. The
default is 10 seconds.
8. Sometimes, additional parameters are required to connect to the presence server.
If additional parameters are required to connect to the presence server, expand
Additional Properties and enter details as required.
11-12
Chapter 11
Choosing the Active Connection for Instant Messaging and Presence
Table 11-4
Properties
Instant Messaging and Presence Connection - Additional
Field
Description
Add
Click Add to specify an additional connection parameter:
•
•
•
Property Name -Enter the name of the connection
property.
Property Value - Enter the default value for the
property.
Is Property Secured - Indicate whether encryption is
required. When selected, the property value is stored
securely using encryption.
For example, select this option to secure the
admin.password property where the value is the actual
password.
Delete
Click Delete to remove a selected property.
Select the correct row before clicking Delete.
Note: Deleted rows appear disabled until you click OK.
9. Click OK to save this connection.
10. To start using the new (active) connection you must restart the managed server on
which WebCenter Portal is deployed.
11.3.2 Registering Instant Messaging and Presence Servers Using
WLST
Use the WLST command createIMPConnection to create a presence server connection.
For command syntax and examples, see createIMPConnection in WebCenter WLST
Command Reference.
To configure instant messaging and presence to actively use a new IMP connection,
set default=true. For more information, see Choosing the Active Connection for
Instant Messaging and Presence Using WLST.
Note:
To start using the new (active) connection you must restart the managed
server on which WebCenter Portal is deployed.
11.4 Choosing the Active Connection for Instant Messaging
and Presence
You can register multiple instant messaging and presence server connections with
WebCenter Portal, but only one connection is active at a time. The active connection
becomes the back-end presence server for WebCenter Portal.
This section includes the following subsections:
11-13
Chapter 11
Choosing the Active Connection for Instant Messaging and Presence
•
Choosing the Active Connection for Instant Messaging and Presence Using
Fusion Middleware Control
•
Choosing the Active Connection for Instant Messaging and Presence Using WLST
11.4.1 Choosing the Active Connection for Instant Messaging and
Presence Using Fusion Middleware Control
To change the active connection:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings > Service Configuration.
3. On the WebCenter Portal Services Configuration page, select Instant Messaging
and Presence.
The Manage Instant Messaging and Presence Connections table indicates the
current active connection, if any.
4. Select the connection you want to make the active (or default) connection, and then
click Edit.
5. Select the Active Connection check box.
6. Click OK to update the connection.
7. To start using the new (active) connection, restart the managed server on which
WebCenter Portal is deployed.
11.4.2 Choosing the Active Connection for Instant Messaging and
Presence Using WLST
Use the WLST command setIMPConnection with default=true to activate an existing
presence server connection. For command syntax and examples, see
setIMPConnection in WebCenter WLST Command Reference.
To disable a presence server connection, either delete it, make another connection the
'active connection,' or use the removeIMPServiceProperty command:
removeIMPServiceProperty('appName='webcenter', property='selected.connection')
Using this command, connection details are retained but the connection is no longer
named as an active connection. For more information, see removeIMPServiceProperty
in WebCenter WLST Command Reference.
Note:
To start using this active connection you must restart the managed server on
which WebCenter Portal is deployed.
11-14
Chapter 11
Modifying Instant Messaging and Presence Connection Details
11.5 Modifying Instant Messaging and Presence Connection
Details
You can modify instant messaging and presence server connection details at any time.
To start using an updated (active) connection you must restart the managed server on
which WebCenter Portal is deployed.
This section includes the following subsections:
•
Modifying Instant Messaging and Presence Connections Details Using Fusion
Middleware Control
•
Modifying Instant Messaging and Presence Connections Details Using WLST
11.5.1 Modifying Instant Messaging and Presence Connections
Details Using Fusion Middleware Control
To update connection details for an instant messaging and presence server:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings > Service Configuration.
3. On the WebCenter Portal Service Configuration page, select Instant Messaging
and Presence.
4. Select the connection name, and click Edit.
5. Edit connection details, as required.
For detailed parameter information, see Table 11-2.
6. Click OK to save your changes.
7. To start using the updated (active) connection you must restart the managed server
on which WebCenter Portal is deployed.
11.5.2 Modifying Instant Messaging and Presence Connections
Details Using WLST
Use the WLST command setIMPConnection to edit presence server connection details.
For command syntax and examples, see setIMPConnection in WebCenter WLST
Command Reference.
If additional parameters are required to connect to your presence server, then use the
setIMPConnectionProperty command. For more information, see
setIMPConnectionProperty in WebCenter WLST Command Reference.
11-15
Chapter 11
Deleting Instant Messaging and Presence Connections
Note:
To start using the updated (active) connection you must restart the managed
server on which WebCenter Portal is deployed.
11.6 Deleting Instant Messaging and Presence Connections
You can delete instant messaging and presence connections at any time, but use
caution when deleting the active connection. When you delete the active connection,
user presence options are not available, as these require a back-end instant
messaging and presence server.
When you delete a connection, consider deleting the external application associated
with instant messaging and presence if the application's sole purpose was to support
it. For more information, see Deleting External Application Connections.
This section includes the following subsections:
•
Deleting Instant Messaging and Presence Connections Using Fusion Middleware
Control
•
Deleting Instant Messaging and Presence Connections Using WLST
11.6.1 Deleting Instant Messaging and Presence Connections Using
Fusion Middleware Control
To delete an instant messaging and presence server connection:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings > Service Configuration.
3. On the WebCenter Portal Service Configuration page, select Instant Messaging
and Presence.
4. Select the connection name, and click Delete.
5. Restart the managed server on which WebCenter Portal is deployed.
Note:
Before restarting the managed server, mark another connection as active;
otherwise, Instant Messaging and Presence is disabled.
11.6.2 Deleting Instant Messaging and Presence Connections Using
WLST
Use the WLST command deleteConnection to remove a presence server connection.
For command syntax and examples, see deleteConnection in WebCenter WLST
Command Reference.
11-16
Chapter 11
Setting Up Instant Messaging and Presence Defaults
For information on how to run WLST commands, see Running Oracle WebLogic
Scripting Tool (WLST) Commands.
11.7 Setting Up Instant Messaging and Presence Defaults
Use the WLST command setIMPServiceProperty to set defaults for IMP:
•
selected.connection: Connection used by instant messaging and presence.
•
rtc.cache.time: Cache timeout for instant messaging and presence data.
•
resolve.display.name.from.user.profile: Determines what to display if user display
names are missing. When set to 0, and display name information is unavailable,
only the user name displays in the application. When set to 1, and display name
information is unavailable, display names are read from user profile data. Setting
this option to 1 impacts performance. The default setting is 0.
Display names are not mandatory in presence data. If the application does not
always provide display names by default and you consider this information
important, set resolve.display.name.from.user.profile to 1 so that display names
always display.
•
im.address.resolver.class: Resolver implementation used to map user names to
IM addresses and IM addresses to user names. The default setting is
oracle.webcenter.collab.rtc.IMPAddressResolverImpl. This implementation looks
for IM addresses in the following places and order:
•
–
User Preferences
–
User Credentials
–
User Profiles
im.address.profile.attribute: User profile attribute used to determine a user's IM
address. The default setting is BUSINESS_EMAIL. Users can change this default with
im.address.profile.attribute.
For command syntax and detailed examples, see setIMPServiceProperty in
WebCenter WLST Command Reference.
11.8 Testing Instant Messaging and Presence Connections
Oracle RTC web services expose a set of web methods that you can invoke to test
validity. To verify a connection, try accessing the web service endpoints. The following
examples assume the application context path is /RTC:
•
protocol://host/RTC/ApplicationConfigurationService.asmx
•
protocol://host/RTC/RTCService.asmx
•
protocol://host/RTC/OCSWebService.asmx
11-17
Chapter 11
Testing Instant Messaging and Presence Connections
11-18
12
Managing Mail
This chapter describes how to configure and manage mail for WebCenter Portal. It
also describes how to configure the "Send Mail" feature, which allows application
assets to send mail directly from them. The Send Mail feature does not require mail.
That is, even if the Mail component has not been configured in WebCenter Portal,
users can send mail notifications.
Note:
Beginning with 12c (12.2.1.3.0), Oracle WebCenter Portal has deprecated
support for Jive features (announcements and discussions). If you are
upgrading from a prior release, these features remain available in your existing
installations that are being upgraded.
Always use Fusion Middleware Control or WLST command-line tool to review and
configure back-end servers for WebCenter Portal. Any changes that you make to postdeployment, are stored in MDS metatdata store as customizations.
This chapter includes the following topics:
•
About Mail Server Connections
•
Configuration Roadmap for Mail
•
Mail Server Prerequisites
•
Registering Mail Servers
•
Choosing the Active (or Default) Mail Server Connection
•
Modifying Mail Server Connection Details
•
Deleting Mail Server Connections
•
Setting Up Mail Defaults
•
Testing Mail Server Connections
•
Configuring Send Mail Notifications for WebCenter Portal
12-1
Chapter 12
About Mail Server Connections
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role granted through WebCenter Portal Administration.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
For troubleshooting issues with mail, see Troubleshooting Issues with Mail.
12.1 About Mail Server Connections
Oracle WebCenter Portal supports the Microsoft Exchange Server or any mail server
that supports IMAP4 and SMTP. To enable users to access mail and perform basic
operations such as read, reply, and forward within WebCenter Portal, you must first
register the appropriate mail server. Mail is not configured out-of-the-box.
You can register multiple mail server connections.
WebCenter Portal supports multiple mail connections. The mail connection marked
active is the default connection for mail in WebCenter Portal. All additional connections
are offered as alternatives; users can choose which one they want to use through user
preferences.
12.2 Configuration Roadmap for Mail
Use the roadmap in this section as an administrator's guide through the configuration
process:
Figure 12-1 and Table 12-1 provide an overview of the prerequisites and tasks
required for mail to work in WebCenter Portal.
12-2
Chapter 12
Mail Server Prerequisites
Figure 12-1
Table 12-1
Configuring Mail
Configuring Mail for WebCenter Portal
Actor
Task
Link
Administrator
1. Install WebCenter Portal and the required
mail server. For Microsoft Exchange Server
2007, 2010, or 2013, perform additional
configuration.
See Mail Server - Installation
andConfiguring Microsoft
Exchange Server 2007, 2010,
or 2013 for WebCenter Portal
Administrator
2. Configure a connection between
WebCenter Portal and your mail server -associating the mail server with an external
application -- using one of the following tools:
Registering Mail Servers
•
•
Fusion Middleware Control
WLST
Application
Specialist
3. Add the Mail task flow to a portal page.
Application
Specialist/En
d User
4. Access mail with one of the following
methods:
•
•
Click Login to Mail on a Mail task flow,
and enter your login credentials for the
mail server
Navigate to the Preferences - Mail page
and specify your mail credentials
Adding the Mail Task Flow to
a Page in Building Portals
with Oracle WebCenter Portal
See:
•
•
Logging in to a Mail Task
Flow in Building Portals
with Oracle WebCenter
Portal
Selecting Your Preferred
Mail Connection in Using
Portals in Oracle
WebCenter Portal
12.3 Mail Server Prerequisites
This section includes the following subsections:
12-3
Chapter 12
Mail Server Prerequisites
•
Mail Server - Installation
•
Mail Server - Configuration
•
Mail Server - Security Considerations
•
Mail Server - Limitations
12.3.1 Mail Server - Installation
See your mail server documentation for installation information.
12.3.2 Mail Server - Configuration
You can allow WebCenter Portal to create and manage portal distribution lists. This
feature is supported only with Microsoft Exchange.
If enabled, a portal distribution list is created automatically whenever a portal is
created. Users added or removed from the portal are implicitly added or removed from
the corresponding portal distribution list, provided that the LDAP Base DN does not
change (only one LDAP Base DN is supported) and that users created on Microsoft
Exchange Active Directory correspond with users created in the identity store used by
WebCenter Portal. To disable this feature, do not enter the LDAP (Active Directory)
server details in the mail connection.
For information about adding users on a mail server, see the mail server's product
documentation. For information about adding users to WebCenter Portal's identity
store, see Adding Users to the Embedded LDAP Identity Store.
Microsoft Exchange 2007, Microsoft Exchange 2010, and Microsoft Exchange 2013
are the only mail servers for which there are configuration prerequisites. If you are
working with a different mail server, then you can bypass the rest of this section.
12.3.2.1 Configuring Microsoft Exchange Server 2007, 2010, or 2013 for
WebCenter Portal
The Microsoft Exchange Server 2007, 2010, or 2013 certificate must be added to the
WebCenter Portal keystore. This requires the following steps.
1. Obtain the Certificate from the Microsoft Exchange Server
2. Add the Certificate to the WebCenter Portal Keystore
3. Restart the server after the certificate is imported.
12.3.2.1.1 Obtain the Certificate from the Microsoft Exchange Server
Obtain the certificate from your mail server installation administrator. This section
describes one way to get the certificate from the Microsoft Exchange Server.
Follow these steps to obtain the certificate from a Microsoft Exchange Server 2007,
2010, or 2013:
1. Open a browser and connect to your IMAP server with the following command:
https://host_name/owa
Where host_name is the name of the Microsoft Exchange Server.
12-4
Chapter 12
Mail Server Prerequisites
2. Place your cursor on the page, right-click, and select Properties, then click
Certificate.
3. In the popup window, click the Details tab, and click Copy to File...
Be sure to use the DER encoded binary (X.509) format, and copy to a file.
4. Convert the .DER format certificate to .PEM format.
Note:
WebLogic only recognizes .PEM format.
Use Firefox 3.0 or later to download the certificate directly to .PEM format. For
other browsers, use the WebLogic Server der2pem tool to convert to .PEM format.
For more information about der2pem, see der2pem in Command Reference for
Oracle WebLogic Server.
12.3.2.1.1.1 Add the Certificate to the WebCenter Portal Keystore
1. Import the downloaded certificate into the keystore, which is generally the file
named cacerts in the JAVA_HOME. For example:
keytool -import -alias imap_cer -file cert_file.cer -keystore cacerts -storepass
changeit
Where cert_file is the name of the certificate file you downloaded. In a standard
installation, the JAVA_HOME is in the following location:
/scratch/wcinstall/ps2/1225/wlshome/jrockit_160_17_R28.0.0-616
See Configuring and Exporting the Certificates, for information about adding the
certificate to the keystore.
2. Restart the server.
12.3.2.1.1.1.1 Microsoft Exchange Server Considerations
•
The IMAP port is 993 and secured true. SMTP port is 587 and secured true.
•
If you see the following error, then you must change the trust store entry in the
domain startup file setDomainEnv.sh:
Caused by: java.io.IOException: Keystore was tampered with, or password was
incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
at java.security.KeyStore.load(KeyStore.java:1185)
at com.sun.net.ssl.internal.ssl.TrustManagerFactoryImpl.getCacertsKeyStore
(TrustManagerFactoryImpl.java:202)
at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.getDefaultTrustManager
(DefaultSSLContextImpl.java:70)
To change the entry:
1.
Shutdown the managed server on which WebCenter Portal is deployed.
2.
Edit the domain startup script setDomainEnv located at:
12-5
Chapter 12
Registering Mail Servers
UNIX: DOMAIN_HOME/bin/setDomainEnv.sh
Windows: DOMAIN_HOME\bin\setDomainEnv.cmd
3.
Add the Java property, as follows:
-Djavax.net.ssl.trustStore=<path to truststore> Djavax.net.ssl.trustStorePassword=<truststore password>
For example:
set JAVA_PROPERTIES=
-Dplatform.home=%WL_HOME% -Dwls.home=%WLS_HOME% -Dweblogic.home=%WLS_HOME%
-Djavax.net.ssl.trustStore=C:\jive\mailtool\jssecacerts
-Djavax.net.ssl.trustStorePassword=changeit
4.
Restart the managed server.
12.3.3 Mail Server - Security Considerations
For more information, see Securing the WebCenter Portal Connection to IMAP and
SMTP with SSL.
Note:
If LDAP is configured to run in secure mode, then add the LDAP Secured
property (set to true/false) to use LDAP while creating distribution lists. For
more information, see Table 12-4.
12.3.4 Mail Server - Limitations
In WebCenter Portal, mail requires a Microsoft Exchange mail server connection to
enable automatic WebCenter Portal distribution list management.
12.4 Registering Mail Servers
You can register multiple mail server connections. To start using the new mail
connections you must restart the managed server on which WebCenter Portal is
deployed.
This section includes the following subsections:
•
Registering Mail Servers Using Fusion Middleware Control
•
Registering Mail Servers Using WLST
12.4.1 Registering Mail Servers Using Fusion Middleware Control
To register a mail server with WebCenter Portal:
1. Log in to Fusion Middleware Control and navigate to the home page for the
WebCenter Portal.
2. From the WebCenter Portal menu, select Settings > Service Configuration.
12-6
Chapter 12
Registering Mail Servers
3. On the WebCenter Portal Service Configuration page, select Mail Server.
4. To connect to a new mail server, click Add.
Figure 12-2
Configuring Mail Servers
5. Enter a unique name for this connection, and indicate whether this connection is
the active (or default) connection for the application.
Table 12-2
Mail Server Connection - Name
Field
Description
Connection Name
Enter a unique name for the connection. The name must be
unique (across all connection types) within WebCenter
Portal.
Active Connection
Select to indicate whether this connection is the default (or
active) connection for mail.
You can register multiple mail server connections:
WebCenter Portal supports multiple mail connections. The
mail connection marked active is the default connection for
mail. All additional connections are offered as alternatives;
users can choose which one they want to use through user
preferences.
6. Enter connection details for the mail server.
Table 12-3
Mail Server Connection Details
Field
Description
IMAP Host
Enter the host name of the computer where IMAP (Internet
Message Access Protocol) is running.
IMAP Port
Enter the port on which IMAP listens.
IMAP Secured
Indicate whether a secured connection (SSL) is required for
incoming mail over IMAP.
SMTP Host
Enter the host name of the computer where SMTP (Simple
Mail Transfer Protocol) is running.
SMTP Port
Enter the port on which SMTP listens.
SMTP Secured
Indicate whether a secured connection (SSL) is required for
outgoing mail over SMTP.
12-7
Chapter 12
Registering Mail Servers
Table 12-3
(Cont.) Mail Server Connection Details
Field
Description
Associated External
Application
Associate the mail server with an external application.
External application credential information is used to
authenticate users against the IMAP and SMTP servers. Mail
uses the same credentials to authenticate the user on both
IMAP and SMTP.
You can select an existing external application from the list,
or click Create New to configure a new external application.
For more information, see Managing External Applications.
The external application for mail must use Authentication
Method=POST, and you can customize some mail header
fields (with Display to User enabled):
•
Property: mail.user.emailAddress (who the mail is
from)
Property: mail.user.displayName (display name from
the mail)
Property: mail.user.replyToAddress (address used to
reply to the mail)
These properties ensure that a specific mail address is the
same in the external application and in the mail server. They
are added to the mail connection and are used by mail for the
From, Display Name and Reply To fields (Figure 12-3). See
Table 12-7 for Additional Properties configuration.
If your application offers a self-registration page with the
facility to mail user ID information on request, then you must
ensure that public credentials are configured for the external
application selected here. If public credentials are not
defined, then mail cannot be sent to users on their request.
WebCenter Portal, for example, offers this feature on its
default self-registration page.
7. Specify LDAP connection details for the Active Directory server managing
WebCenter Portal distribution lists (Table 12-4).
WebCenter Portal supports Microsoft Exchange where distribution lists are
managed on an Active Directory server.
Note:
Active Directory server details must be provided as part of the mail connection
for distribution lists to work in WebCenter Portal.
Table 12-4
LDAP Directory Server Configuration Parameters
Field
Description
LDAP Host
Enter the host name of the computer where the LDAP
directory server (Lightweight Directory Access Protocol) is
running.
LDAP Port
Enter the port on which the LDAP directory server listens.
12-8
Chapter 12
Registering Mail Servers
Table 12-4
(Cont.) LDAP Directory Server Configuration Parameters
Field
Description
LDAP Base DN
Enter the base distinguished name for the LDAP schema. For
example, CN=Users,DC=oracle,DC=com.
LDAP Domain
Enter the domain appended to distribution list names.
For example, if the domain value is set to example.com, then
a portal named Finance Project maintains a distribution list
named FinanceProject@example.com.
LDAP Administrator User
Name
Enter the user name of the LDAP directory server
administrator.
A valid user with privileges to make entries into the LDAP
schema.
LDAP Administrator
Password
Enter the password for the LDAP directory server
administrator.
The password is stored in a secured store.
LDAP Default User
Enter a comma-delimited list of user names to whom you
want to grant moderation capabilities. These users become
members of every portal distribution list that is created. The
users specified must exist in the base LDAP schema
(specified in the LDAP Base DN field).
LDAP Secured
Indicate whether a secured connection (SSL) is required
between WebCenter Portal and the LDAP directory server.
8. Configure advanced options for the mail server connection.
Table 12-5
Mail Server Connection - Advanced Configuration
Field
Description
Connection Timeout
(seconds)
Specify a suitable timeout for the connection.
This is the length of time (in seconds) WebCenter Portal
waits for a response from the mail server before issuing a
connection timeout message.
The default is -1, which means that the default is used. The
default is 10 seconds.
9. Optionally, you can add more parameters to the mail server connection.
Table 12-6
Additional Mail Connection Properties
Additional Connection Description
Property
charset
Characterset used on the connection.
The default charset is UTF-8. To use a different characterset,
such as ISO-8859-1, set the charset connection property.
12-9
Chapter 12
Registering Mail Servers
Table 12-6
(Cont.) Additional Mail Connection Properties
Additional Connection Description
Property
Various IMAP
properties
Any valid IMAP connection property. For example,
mail.imap.connectionpoolsize.
For a list of valid protocol properties, see your mail server
documentation. For a list of standard IMAP properties, see the
Java Mail APIs:
https://javamail.java.net/nonav/docs/api/com/sun/mail/
imap/package-summary.html
Various SMTP
properties
Any valid SMTP connection property. For example,
mail.smtp.timeout.
For a list of valid protocol properties, see your mail server
documentation. For a list of standard SMTP properties, see the
Java Mail APIs:
https://javamail.java.net/nonav/docs/api/com/sun/mail/
smtp/package-summary.html
If additional parameters are required to connect to the mail server, expand
Additional Properties and enter details as required.
Table 12-7
Mail Connection - Additional Properties
Field
Description
Add
Click Add to specify an additional connection parameter:
•
•
•
Property Name -Enter the name of the connection
property.
Property Value - Enter the default value for the
property.
Is Property Secured - Indicate whether encryption is
required. When selected, the property value is stored
securely using encryption.
For example, select this option to secure the
admin.password property where the value is the actual
password.
Delete
Click Delete to remove a selected property.
Select the correct row before clicking Delete.
Note: Deleted rows appear disabled until you click OK.
Figure 12-3
Additional Properties for Mail Connection
12-10
Chapter 12
Registering Mail Servers
10. Click OK to save this connection.
11. To start using the new (active) connection, restart the managed server on which
WebCenter Portal is deployed.
12.4.2 Registering Mail Servers Using WLST
Use the WLST command createMailConnection to create a mail server connection. For
command syntax and examples, see createMailConnection in WebCenter WLST
Command Reference.
Use the WLST command setMailConnectionProperty to add additional required
properties through your external application. The external application for mail must use
Authentication Method=POST, and you can customize some mail header fields (with
Display to User enabled). For example:
setMailConnectionProperty(appName='webcenter', name='NotificationSharedConn',
key='mail.user.emailAddress', value='john.doe@example.com')
setMailConnectionProperty(appName='webcenter', name='NotificationSharedConn',
key='mail.user.displayName', value='John Doe')
setMailConnectionProperty(appName='webcenter', name='NotificationSharedConn',
key='mail.user.replyToAddress', value='feedback@example.com')
where:
•
mail.user.emailAddress = Email Address ('From' from the mail)
•
mail.user.displayName = Your Name (display name from the mail)
•
mail.user.replyToAddress = Reply-To Address (address when replying to the mail)
These properties ensure that a specific mail address is the same in the external
application and in the mail server. These properties are added to the Mail connection
and are used by mail for the From, Display Name and Reply To fields.
For Exchange 2007 only, create an universal distribution list which means that the
default property value of 2 should be updated to 8. Specify a value of 8 for the mail
property mail.exchange.dl.group.type, as follows:
setMailServiceProperty(appName='webcenter', property='mail.exchange.dl.group.type',
value='8')
If your application offers a self-registration page with the facility to mail user ID
information on request, then you must ensure that public credentials are configured for
the external application selected here. If public credentials are not defined, then mail
cannot be sent to users on their request. WebCenter Portal offers this feature on its
default self-registration page.
For command syntax and examples, see setMailConnectionProperty in WebCenter
WLST Command Reference.
To configure mail to use the new mail server connection as its default connection, set
default=true. For more information, see Choosing the Active (or Default) Mail Server
Connection Using WLST.
12-11
Chapter 12
Choosing the Active (or Default) Mail Server Connection
Note:
To start using new connections you must restart the managed server on which
WebCenter Portal is deployed.
12.5 Choosing the Active (or Default) Mail Server
Connection
You can register multiple mail server connections with WebCenter Portal, but only one
connection can be designated as the default connection. The default connection
becomes the back-end mail server for:
•
Mail task flows
•
WebCenter Portal distribution lists
•
Anywhere there is a Send Mail icon
This section includes the following subsections:
•
Choosing the Active (or Default) Mail Server Connection Using Fusion Middleware
Control
•
Choosing the Active (or Default) Mail Server Connection Using WLST
12.5.1 Choosing the Active (or Default) Mail Server Connection Using
Fusion Middleware Control
To change the default connection:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings > Service Configuration.
3. On the WebCenter Portal Services Configuration page, select Mail Server.
The Manage Mail Server Connections table indicates the current active connection,
if any.
Figure 12-4
Mail Server - Active Connection
12-12
Chapter 12
Modifying Mail Server Connection Details
4. Select the connection you want to make the active (or default) connection, and then
click Edit.
5. Select the Active Connection check box.
6. Click OK to update the connection.
7. To start using the new default connection you must restart the managed server on
which WebCenter Portal is deployed.
12.5.2 Choosing the Active (or Default) Mail Server Connection Using
WLST
Use the WLST command setMailConnection with default=true to make an existing mail
server connection the default connection for mail. For command syntax and examples,
see setMailConnection in WebCenter WLST Command Reference.
A connection does not cease to be the default connection for mail if you change the
default argument from true to false.
To disable a mail connection, either delete it, make another connection the 'active
connection', or use the removeMailServiceProperty command:
removeMailServiceProperty(appName='webcenter', property='selected.connection')
Using this command, connection details are retained but the connection is no longer
named as an active connection. For more information, see removeMailServiceProperty
in WebCenter WLST Command Reference.
Note:
To start using the active connection you must restart the managed server on
which WebCenter Portal is deployed.
12.6 Modifying Mail Server Connection Details
You can modify mail server connection details at any time.
To start using updated mail connections you must restart the managed server on
which WebCenter Portal is deployed.
This section includes the following subsections:
•
Modifying Mail Server Connection Details Using Fusion Middleware Control
•
Modifying Mail Server Connection Details Using WLST
12.6.1 Modifying Mail Server Connection Details Using Fusion
Middleware Control
To update mail server connection details:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
12-13
Chapter 12
Modifying Mail Server Connection Details
For more information, see Navigating to the Home Page for WebCenter Portal
2. From the WebCenter Portal menu, select Settings > Service Configuration.
3. On the WebCenter Portal Service Configuration page, select Mail Server
4. Select the connection name, and click Edit.
5. Edit connection details, as required.
Table 12-8
Mail Server Connection Details
Field
Description
IMAP Host
Enter the host name of the computer where IMAP (Internet
Message Access Protocol) is running.
IMAP Port
Enter the port on which IMAP listens.
IMAP Secured
Indicate whether a secured connection (SSL) is required for
incoming mail over IMAP.
SMTP Host
Enter the host name of the computer where SMTP (Simple
Mail Transfer Protocol) is running.
SMTP Port
Enter the port on which SMTP listens.
SMTP Secured
Indicate whether a secured connection (SSL) is required for
outgoing mail over SMTP.
Associated External
Application
Associate the mail server with an external application.
External application credential information is used to
authenticate users against the IMAP and SMTP servers. Mail
uses the same credentials to authenticate the user on both
IMAP and SMTP.
You can select an existing external application from the list,
or click Create New to configure a new external application.
For more information, see Managing External Applications.
The external application for mail must use Authentication
Method=POST, and you can customize some mail header
fields (with Display to User enabled):
•
Property: mail.user.emailAddress (who the mail is
from)
Property: mail.user.displayName (display name from
the mail)
Property: mail.user.replyToAddress (address used to
reply to the mail)
These properties ensure that a specific mail address is the
same in the external application and in the mail server. They
are added to the mail connection and are used by mail for the
From, Display Name and Reply To fields (Figure 12-3). See
Table 12-7 for Additional Properties configuration.
If your application offers a self-registration page with the
facility to mail user ID information on request, then you must
ensure that public credentials are configured for the external
application selected here. If public credentials are not
defined, then mail cannot be sent to users on their request.
WebCenter Portal, for example, offers this feature on its
default self-registration page.
12-14
Chapter 12
Deleting Mail Server Connections
6. Click OK to save your changes.
7. To start using updated connection details, restart the managed server on which
WebCenter Portal is deployed.
12.6.2 Modifying Mail Server Connection Details Using WLST
Use the WLST command setMailConnection to edit existing mail server connection
details. For command syntax and examples, see setMailConnection in WebCenter
WLST Command Reference.
If additional parameters are required to connect to your mail server, use the
setMailConnectionProperty command. For more information, see
setMailConnectionProperty in WebCenter WLST Command Reference.
Note:
To start using the updated connections you must restart the managed server
on which WebCenter Portal is deployed.
12.7 Deleting Mail Server Connections
You can delete mail server connections at any time, but use caution when deleting the
active (or default) connection. If you delete the active connection, Mail task flows do
not work, as they all require a back-end mail server.
When you delete a connection, consider deleting the external application associated
with the mail server connection if the application's sole purpose was to support this
connection. For more information, see Deleting External Application Connections.
This section includes the following subsections:
•
Deleting a Mail Connection Using Fusion Middleware Control
•
Deleting a Mail Connection Using WLST
12.7.1 Deleting a Mail Connection Using Fusion Middleware Control
To delete a mail server connection:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings > Service Configuration.
3. On the WebCenter Portal Services Configuration page, select Mail Server.
4. Select the connection name, and click Delete.
5. To make this change, restart the managed server on which WebCenter Portal is
deployed.
12-15
Chapter 12
Setting Up Mail Defaults
Note:
Before restarting the managed server, mark another connection as active;
otherwise, mail is disabled.
12.7.2 Deleting a Mail Connection Using WLST
Use the WLST command deleteConnection to remove a mail server connection. For
command syntax and examples, see deleteConnection in WebCenter WLST
Command Reference.
12.8 Setting Up Mail Defaults
Use the WLST command setMailServiceProperty to set defaults for mail:
•
address.delimiter: Defines the delimiter that is used to separate multiple mail
addresses. A comma is used by default.
Some mail servers require mail addresses in the form lastname, firstname and, in
such cases, a semicolon is required.
•
mail.emailgateway.polling.frequency: Frequency, in seconds, that portal
distribution lists are checked for new incoming mail messages. The default is 1800
seconds (30 minutes).
Email communication through WebCenter Portal distribution lists can be published
as discussion forum posts on a discussions server. For details, see Publishing
Portal Mail in a Discussion Forum in Building Portals with Oracle WebCenter
Portal.
•
mail.messages.fetch.size: Maximum number of messages displayed in mail
inboxes
•
resolve.email.address.to.name: Determines whether user email addresses are
resolved to WebCenter Portal user names when LDAP is configured. Valid values
are 1 (true) and 0 (false). The default value is 0.
When set to 1, WebCenter Portal user names display instead of email addresses
in Mail task flows.
Set this property to 1 if instant messaging and presence requires user names to
obtain presence status because presence information cannot be obtained when
mail provides email addresses. Setting this value to 1 does impact application
performance so you must take this into consideration when setting this property.
•
mail.recipient.limit: Restricts the number of recipients to a message. For
example, setting this value to '500' limits the number of recipients to 500.
For command syntax and examples, see setMailServiceProperty in WebCenter WLST
Command Reference.
12.9 Testing Mail Server Connections
Confirm that the mail server is running by connecting to the server using any client,
such as Thunderbird or Outlook.
12-16
Chapter 12
Configuring Send Mail Notifications for WebCenter Portal
For Microsoft Exchange, go to Administrative Tools - Services to confirm that the
following components are running (Status: Started):
•
Microsoft Exchange IMAP4
•
Simple Mail Transfer Protocol (SMTP)
12.10 Configuring Send Mail Notifications for WebCenter
Portal
System administrators are responsible for setting mail options through WebCenter
Portal administration settings.
Figure 12-5
Setting Mail Options
From this page, you can assign the mail client for the Send Mail feature. This feature
allows application assets to send mail directly from their task flows, using the Send
Mail icon (Figure 12-6).
Figure 12-6
Send Mail Icon
For example, from an announcement, users can click the Send Mail icon to open a
mail window prepopulated with information including the announcement text, author,
date created, and location. They can edit and add to the mail, as necessary. The way
the mail window is prepopulated depends on the resource sending it. For example,
from an announcement, Send Mail opens a mail window prepopulated with the title of
the announcement.
Within a portal, the mail can be addressed to all members of the portal, which is the
default distribution list that is created when the portal is created. Portal Mangers (and
anyone granted the Manage Security and Configuration permission on the portal) set
12-17
Chapter 12
Configuring Send Mail Notifications for WebCenter Portal
this through the Tools and Services page in the portal's administration settings. See
Configuring the Mail Distribution List for a Portal in Building Portals with Oracle
WebCenter Portal.
For all Send Mail notifications throughout WebCenter Portal, you can choose to use
the local mail client, such as Microsoft Outlook or Mozilla Thunderbird, or WebCenter
Portal's own Mail service. The local mail client is the default. The Send Mail feature
does not require the Mail service, that is, if the Mail service is not yet configured, you
can still use the Send Mail feature with WebCenter Portal's Mail service. Application
specialists or portal managers can specify whether portal members can override the
default mail client setting.
Note:
With some browsers, Send Mail notifications are garbled for many non-English
languages. When multibyte characters are encoded (required for the "mailto:"
protocol), the URL length exceeds the browser limit. As a workaround,
configure the Send Mail feature to use WebCenter Portal's Mail service
instead of the local mail client.
As the system administrator, you can also specify whether users can override the
default mail client setting.
12.10.1 Enabling Shared Mail Connections for Send Mail Notifications
Users do not need to specify credentials while sending mail using WebCenter Portal's
Mail service when shared credentials are configured for the external application
associated with the mail server connection.
To enable shared mail connections:
1.
Ensure you have set up a mail connection that uses an external application
configured with the shared credentials, and note down the mail connection name.
2.
Configure WebCenter Portal to use WebCenter Portal Mail service to send mail:
a.
On the Settings page (see Accessing the Settings Pages in WebCenter Portal
Administration), click Tools and Services.
You can also enter the following URL in your browser to navigate directly to
the Tools and Services pages:
http://host:port/webcenter/portal/admin/settings/tools
See Also:
WebCenter Portal Pretty URLs in Building Portals with Oracle WebCenter
Portal.
b.
Click the icon for Mail Settings.
c.
Under Default Mail Client for Send Mail, select WebCenter Portal's Mail
Service.
12-18
Chapter 12
Configuring Send Mail Notifications for WebCenter Portal
d.
Click Apply.
Portal managers can now specify the name of the shared mail connection in the
portals where shared mail credentials are required.
12-19
Chapter 12
Configuring Send Mail Notifications for WebCenter Portal
12-20
13
Managing People Connections
Configure People Connections in WebCenter Portal to create social networking tools
and track portal user activities.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role granted through WebCenter Portal Administration.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
Topics:
•
About the People Connections Service
•
People Connections Prerequisites
•
Configuring People Connections for WebCenter Portal
•
Archiving the Activity Stream Schema
•
Specifying a Management Chain for Organization View
•
Setting Profile Configuration Properties
•
Synchronizing Profiles with the Identity Store
13.1 About the People Connections Service
The People Connections service provides social networking tools for creating,
interacting with, and tracking the activities of one's connections. Its features enable
users to manage their personal profiles, access the profiles of other users, provide ad
hoc feedback, post messages, track activities, and connect with others.
People Connections features include:
•
Activity Stream for viewing user activities generated through application or social
networking actions.
•
Connections for connecting to other application users to share information,
comment on performance, exchange messages, and track activity
•
Feedback for giving ad hoc performance feedback to other users
•
Message Board for posting messages to other users
•
Profile for entering information about yourself and viewing the information of other
users
•
Publisher for publishing status messages and posting files and links
13-1
Chapter 13
People Connections Prerequisites
The People Connections service provides task flows for using it features. For
information on adding People Connections functionality to a portal, see Adding
Connections to a Portal in Building Portals with Oracle WebCenter Portal.
Always use the Fusion Middleware Control or WLST command-line tool to review and
configure back-end services for WebCenter Portal. Any changes you make to
WebCenter Portal post-deployment are stored in MDS metadata store as
customizations. Most changes you make to WebCenter Portal tools and services
configuration through Fusion Middleware Control or using WLST are not dynamic. For
your changes to take effect, you must restart the managed server where the
application is deployed.
13.2 People Connections Prerequisites
To use the People Connections service, you must have the WEBCENTER schema
installed in your database.
In a production environment, an enterprise can leverage its back-end identity store as
a means of providing People Connections with a population of potential connections.
In a development environment, developers can add test-users to the jazn-data.xml file.
For example, Profile takes the bulk of its information from the back-end identity store
that provides WebCenter Portal with its users. Additionally, Profile may offer
opportunities for altering some of this information and for providing additional data not
included in the identity store.
For information about connecting to a back-end (LDAP) identity store for the
production version of your application, see Configuring the Identity Store.
13.3 Configuring People Connections for WebCenter Portal
This section steps you through the process of setting application-wide values for
People Connections features. It includes the following subsections:
•
Accessing People Connections Administrative Settings
•
Configuring Activity Stream
•
Configuring Connections
•
Configuring Profile
•
Configuring Message Board
•
Configuring Feedback
13.3.1 Accessing People Connections Administrative Settings
To access People Connections administrative settings:
1. In the portal browser, click the Administration tile, then click Settings.
2. On the Settings page, click Tools and Services.
You can also enter the following URL in your browser to navigate directly to the
Tools and Services pages:
http://host:port/webcenter/portal/admin/settings/tools
13-2
Chapter 13
Configuring People Connections for WebCenter Portal
3. Click People Connections.
13.3.2 Configuring Activity Stream
Activity Stream is for publishing and tracking users' application activity. Activity Stream
configuration settings specify the users and activities that are streamed, who can see
a user's streamed activities, and whether liking and commenting is available on each
streamed activity.
Figure 13-1
Administration Settings for People Connections
Who can view a user's activities and the types of activities tracked depend on Activity
Stream configuration.
Table 13-1
Activities Tracked by Activity Stream
Feature Area
Tracked Activities
Scope
Activities Shared or Private
Connections
•
•
Invitations to connect
People are connected
Home portal
Shared with inviter and invitee's
connections
Documents
•
Upload document from
Publisher
•
•
•
Events
•
•
Create an event
Edit an Event
Portal
Shared with other portal members
Feedback
•
•
Feedback left
Feedback received
Home portal
Shared with whomever is
permitted to view such activities
(see Setting Feedback
Preferences in Using Portals in
Oracle WebCenter Portal).
Portal
Home portal
Only document uploads via
Activity Stream are tracked.
13-3
Chapter 13
Configuring People Connections for WebCenter Portal
Table 13-1
(Cont.) Activities Tracked by Activity Stream
Feature Area
Tracked Activities
Scope
Activities Shared or Private
Lists
•
•
•
Create a list
Add a row to a list
Edit a list row
Portal
Shared with other portal members
Message Board
•
•
Message left
Message received
Home portal
Shared with whomever is
permitted to view such activities
(see Setting Message Preferences
in Using Portals in Oracle
WebCenter Portal).
Pages
•
•
•
•
Create page
Edit page
Add tag
Remove tag
•
•
•
Profiles
•
•
•
Photo updated
Profile updated
Personal status note
updated
Home portal
Shared with whomever is
permitted to view such activities
(see Setting Profile Preferences in
Using Portals in Oracle
WebCenter Portal).
WebCenter Portal
Management
•
•
Create portal
Join portal
Portal
Shared with other portal members
Tagging
•
•
Add tag
Remove tag
•
•
•
Portal
Home portal
•
Portal
Home portal
•
Activities on portal pages are
shared with other portal
members.
Activities on Home portal
pages are private to user.
Activities in a portal are
shared with all portal
members.
Activities in a Home portal are
shared with whomever is
permitted to view such
activities (see Configuring
Activity Stream and Setting
Activity Stream Preferences
in Using Portals in Oracle
WebCenter Portal).
Configure Activity Stream to show or hide actions from these categories:
•
People—For determining whose activities to show, either the current user's or
both the current user and the user's connections.
•
WebCenter Portal—For determining whether to show activities from all available
portals or just the Home portal.
•
Service Categories—For selecting the services from which to report activities and
enabling users to override these default selections in their personal preferences or
preventing users from overriding.
•
Privacy—For selecting who may see the current user's activities.
13-4
Chapter 13
Configuring People Connections for WebCenter Portal
•
Comments and Likes—For enabling users to comment on a posted activity and
like a posted activity
To configure Activity Stream for all users:
1. On the Settings page, click Tools and Services.
You can also enter the following URL in your browser to navigate directly to the
Tools and Services pages:
http://host:port/webcenter/portal/admin/settings/tools
2. Click the icon for People Connections Settings.
3. Click the Activity Stream tab.
4. Under People, select whose activities to show:
•
Only Me—Show only the current user's activities in his or her view of the
Activity Stream.
•
Me and My Connections—Show the current user's activities and the activities
of that user's connections in his or her view of the Activity Stream.
•
No Personal—Omit all activities streamed from the Home portal in the current
user's view of his or her Activity Stream.
5. Under Portals, select to show activities from:
•
All Portals—All portals the user has access to
•
My Portals—All portals the user manages
•
No Portals—Only the Home portal
6. Under Service Categories, select the services from which to publish activity.
Note:
The activities of services that are not selected are still tracked, but they do not
appear in the Activity Stream. If you select to show the activities at some later
point, then all of the activities that occurred when it was not selected will
appear in the Activity Stream.
Table 13-1 lists the activities tracked by the Activity Stream.
7. Optionally, select Allow Owner Override to enable users to override a setting for a
given service through their personal preferences.
Deselect this check box to prevent users from overriding the application defaults
you set here.
8. Under Privacy, specify who can view the current user's activities and whether
users can override this setting in their personal preferences.
13-5
Chapter 13
Configuring People Connections for WebCenter Portal
Table 13-2
Activity Stream Privacy Options
Option
Description
Allow all of my activities to
be viewed by
Specify who can view another user's activities. Choose from:
•
•
•
•
Allow Owner Override
Everyone—Any user, whether logged in or not, can view
other users' activities.
Authenticated Users—Users who have logged in can
view other users' activities.
My Connections—User A can view user B's activities if
user B has accepted user A as a connection. User A can
also view user A's activities.
Myself—Only user A can view user A's activities.
Enable users to override the application default settings using
their own People Connections Preferences.
9. Expand the Likes and Comments node, and specify whether liking and
commenting are allowed:
•
Select Enable comments on objects in the Activity Stream to enable users
to comment on a given Activity Stream item. Deselect the check box to prevent
users from commenting.
•
Select Enable others to like objects in the Activity Stream to enable users
to like an Activity Stream item. Deselect the check box to prevent users from
liking.
Tip:
Users can like and comment on streamed items that include objects. For
example, users can like or comment on "Jack posted a message." Users
cannot like or comment on system messages, such as "Jack and Jill are now
connected."
10. Click Apply.
13.3.3 Configuring Connections
Connections configuration involves selecting who can view another user's connections
and whether users accept invitations to connect automatically.
13-6
Chapter 13
Configuring People Connections for WebCenter Portal
Figure 13-2
Configuration Settings for Connections
To configure Connections:
1. On the Settings page (see Accessing the Settings Pages in WebCenter Portal
Administration), click Tools and Services.
You can also enter the following URL in your browser to navigate directly to the
Tools and Services pages:
http://host:port/webcenter/portal/admin/settings/tools
See Also:
WebCenter Portal Pretty URLs in Building Portals with Oracle WebCenter
Portal.
2. Click the icon for People Connections Settings.
3. Click the Connections tab.
4. Select the required connection options:
13-7
Chapter 13
Configuring People Connections for WebCenter Portal
Table 13-3
Connections Configuration Options
Option
Description
Grant View Access to
Classes of users to whom to grant automatic view
access to a user's connections
The users you select can view and interact with another
user's connections. Choose from:
•
•
•
•
Allow Owner Override
Option to allow or prohibit users from overriding the
administrator View access setting:
•
•
Accept Invitations
Automatically
Everyone—All users, including users who are not
logged in, can see other users' connections.
Authenticated users—Only users who are logged
in can see other users' connections.
User's Connections—Only the user and the user's
connections can see the user's connections.
User Only—Only a user can see his or her own
connections.
•
•
Select to allow users to override the administrative
View access setting specified here using their
personal preferences
Deselect to prohibit users from overriding the
administrative View access setting.
Select to specify that, by default, all invitations to
connect are accepted automatically.
Deselect to specify that, by default, a user must
explicitly accept or reject invitations to connect.
5. Click Apply.
13.3.4 Configuring Profile
Every authenticated user has a profile that displays personal information, such as the
user's email address, phone number, office location, department, manager, direct
reports, and so on. All but three attributes are stored and read from the LDAP identity
store that is configured for WebCenter Portal. The three exceptions include the Profile
photo and expertise and Publisher status messages.
Use administrative configuration settings for Profile to specify whether users are
allowed to change their application passwords, which profile sections display, whether
users are allowed to update their profile details, and the profile attributes that users
may update.
13-8
Chapter 13
Configuring People Connections for WebCenter Portal
Figure 13-3
Configuration Settings for Profile
Personal profiles are presented in these sections: Summary, Employee, Business
Contact, Personal Information. Each section provides information related to the
section heading. For example, Summary includes a collection of basic details, such as
the user's name, email address, and office location.
In configuration settings, the access setting for the Summary section controls who can
search for the user (for example, through global search, people pickers, and the
searches one uses to find and invite other users to connect). For example, if Everyone
is allowed to view the Summary section, then the user can be searched for by
unauthenticated (public) users. If only Authenticated Users can view another user's
Summary section, then only logged in users can search for the user. If None is the
selected value for Who can view this section, then the user will not appear in search
results.
Users cannot change the privacy settings on the Summary section through their
Preferences.
To configure Profile:
1. On the Settings page (see Accessing the Settings Pages in WebCenter Portal
Administration), click Tools and Services.
You can also enter the following URL in your browser to navigate directly to the
Tools and Services pages:
http://host:port/webcenter/portal/admin/settings/tools
See Also:
WebCenter Portal Pretty URLs in Building Portals with Oracle WebCenter
Portal.
13-9
Chapter 13
Configuring People Connections for WebCenter Portal
2. Click the icon for People Connections Settings.
3. Click the Profile tab.
4. Select the required options:
Table 13-4
Profile Configuration Options
Option
Description
Allow Password Change
Specify whether users are allowed to change their application password
•
•
Profile Access
Select to enable users to change their application password.
Deselect to prevent users from changing their application password. This option
is useful when your organization provides a single, separate application for
managing user credentials and, consequently, prefers not to offer password
management through each application.
Specify which Profile sections to show and whether users are allowed to update their
profile details
Set application defaults in the following table columns:
Profile Section—Identifies the groups of information shown in a user profile.
View Settings—Specify which users can view a particular profile section, and
indicate whether users can change these defaults in their personal Preferences.
View Settings for the Summary section control not only who can view summary
details but also for whom the user appears in people search results.
Set values for:
•
Who can view this section—Specify which types of users can view the
associated profile section by default:
Everyone—All users, including users who are not logged in, can see the
associated profile section in other users' profiles.
Authenticated users—Only users who are logged in can see the associated
profile section in other users' profiles.
User's Connections—The users to whom the current user is connected can
see the associated profile section in other users' profiles. This option is available
for all sections except Summary.
User Only—Only the user can see his or her own details in the associated
profile section.
None—The section is hidden from all users.
Allow Owner Override—Enable or disable users' from overriding the default
application settings you specify here. Select to enable; deselect to disable.
Can Edit—Select to enable users to edit the associated profile section of their own
personal profiles; deselect to prohibit users from editing the associated profile
section.
•
This setting also controls whether an Edit link appears in the Profile task flow, but it
does not affect the appearance of the Edit button or links on the default version of
the Profile page. You can use the other Profile administrative settings to prohibit
users from actually changing any Profile details.
Profile Attributes - Edit
Settings
Indicate the section attributes that users are allowed to edit by default
Under Allow Update:
•
•
Select an attribute to enable users to edit its value in their own profiles.
Deselect an attribute to prohibit users from editing it in their own profiles.
5. Click Apply.
13-10
Chapter 13
Configuring People Connections for WebCenter Portal
13.3.5 Configuring Message Board
Message Boards provide a way for users to view and post messages to their
connections. Configuration settings for Message Board provide controls for who can
view and post messages, who can edit and delete the messages they leave, who can
delete and change the visibility of messages they receive, and whether commenting
and liking are available on each message.
Figure 13-4
Configuration Settings for Message Board
To configure Message Board:
1. On the Settings page (see Accessing the Settings Pages in WebCenter Portal
Administration), click Tools and Services.
You can also enter the following URL in your browser to navigate directly to the
Tools and Services pages:
http://host:port/webcenter/portal/admin/settings/tools
See Also:
WebCenter Portal Pretty URLs in Building Portals with Oracle WebCenter
Portal.
2. Click the icon for People Connections Settings.
3. Click the Message Board tab.
4. Specify the required options:
13-11
Chapter 13
Configuring People Connections for WebCenter Portal
Table 13-5
Message Board Configuration Options
Option
Description
Grant View Access to
Specify who can view Message Board messages.
•
•
•
•
Grant Post Access to
Specify who can post Message Board Messages.
•
•
•
•
Allow Owner Override
•
•
Delete message—Select to enable users to delete messages they receive
from other users; deselect to prohibit users from deleting the messages they
receive.
Change the visibility of the message—Select to enable users to hide or
show the messages from a given user; deselect to prohibit users from hiding or
showing messages.
Specify whether users can comment on messages that are posted on a Message
Board.
•
•
Enable liking of messages
from Message Board
Edit message—Select to enable users to edit their own Message Board posts;
deselect to prohibit users from editing the messages they post.
Delete message—Select to enable users to delete their own Message Board
posts; deselect to prohibit users from deleting the messages they post.
Specify whether users can act on messages they receive from others
•
Enable commenting on
messages from Message
Board
Select to enable users to edit the default settings through user preferences.
Deselect to enforce the administrator default application settings.
Specify whether users are allowed to act on the messages they post.
•
Enable users to act on
messages they received
from others
Everyone—All users, whether logged in or not, can post Message Board
messages.
Authenticated Users—Only logged in users can post messages to Message
Boards.
User's Connections—Only the user and the user's connections can post
messages to the user's Message Board.
User Only—Only the user can post messages to his or her Message Board.
Specify whether users can override these administrative defaults.
•
•
Enable users to act on
messages they post on
other Message Boards
Everyone—All users, whether logged in or not, can see users' Message Board
messages.
Authenticated Users—Only logged in users can see users' Message Board
messages.
User's Connections—Only the user and the user's connections can view the
user's Message Board.
User Only—Only the user can see the messages on his or her Message
Board.
Select to permit users to comment on messages. A Comment link appears
below each message. Users click this to enter a comment.
Deselect to prohibit commenting.
Specify whether to enable users to like a message.
•
•
Select to permit users to like messages. A Like link appears below each
message.
Deselect to prohibit liking.
5. Click Apply.
13-12
Chapter 13
Configuring People Connections for WebCenter Portal
13.3.6 Configuring Feedback
Feedback provides a way for users to view and post feedback for other application
users. Configuration settings for Feedback provide controls for granting view and post
access for feedback a user receives, granting view access for feedback a user gives,
allowing users to override administrative default settings, enabling users to delete the
feedback they post, and enabling a user to show or hide feedback left by others.
Figure 13-5
Configuration Settings for Feedback
To configure Feedback:
1. On the Settings page (see Accessing the Settings Pages in WebCenter Portal
Administration), click Tools and Services.
You can also enter the following URL in your browser to navigate directly to the
Tools and Services pages:
http://host:port/webcenter/portal/admin/settings/tools
See Also:
WebCenter Portal Pretty URLs in Building Portals with Oracle WebCenter
Portal.
2. Click the icon for People Connections Settings.
3. Click the Feedback tab.
4. Select the required options:
13-13
Chapter 13
Archiving the Activity Stream Schema
Table 13-6
Feedback Configuration Options
Option
Description
Grant View Access to
Specifies who can view the current user's Feedback
•
•
•
•
Grant Post Access to
Specifies who can post user Feedback
•
•
•
•
Grant View Feedback
Given Access to
•
•
•
•
Enable owner of the
feedback to act on
feedback posted by
others
Everyone—All users, whether logged in or not, can see the options on the View
menu.
Authenticated Users—Only logged in users can see the options on the View
menu.
User's Connections—Only the user and the user's connections can see the
View menu.
User Only—Disables the View menu for all but the current user. When users
visit the current user's Feedback task flow, they can view only the Feedback the
current user has received.
Specifies whether users can override these administrative defaults
•
Enable users to act on the
feedback given to others
Everyone—All users, whether logged in or not, can post Feedback for a given
user.
Authenticated Users—Only logged in users can post Feedback for a given
user.
User's Connections—Only the user and the user's connections can post
Feedback for a given user.
User Only—Users can post Feedback only for themselves. Effectively disables
Feedback.
Specifies who can see the View menu to switch between Feedback Given and
Feedback Received in a Feedback task flow
•
Allow Owner Override
Everyone—All users, whether logged in or not, can see a given user's
Feedback.
Authenticated Users—Only users who are logged in can see a given user's
Feedback.
User's Connections—Only the user and the user's connections can see a
given user's Feedback.
User Only—Disables other users from viewing a given user's Feedback.
Select to enable users to revise application default settings through user
preferences.
Deselect to prevent users from altering administrator settings for Feedback.
Indicates whether users can delete the Feedback they post
•
•
Select Delete feedback to enable users to delete the Feedback they post.
Deselect Delete feedback to prohibit users from deleting the Feedback they
post.
Indicate whether to enable users to hide or show Feedback from another user.
•
•
Select Change the visibility of the feedback to enable users to hide or show
the Feedback from another user.
Deselect Change the visibility of the feedback to prohibit users from hiding or
showing Feedback left by others.
5. Click Apply.
13.4 Archiving the Activity Stream Schema
Administrators can use these WLST commands to archive and restore data in the
Activity Stream schema:
13-14
Chapter 13
Specifying a Management Chain for Organization View
•
archiveASByDate—Archive activity stream data that is older than a specified date.
•
archiveASByDeletedObjects—Archive activity stream data associated with deleted
objects.
•
archiveASByClosedSpaces—Archive activity stream data associated with portals that
are currently closed.
•
archiveASByInactiveSpaces—Archive activity stream data associated with portals
that have been inactive since a specified date.
•
restoreASByDate—Restore archived activity stream data from a specified date into
production tables.
•
truncateASArchive—Truncate activity stream archive data.
•
archiveASBySpace—Archive activity stream data associated with a portal.
•
archiveASAllSpaces—Archive activity stream data associated with all portals.
•
archiveASByUser—Archive activity stream data associated with a user.
•
archiveASAllUsers—Archive activity stream data associated with all users.
•
archiveASByDeletedActors—Archive activity stream data associated with deleted
actors.
•
showASStatistics—Report activity stream statistics.
For more information, see Activity Stream in WebCenter WLST Command Reference.
13.5 Specifying a Management Chain for Organization View
The Organization View task flow and the Organization tab on a Profile page can
provide a visualization of your management chain, for example, they can render a view
of a manager and the manager's direct reports.
Figure 13-6
Organization View of a Manager and the Manager's Direct Reports
By default, the values that define the management chain for these organization views
are blank. This means that managers are not automatically specified for users in the
back-end identity store that provides user details.
13-15
Chapter 13
Specifying a Management Chain for Organization View
Tip:
The value for Manager on the Profile page's About tab is also defined by the
methods suggested in this section.
For the management chain to be rendered in organization views, the back-end identity
store that is used for WebCenter Portal authentication must be set up in such a way
that direct report users have a manager attribute. And the manager attribute must be
defined as the Distinguished Name (DN) of their manager user.
Tip:
In an LDAP environment, a user can be managed by only one person; in the
same environment, a user can manage many people.
13.5.1 Example Embedded LDAP Configuration
You can specify a management chain within the Oracle WebLogic Server (WLS)
embedded LDAP or within an external LDAP, such as Oracle Internet Directory (OID).
However, the management chain you define through the embedded LDAP is for
testing or proof of concept and not for production. For production, you must use an
external LDAP, such as OID, for the identity store for WebCenter Portal authentication.
See Also:
For more information, see Configuring the Identity Store, or refer to the
documentation provided with your LDAP implementation.
This example describes how to define a management chain within the embedded
LDAP in WebLogic Server for testing or proof of concept.
Note:
The steps provided in this example are similar to those you take for an
external LDAP. That is, you create an attribute (manager) and set a value on
the attribute for each user. For this value, enter the DN of the selected user's
manager.
In this example, there are three users:
•
user1
•
user2
•
manager_user
13-16
Chapter 13
Specifying a Management Chain for Organization View
To define a management chain with these users:
1.
Enable browsing of the embedded LDAP using an external viewer, such as
Apache Directory Studio:
a.
Go to the WLS Administration Console, and log in as the administrator user.
b.
Click your domain (for example, wc_domain), then open the Security tab and
then the Embedded LDAP subtab (Figure 13-7).
Figure 13-7
Oracle WebLogic Server Administration Console
c.
Enter a value in the Credential field, and then reenter that value in the
Confirm Credential field.
Tip:
The default credential is a randomly generated password. Set it to something
memorable.
d.
2.
Restart your administration and managed servers.
Start up the LDAP viewer you selected in Step 1, and create a connection using
the following details:
•
hostname (for example, example.com)
•
port (the WLS administration port, for example 7001)
•
Bind DN (cn=Admin)
13-17
Chapter 13
Specifying a Management Chain for Organization View
•
3.
Password (that is, the credential you set in Step 1c)
Navigate to user1 by finding the users within the DIT tree (Figure 13-8).
For example, click in succession:
Figure 13-8
•
dc=wc_domain
•
ou=myrealm
•
ou=people
•
uid=user1
Selecting a User in the DIT Tree of an LDAP Browser
4.
In the Attribute Description column, add a new attribute of type manager.
Tip:
Press Ctrl-Shift-+ to open the New Attribute dialog.
5.
For the attribute value, select the DN for manager_user (Figure 13-9).
For example, under the root, select in succession:
•
dc=wc_domain
•
ou=myrealm
•
ou=people
•
uid=manager_user
13-18
Chapter 13
Specifying a Management Chain for Organization View
Figure 13-9
6.
Select DN Dialog
Repeat Steps 3 through 5 for user2.
Now user1 and user2 are managed by manager_user. You can check this by logging in
to WebCenter Portal as user1 and navigating to the About tab of the Profile page. The
user manager_user is shown as the manager (Figure 13-10).
Figure 13-10
About Tab of the Profile Page
13-19
Chapter 13
Setting Profile Configuration Properties
Tip:
Click the value for Manager (in this example, manager_user) to view the
manager's profile. Access the Organization tab to see the organization view
associated with the currently viewed profile.
13.6 Setting Profile Configuration Properties
Administrators can use WLST commands to set profile configuration properties, such
as setting the profile version that appears in the user interface. Administrators can
perform the following actions:
•
Set the profile configuration properties by running setProfileConfig.
Syntax:
setProfileConfig(appName, [ProfilePageVersion], [ProfileSyncHourOfDay],
[ProfileSyncFrequencyInDays], [server], [applicationVersion])
This command takes the following parameters:
–
appName - The name of the WebCenter Portal application in which to perform
this operation. For example, webcenter.
–
ProfilePageVersion - (Optional) The profile page version to use. Valid values
for ProfilePageVersion are:
*
v1 - Use old-style Profile pages (11.1.1.7.0 and earlier)
*
v2 - (default) Use the new Profile page format (introduced in 11.1.1.8.0)
Note:
Profile page version changes will not take effect until you restart the server
where the WebCenter Portal application is deployed.
–
ProfileSyncHourOfDay - (Optional) The hour to start profile synchronization. Any
value between 0 and 23. The default value is 23, equivalent to 11pm.
–
ProfileSyncFrequencyInDays - (Optional) How often profile synchronization
takes place (in days). Any value greater than 0. The default value is 7.
Note:
If you omit a parameter, the corresponding configuration remains unchanged.
•
List the current profile configuration settings by running listProfileConfig.
Syntax:
listProfileConfig(appName)
This command takes the following parameter:
13-20
Chapter 13
Synchronizing Profiles with the Identity Store
–
•
appName - The name of the WebCenter Portal application to perform this
operation on. For example, webcenter.
Get the current value of a profile property by running getProfileConfig.
Syntax:
getProfileConfig(appName, key, [server], [applicationVersion])
This command takes the following parameters:
–
appName - The name of the WebCenter Portal application to perform this
operation on. For example, webcenter.
–
key - Name of a the Profile Config property to get. Valid values include:
*
ProfilePageVersion
*
ProfileSyncHourOfDay
*
ProfileSyncFrequencyInDays
–
server - (Optional) The name of the target server where the application is
deployed.
–
applicationVersion - (Optional) The version number of the application.
13.7 Synchronizing Profiles with the Identity Store
Administrators can use WLST commands to synchronize profile information in the
LDAP identity store with WebCenter Portal. Administrators can perform the following
actions:
•
Start or stop profile synchronization for all users or a single user by running
startSyncProfiles or stopSyncProfiles.
•
Check whether profile synchronization is currently in progress by running
isSyncProfilesRunning.
•
Set various profile synchronization options:
–
Specify whether to synchronize user profile photos in LDAP by running
setProfilePhotoSync.
–
Synchronize profile information for a specific user by running syncProfile.
For more information, see the following command references in WebCenter WLST
Command Reference:
•
startSyncProfiles
•
stopSyncProfiles
•
isSyncProfilesRunning
•
setProfilePhotoSync
•
syncProfile
13-21
Chapter 13
Synchronizing Profiles with the Identity Store
13-22
14
Managing RSS
Configure and manage RSS functionality for WebCenter Portal.
Note:
Beginning with 12c (12.2.1.3.0), Oracle WebCenter Portal has deprecated
support for Jive features (announcements and discussions). If you are
upgrading from a prior release, these features remain available in your existing
installations that are being upgraded.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role granted through WebCenter Portal Administration.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
Topics:
•
About RSS
•
RSS Prerequisites
•
Setting Up a Proxy Server for External RSS News Feeds
•
Testing External RSS News Feed Connections
14.1 About RSS
The RSS functionality encompasses a RSS Viewer and RSS service that shows news
feeds from various WebCenter Portal tools and services. The RSS Viewer enables
users to view external news feeds from different web sites inside WebCenter Portal.
RSS also delivers content update information from various portal resources including
discussions, lists, and announcements.
14.2 RSS Prerequisites
RSS functionality does not require any back-end server. You do not need to set up a
connection to use it. However, depending on your network configuration, you may
need to set up a proxy server to enable WebCenter Portal to display content from
external RSS news feeds.
14-1
Chapter 14
Setting Up a Proxy Server
14.3 Setting Up a Proxy Server
A proxy server is required if you want to enable external RSS news feeds and external
links in activity stream task flows in WebCenter Portal. The RSS service and the
activity stream service share the same proxy server settings.
You can set up a proxy server using Fusion Middleware Control or WLST.
This section includes the following subsections:
•
Setting Up a Proxy Server Using Fusion Middleware Control
•
Setting Up a Proxy Server Using WLST
14.3.1 Setting Up a Proxy Server for External RSS News Feeds
To enable external RSS news feeds in WebCenter Portal, you must set up a proxy
server.
A proxy server is also required if you want to display external links in Activity Stream
task flows. Both RSS and the activity stream share the same proxy server settings.
You can configure a proxy server by using either Fusion Middleware Control or WLST.
14.3.2 Setting Up a Proxy Server Using Fusion Middleware Control
To set up a proxy server using Fusion Middleware Control:
1. Log on to Fusion Middleware Control and navigate to the home page for
WebCenter Portal.
2. From the WebCenter Portal menu, select Settings > Application Configuration.
3. In the Proxy Server section, enter the host name and the port number of the proxy
server. For details, see Table 14-1.
Table 14-1
RSS Proxy Server Details
Field
Description
Proxy Host
Enter the host name of the proxy server.
Proxy Port
Enter the port number on which the proxy server is running.
4. Click Apply to save this connection.
5. Restart the managed server to which your application is deployed.
14.3.3 Setting Up a Proxy Server Using WLST
Use the WLST command setWebCenterProxyConfig to specify the proxy host and port
number used by RSS news feeds and activity stream task flows. For example:
setWebCenterProxyConfig(appName='webcenter', proxyHost='www-proxy.example.com',
proxyPort='80')
14-2
Chapter 14
Testing External RSS News Feed Connections
For command syntax and examples, see setWebCenterProxyConfig in WebCenter
WLST Command Reference.
For information about how to run WLST commands, see Running Oracle WebLogic
Scripting Tool (WLST) Commands.
Note:
To start using new proxy details, you must restart the managed server in
which your application is deployed.
Use the getWebCenterProxyConfig command to find out the current proxy host and port
used by RSS and activity stream task flows. For example:
getWebCenterProxyConfig(appName='webcenter')
If you want to delete the current proxy host and port settings, use the
unsetWebCenterProxyConfig command. For example:
unsetWebCenterProxyConfig(appName='webcenter')
14.4 Testing External RSS News Feed Connections
After setting up the proxy server for the RSS Viewer, you can test the connection to
make sure you can access external RSS feeds. To test the RSS connection, you need
to add the RSS task flow to a portal page and set the URL to an external RSS feed. If
the RSS feed displays correctly, proxy configuration is set up properly. For information
about adding the RSS task flow and editing the URL, see Adding RSS News Feeds to
a Portal in Building Portals with Oracle WebCenter Portal.
14-3
Chapter 14
Testing External RSS News Feed Connections
14-4
15
Managing Subscriptions and Notifications
Administer subscriptions and notifications by creating and enforcing application-wide
defaults for application-level subscriptions, specifying the server to handle notification
delivery, and using WLST commands to set and get notification messaging
configuration details.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role in the deployed application. In WebCenter Portal,
the Administrator role is granted through WebCenter Portal Administration.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
Topics:
•
About Subscriptions and Notifications
•
Setting Up Default Subscription Preferences
•
Setting Up Notifications
•
Creating and Applying Custom Notification Templates
•
Testing the Notifications Connection
15.1 About Subscriptions and Notifications
In WebCenter Portal, subscriptions and notifications provide users with a way to
subscribe to the types of services and application objects that interest them.
Consequently, users receive timely notice over their selected messaging channels of
changes that affect their subscribed services and objects.
Always use the Fusion Middleware Control or WLST command-line tool to review and
configure back-end services for WebCenter Portal. Any changes you make to
WebCenter Portal, post deployment, are stored in the MDS metadata store as
customizations.
Most changes you make to WebCenter Portal tools and services configuration through
Fusion Middleware Control or using WLST are not dynamic. For your changes to take
effect, you must restart the managed server in which the application is deployed.
15-1
Chapter 15
Setting Up Default Subscription Preferences
See Also:
For information about adding notifications functionality to a portal, see Adding
Notifications to a Portal in Building Portals with Oracle WebCenter Portal.
15.2 Setting Up Default Subscription Preferences
WebCenter Portal users set their personal Subscriptions preferences through the
WebCenter Portal Preferences dialog. Before this happens, the WebCenter Portal
administrator can set default values that determine the application-level subscription
options that are available to all users and whether those defaults can be changed.
This section provides an overview of Subscription defaults and steps you through the
process of setting default values.
This section includes the following subsections:
•
About Subscription Defaults
•
Setting Subscription Defaults
•
Setting Subscriptions Preferences in WebCenter Portal
15.2.1 About Subscription Defaults
Administrator-level Subscription preferences are set in a custom XML file that you
create and then use to supersede the file that is provided for this purpose out of the
box (notification-service-settings.xml). The settings in the custom XML file are
analogous to the application-level subscriptions settings available to users through
Subscription Preferences in WebCenter Portal (for more information, see Subscribing
to the Application, to Portals, and to Objects in Using Portals in Oracle WebCenter
Portal.)
Each setting provides three attributes:
•
id—for specifying the service ID:
–
oracle.webcenter.peopleconnections.connections, the Connections feature of
the People Connections service
–
oracle.webcenter.peopleconnections.wall, the Message Board feature of the
People Connections service
–
oracle.webcenter.peopleconnections.kudos, the Feedback feature of the People
Connections service
–
•
oracle.connections. community, portal membership management
subscription-enabled—for specifying the initial state of the preference option: true
(enabled) or false(not enabled)
15-2
Chapter 15
Setting Up Default Subscription Preferences
Tip:
Rather than enabling or disabling the entire subscription capability, the
subscription-enabled attribute merely sets the initial state of the preference
option. For example, if subscription-enabled="true", then the associated
subscription option is selected by default in the WebCenter Portal's
Preferences dialog. If subscription-enabled="false", then the associated
subscription option is deselected by default in the dialog.
•
end-user-configurable—for enabling users to change the established default or
preventing users from doing so: true or false
These attributes work together to determine the initial state of the General
Subscriptions tab on the Subscriptions page in Preferences.
Figure 15-1
Preferences - Subscriptions: General Subscriptions Page
The following table illustrates the effect of custom administrator-level subscriptions
settings on the appearance of the General Subscriptions tab.
Table 15-1
Effect of Administrator Defaults on Subscriptions Preferences
subscription-enabled1
end-user-configurable
Option in Preferences
True
True
Rendered normally, check box is selected
True
False
Grayed out, check box is selected
False
True
Rendered normally, check box is
deselected
False
False
Hidden, check box is hidden
1
Rather than enabling or disabling the entire subscription capability, the subscription-enabled attribute merely sets the
initial state of the preference option. For example, if subscription-enabled="true", then the associated subscription
option is selected by default in WebCenter Portal's Preferences. If subscription-enabled="false", then the associated
subscription option is deselected by default.
15-3
Chapter 15
Setting Up Default Subscription Preferences
Tip:
In Table 15-1, the most typical scenario for most notifications is false/true
(row 3).
The following table lists the types of actions that can trigger an application-level
notification and associates them with their related service ID.
Table 15-2
Application-Level Activities that Can Trigger Notifications
Activity
Related Service ID
A user sends you an invitation to connect
oracle.webcenter.peopleconnections.connections
Your portal role changes, for example, from
Portal Manager to another custom role
oracle.webcenter.community
You are added as a member of a portal
oracle.webcenter.community
Your portal membership is removed
oracle.webcenter.community
A user posts a message to your Message Board
oracle.webcenter.peopleconnections.wall
A user likes your post on another user's
Message Board
oracle.webcenter.peopleconnections.wall
A user comments on your post on another
user's Message Board
oracle.webcenter.peopleconnections.wall
A user posts feedback for you
oracle.webcenter.peopleconnections.kudos
15.2.2 Setting Subscription Defaults
To set defaults for application-level Subscription preferences:
1. Navigate to a directory with a path that contains /oracle/webcenter/notification,
and create the folder custom.
Tip:
The directory structure can start or end with any directory or directories, as
long as it has /oracle/webcenter/notification/custom in the path.
2. In the custom folder, or in any subdirectory under /oracle/webcenter/notification/
custom/, create the file notification-service-settings.xml.
3. In the XML file, enter values for all application-level subscription options.
The following example provides sample content for an application-wide subscription
preferences setting file and an example of each required option.
<notification-service_settings xmlns="http://xmlns.oracle.com/webcenter/
notification">
<subscription-settings>
15-4
Chapter 15
Setting Up Default Subscription Preferences
<service id="oracle.webcenter.peopleconnections.connections" subscriptionenabled="true"
end-user-configurable="false"/>
<service id="oracle.webcenter.peopleconnections.wall" subscriptionenabled="false"
end-user-configurable="true"/>
<service id="oracle.webcenter.peopleconnections.kudos" subscriptionenabled="false"
end-user-configurable="true"/>
<service id="oracle.webcenter.community" subscription-enabled="true"
end-user-configurable="true"/>
</subscription-settings>
</notification-service_settings>
Note:
If an option is not provided, the default values false/false are assigned for the
service.
4. Run the WLST command importMetadata(), and import the directory content into
your metadata store.
For example:
wls: /WC_Domain/serverConfig> importMetadata(application='webcenter',
server='serverName', fromLocation='directoryPath', docs='/**')
Where:
•
application is the name that identifies your WebCenter Portal deployment
•
serverName is the name of the server where WebCenter Portal is running
•
directoryPath is the directory path under which oracle/webcenter/notification/
custom/<any_sub_dir_after_this>/notification-service-settings.xml is located.
For example, if the directory path to notification-service-settings.xml is /
scratch/mydir/oracle/webcenter/notification/custom, enter /scratch/mydir for
directoryPath.
•
docs identifies the content to be imported, in this example, the path and files
that fall under directoryPath.
For information about the importMetadata WLST command, see importMetadata in
WLST Command Reference for Infrastructure Components.
The table describes the effect of various combinations of settings for the service ID
oracle.webcenter.peopleconnections.connections.
Table 15-3
Effects of Subscription Configurations for Connections
subscription-enabled
end-user-configurable
Effect
true
true
•
•
The subscribing user receives a notification
message when another user sends the user an
invitation to connect.
The user can change this default.
15-5
Chapter 15
Setting Up Default Subscription Preferences
Table 15-3
(Cont.) Effects of Subscription Configurations for Connections
subscription-enabled
end-user-configurable
Effect
true
false
•
•
false
true
•
•
false
false
•
•
1
The subscribing user receives a notification
message when another user sends the user an
invitation to connect.
The user cannot change this default.1
The subscribing user does not receive a
notification message when another user sends the
user an invitation to connect.
The user can change this default.
The subscribing user does not receive a
notification message when another user sends the
user an invitation to connect.
The option for changing this default is hidden.
This is the out-of-the-box default
The table describes the effect of various combinations of settings for the service ID
oracle.webcenter.peopleconnections.wall.
Table 15-4
Effects of Subscription Configurations for Message Board
subscription-enabled
end-user-configurable
Effect
true
true
•
•
true
false
•
•
false
true
•
•
The subscribing user receives a notification
message when another user posts a message on
the user's Message Board, likes the user's
Message Board post, or comments on the user's
Message Board post.
The user can change this default.
The subscribing user receives a notification
message when another user posts a message on
the user's Message Board, likes the user's
Message Board post, or comments on the user's
Message Board post.
The user cannot change this default.
The subscribing user does not receive a
notification message when another user posts a
message on the user's Message Board, likes the
user's Message Board post, or comments on the
user's Message Board post.
The user can change this default.
15-6
Chapter 15
Setting Up Default Subscription Preferences
Table 15-4
(Cont.) Effects of Subscription Configurations for Message Board
subscription-enabled
end-user-configurable
Effect
false
false
•
•
The subscribing user does not receive a
notification message when another user posts a
message on the user's Message Board, likes the
user's Message Board post, or comments on the
user's Message Board post.
The option for changing this default is hidden.
The table describes the effect of various combinations of settings for the service ID
oracle.webcenter.peopleconnections.kudos.
Table 15-5
Effect of Subscription Configurations for Feedback
subscription-enabled
end-user-configurable
Effect
true
true
•
•
true
false
•
•
false
true
•
•
false
false
•
•
The subscribing user receives a notification
message when another user leaves feedback for
the user.
The user can change this default.
The subscribing user receives a notification
message when another user leaves feedback for
the user.
The user cannot change this default.
The subscribing user does not receive a
notification message when another user leaves
feedback for the user.
The user can change this default.
The subscribing user does not receive a
notification message when another user leaves
feedback for the user.
The option for changing this default is hidden.
The table describes the effect of various combinations of settings for the service ID
oracle.webcenter.community.
Table 15-6
Effect of Subscription Configurations for Portal Management
subscription-enabled
end-user-configurable
Effect
true
true
•
•
The subscribing user receives a notification
message when the user's portal membership role
changes, the user is added as a member of a
portal, or the user is removed as a member of a
portal.
The user can change this default.
15-7
Chapter 15
Setting Up Notifications
Table 15-6
(Cont.) Effect of Subscription Configurations for Portal Management
subscription-enabled
end-user-configurable
Effect
true
false
•
•
false
true
•
•
false
false
•
•
The subscribing user receives a notification
message when the user's portal membership role
changes, the user is added as a member of a
portal, or the user is removed as a member of a
portal.
The user cannot change this default.
The subscribing user does not receive a
notification message when the user's portal
membership role changes, the user is added as a
member of a portal, or the user is removed as a
member of a portal.
The user can change this default.
The subscribing user does not receive a
notification message when the user's portal
membership role changes, the user is added as a
member of a portal, or the user is removed as a
member of a portal.
The option for changing this default is hidden.
15.2.3 Setting Subscriptions Preferences in WebCenter Portal
Individual users set their own subscription preferences in WebCenter Portal's
Preferences. Two Preferences pages are provided for this purpose:
•
Subscriptions, where users subscribe to be notified about actions occurring with
their portal memberships and the People Connections service (Connections,
Message Board, and Feedback) and view and remove their application- and
object-level subscriptions
For more information, see Subscribing to the Application, to Portals, and to
Objects in Using Portals in Oracle WebCenter Portal.
•
Messaging, where users access controls for configuring their preferred
messaging channels and filters (BPEL connection types only)
For more information, see Establishing and Managing Your Messaging Channels
and Filters in Using Portals in Oracle WebCenter Portal.
15.3 Setting Up Notifications
This section provides an overview of messaging connection types, describes
prerequisites that must be in place before you can define a notification channel, and
steps you through the process of setting up a notification channel for Notifications. It
includes the following subsections:
•
About Connection Channels
•
Notification Prerequisites
15-8
Chapter 15
Setting Up Notifications
•
Configuration Roadmap for Notifications
•
Specifying the Notifications Channel Using Fusion Middleware Control
•
Specifying the Notifications Channel Using WLST
•
Example - Setting Up Mail Notifications for WebCenter Portal Using WLST
15.3.1 About Connection Channels
The Notifications connection type determines the messaging channels that are
available to users when they configure their own messaging preferences for
Notifications in WebCenter Portal.
Use one of two possible connection types:
•
BPEL Server provides two messaging channel options to users: mail and texting
(SMS).
•
Mail Server delivers notification messages exclusively through a mail server that
is configured for WebCenter Portal.
BPEL Server Connection Type
Selection of a BPEL server presupposes that you have established a connection to a
BPEL server with the User Messaging Service (UMS) is available. For information
about connecting to a BPEL server, see Managing the SOA Connection for
WebCenter Portal Membership Workflows.
When WebCenter Portal has setSpacesWorkFlowConnectionName set up, the Manage
Configuration button becomes available on the Messaging panel in WebCenter
Portal's Preferences.
Tip:
You should use the same connection for Notifications that you use for
setSpacesWorkFlowConnectionName, provided you use the BPEL Server for
notifications.
Mail Server Connection Type
Selection of a mail server presupposes that you have established a connection to a
mail server. Additionally, the external application associated with the mail server
connection must contain shared credentials. For information about connecting to a
mail server, see Managing Mail.
When Mail Server is the selected connection type, the Manage Configuration button
on the Messaging panel in WebCenter Portal's Preferences might or might not be
grayed-out. This depends on whether you have set up spacesWorkFlowConnection.
Regardless, when Mail Server is the selected connection type, and you click the
Manage Configuration button for Messaging preferences to open User Messaging
Preferences, any changes you make are ignored.
15-9
Chapter 15
Setting Up Notifications
See Also:
Establishing and Managing Your Messaging Channels and Filters in Using
Portals in Oracle WebCenter Portal
15.3.2 Notification Prerequisites
Before you can define a connection type for Notifications, you must take the steps and
consider the information provided in the following subsections:
•
Installation
•
Configuration
•
Security
•
Limitations
15.3.2.1 Installation
Installation requirements associated with Notifications change according to the type of
connection you select for Notifications messaging.
If you will use the User Messaging Service (UMS) through your BPEL connection for
Notifications messaging, you should know that only the mail driver is installed by
default. To make use of SMS messaging channels, you must install drivers for these
as well.
If you will use the Mail service for Notifications messaging, no Notifications-specific
installation is required, but the Mail service must be configured as described in
Managing Mail.
15.3.2.2 Configuration
Configuration prerequisites for Notifications also depend on the connection type you
select for Notifications messaging.
BPEL Server Configuration
If you want users to have messaging channel options—mail and texting (SMS)—a
connection to a BPEL server must be in place. Notifications uses the SOA installation
for supporting multichannel notifications through the User Messaging Service (UMS).
UMS is installed as a part of the SOA domain. Out of the box, only the mail driver is
configured. The SMS driver is available, but must be deployed.
Mail Server Configuration
If you want users to always and only be notified through their mail, a connection to a
mail server must be in place. Additionally, the external application associated with the
mail server connection must contain shared credentials.
Mail notifications are sent in the preferred language specified for each user's profile. If
the preferred language is not specified for a user, the server locale setting is used for
mail notifications. For example, if the server is running on the Korean locale and the
preferred language is not set for a user, the notification mail is in Korean.
15-10
Chapter 15
Setting Up Notifications
15.3.2.3 Security
There are no security considerations specifically associated with Notifications.
15.3.2.4 Limitations
Some activities create Notification tasks to be sent in the future. For example, if a user
creates an announcement with an active date in the future, a notification task is
created on the WebCenter Portal application server, so that a notification will be sent
when the announcement becomes active. However, if the Mail service is used for
Notifications, future Notification tasks are deleted if the WebCenter Portal application
server is restarted.
UMS supports multiple messaging channels, including voice and instant messaging,
that are not supported by Notifications. From UMS, Notifications consumes only mail
and SMS.
In WebCenter Portal Release 12.2.1.0.0, a new Documents service task flow has been
introduced. Integration between the new task flow and subscriptions and notifications
is not in place in this release; consequently, no document-related activities trigger
notifications. Integration between the new Documents task flow and subscriptions and
notifications will be reintroduced in a subsequent release.
15.3.3 Configuration Roadmap for Notifications
The section provides an overview of the prerequisites and tasks required to get the
Notifications service working in WebCenter Portal.
15-11
Chapter 15
Setting Up Notifications
Figure 15-2
Table 15-7
Configuring the Notifications Service
Configuring Notifications
Actor
Task
Link
Administrator
1. Set up one of the following back-end
componentsfor Notifications.
•
•
•
•
Administrator
Set up the BPEL server
Set up the mail server
2. (For mail server only) Configure an
external application:
•
•
BPEL Server Prerequisites
Mail Server Prerequisites
Registering External Applications at
Runtime
Create an external application
connection for the mail server
Configure shared credentials for the
mail server external application
15-12
Chapter 15
Setting Up Notifications
Table 15-7
(Cont.) Configuring Notifications
Actor
Task
Link
Administrator
3. Create or modify a connection between
your WebCenter Portal application and your
chosen back-end component:
•
•
•
•
Administrator
Create a connection to the BPEL
server
Create a connection to the mail server
4. Choose the type of connection to use for
Notifications, either BPEL or Mail, using one
of the following tools:
•
•
•
•
Fusion Middleware Control
WLST
Specifying the BPEL Server
Hosting WebCenter Portal
Workflows
Registering Mail Servers
Specifying the Notifications
Channel Using Fusion
Middleware Control
Specifying the Notifications
Channel Using WLST
Administrator
5. Restart the managed server (WC_Portal)
where WebCenter Portal is deployed.
Starting and Stopping the
WebCenter Portal Application
Administrator
6. Set up default subscription preferences
for all users
Setting Up Default Subscription
Preferences
Application Specialist/End
User
7. Configure and test Notifications in
WebCenter Portal as an:
•
•
•
application specialist
end user
•
Adding Notifications to a Portal
in Building Portals with Oracle
WebCenter Portal
Getting Notified When Things
Change in Using Portals in
Oracle WebCenter Portal
15.3.4 Specifying the Notifications Channel Using Fusion Middleware
Control
To specify a Notifications message connection type with Fusion Middleware Control:
1.
Log in to Oracle Fusion Middleware Control and navigate to the home page for
WebCenter Portal.
2.
From the WebCenter Portal menu, select Settings > Application Configuration.
3.
On the Application Configuration page, scroll down to Notifications (at the
bottom of the page), and select a connection type to use for outbound
notifications: either BPEL Server or Mail Server.
4.
The next step depends on the selected connection type:
If you select BPEL Server:
a.
From the Connection Name list, select the name you provided for the BPEL
server when you set up that connection.
b.
In the Sender Mail Address field, enter a mail address from which all
Notifications messages are sent. The sender mail address must match at least
one driver that is configured to send messages from a corresponding domain.
c.
In the Sender SMS Address field, enter the four- to six-digit number that is
used by the User Messaging Server (UMS) as the driver from which all
Notifications messages are sent. The sender SMS address must match at
15-13
Chapter 15
Setting Up Notifications
least one driver that is configured to send messages from a corresponding
domain.
If you select Mail Server, select a mail connection from the Connection Name
list.
5.
Save your changes.
6.
To make your changes take effect, restart the managed server where WebCenter
Portal is deployed.
15.3.5 Specifying the Notifications Channel Using WLST
Use the WLST command setNotificationsConfig to configure the connection type
used for notifications. For command syntax and examples, see setNotificationsConfig
in WebCenter WLST Command Reference. See also getNotificationsConfig in the
same guide.
Note:
Updates to this configuration are stored in the MDS repository. For
configuration changes to take effect, you must restart the managed server
where the application is deployed.
15.3.6 Example - Setting Up Mail Notifications for WebCenter Portal
Using WLST
This section provides an example of using WLST to set up Mail Notifications for
WebCenter Portal using WLST commands.
First, the example shows you how to create an external application that is configured
with shared credentials, and create a mail server connection that uses the external
application. Next, the example shows you how to configure WebCenter Portal to send
notifications on that mail connection, and finally how to set subscription options
through user preferences.
1. At the WLST command prompt, connect to the Administration Server for
WebCenter Portal.
connect('admin_user','mypassword','<servername>:7001')
2. Create an external application connection:
createExtAppConnection(appName='webcenter', name='NotificationSharedApp',
displayName= 'NotificationSharedApp')
This command creates the connection named NotificationSharedApp.
3. Configure shared credentials for the external application, NotificationSharedApp:
addExtAppCredential(appName='webcenter', name='NotificationSharedApp',
type='SHARED', username='john.doe@example.com', password='sharedpassword')
Where username refers to the mail account from which mail notifications will be sent.
This must be in the format <user>@<domain of the mail server>.
15-14
Chapter 15
Creating and Applying Custom Notification Templates
Optionally, you may add the following fields to use while sending out the mail
notification.
addExtAppField(appName='webcenter',name='NotificationSharedApp',fieldName='Email
Address',fieldValue='sender's_email_address',displayToUser=false)
addExtAppField(appName='webcenter',name='NotificationSharedApp',fieldName='Your
Name',fieldValue='sender's_display_name',displayToUser=false)
4. Create a Mail connection:
createMailConnection(appName='webcenter',name='NotificationSharedConn',
imapHost='<mailserver>',imapPort=143,
smtpHost='<mailserver>',smtpPort=25,
imapSecured=false,smtpSecured=false,
appId='NotificationSharedApp',default=1)
This creates a mail connection named NotificationSharedConn.
5. Set Mail as the notifications channel:
setNotificationsConfig(appName='webcenter', type='MAIL',
name='NotificationSharedConn')
This sets NotificationSharedConn as the mail connection to use when sending
notifications.
6. For the changes to take effect, restart the managed server where WebCenter
Portal is deployed (WC_Portal by default).
7. Log in to WebCenter Portal, navigate to the About tab of the Profile page, and
verify that your e-mail address is set in the Email field. This is to ensure that
notifications are sent to the required e-mail address.
If the e-mail address is not set, click Edit, then in the Email field, specify your email address, and click Save.
8. Subscribe to the activities for which to receive notifications. For example, navigate
to the Preferences page, click Subscriptions, and then select Portal Management
to get notified about any membership or role changes.
9. Test your configuration by performing a subscribed activity. For example, change
your role from Portal Manager to another custom role to trigger a notification.
For more information about WLST commands, see WebCenter Portal Custom WLST
Commands in WebCenter WLST Command Reference.
15.4 Creating and Applying Custom Notification Templates
The notification messages that users receive through mail have a default format for
content and content presentation. As the application administrator, you can instead
create and apply custom templates to provide your own formats for notification
messages.
This section provides information about creating a custom template for notifications
messages. It includes the following subsections:
•
About Overwriting Default Notification Templates
•
Overwriting a Default Notifications Template
15-15
Chapter 15
Creating and Applying Custom Notification Templates
15.4.1 About Overwriting Default Notification Templates
You can go through MDS using WLST commands to customize the layout and content
of subscription-based notification messages by overwriting the files
defaultTemplate.xml (or defaultTemplate_rtl.xml—when right-to-left language support
is required).
You can create your own version of these xml files, editing the CSS styles for tables
(label, value, background) and footers (note). You can move such tags as <payload> and
<group-space-footer> to change the layout. To modify the content of these tags, you
can edit the CDATA section within <html-format>.
Note that the tag <text-format/> should always be present and empty. You can use
the tag <custom> to add additional content, where the enclosed <html-format> with
CDATA contains the new HTML content and <text-format/> remains empty.
The following example illustrates the default content of notification message template
files. You can use this to formulate your custom files.
Note:
Differences may appear between custom files particularly under the <style>
tag, where alignment—either right or left—is specified.
Example
<?xml version="1.0"?>
<notification-template xmlns="http://xmlns.oracle.com/webcenter/notification">
<!-- The CSS Style of the Notification -->
<style>
<text-format/>
<html-format>
<![CDATA[
<style type="text/css">
.title {font-size:1.2em; font-weight:bold;
white-space:nowrap;}
.label {text-align:right; margin-left:30px;
padding-right:10px; white-space:nowrap;}
.value {text-align:left; margin-right:20px;
padding-left:10px; white-space:nowrap;
width:100%;}
.note {font-size:0.8em; color:#999999}
.background {background-color:#fcfcfc}
</style>
]]>
</html-format>
</style>
<!-- The Subject line of the Notification -->
<subject>
<message-key>NOTIFICATION_SUBJECT</message-key>
</subject>
<group-space-subject>
<message-key>GROUP_SPACE_SUBJECT_SUFFIX</message-key>
15-16
Chapter 15
Creating and Applying Custom Notification Templates
</group-space-subject>
<!-- Actual srvc-specific data. Provided/Overridden by srvc template -->
<payload>
<text-format/>
<html-format/>
</payload>
<!-- Any generic/common footer to appear after service-specific payload -->
<!-- Group Space footer - if applicable -->
<group-space-footer>
<text-format/>
<html-format>
<![CDATA[
<p>
<a href="<token>groupSpaceUrl</token>" target="_blank">
<message-key>GO_TO_SPACE</messagekey>&nbsp;<token>
groupSpaceName</token>
</a>
</p>
]]>
</html-format>
</group-space-footer>
<!-- Unsubscribe footers -->
<unsubscribe-footer>
<text-format/>
<html-format>
<![CDATA[
<hr/>
<p class="note">
<token>unsubscribeMessage</token>
</p>
]]>
</html-format>
</unsubscribe-footer>
</notification-template>
<?xml version="1.0"?>
<notification-template xmlns="http://xmlns.oracle.com/webcenter/notification">
<!-- The CSS Style of the Notification -->
<style>
<text-format/>
<html-format>
<![CDATA[
<style type="text/css">
.title {font-size:1.2em; font-weight:bold;
white-space:nowrap;}
.label {text-align:left; margin-right:30px;
padding-left:10px; white-space:nowrap;}
.value {text-align:right; margin-left:20px;
padding-right:10px; white-space:nowrap;
width:100%;}
.note {font-size:0.8em; color:#999999}
.background {background-color:#fcfcfc}
</style>
]]>
</html-format>
</style>
15-17
Chapter 15
Creating and Applying Custom Notification Templates
<!-- The Subject line of the Notification -->
<subject>
<message-key>NOTIFICATION_SUBJECT</message-key>
</subject>
<group-space-subject>
<message-key>GROUP_SPACE_SUBJECT_SUFFIX</message-key>
</group-space-subject>
<!-- Actual srvc-specific data. Provided/Overridden by srvc template -->
<payload>
<text-format/>
<html-format/>
</payload>
<!-- Any generic/common footer to appear after service-specific payload -->
<!-- Group Space footer - if applicable -->
<group-space-footer>
<text-format/>
<html-format>
<![CDATA[
<p>
<a href="<token>groupSpaceUrl</token>" target="_blank">
<message-key>GO_TO_SPACE</messagekey>&nbsp;<token>
groupSpaceName</token>
</a>
</p>
]]>
</html-format>
</group-space-footer>
<!-- Unsubscribe footers -->
<unsubscribe-footer>
<text-format/>
<html-format>
<![CDATA[
<hr/>
<p class="note">
<token>unsubscribeMessage</token>
</p>
]]>
</html-format>
</unsubscribe-footer>
</notification-template>
15.4.2 Overwriting a Default Notifications Template
To overwrite a default notifications template (an xml file) to customize notification
message formats:
1. Create a directory in the format of: /tmp/repository/oracle/webcenter/notification/
custom/template
This will later be used to import the files into the MDS and override the original
application file.
15-18
Chapter 15
Testing the Notifications Connection
2. Inside the directory you created, create a custom XML file with the name
defaultTemplate.xml (or defaultTemplate_rtl.xml, for a right-to-left language
template).
3. Populate the custom file with your revised version of one of these default files.
4. Upload the custom file into WebCenter Portal's MDS repository using the
importMetadata() WLST command. Overwrite the original file, placing the custom
file where the absolute path to the file contains the namespace oracle/webcenter/
notification/custom.
For example:
importMetadata(application='webcenter', server='WC_Portal',
fromLocation='template-file-location', docs='/oracle/webcenter/notification/
custom/template/defaultTemplate.xml')
The template-file-location points to the directory under which the fully
qualified custom file is located. The fully qualified custom file is typically placed
under the directory structure equivalent to its namespace, inside the MDS
repository. For example, for a file created under the following namespace:
/tmp/repository/oracle/webcenter/notification/custom/template/defaultTemplate.xml
5. Upload the custom file into WebCenter Portal's MDS repository by running the
importMetadata() WLST command.
For example:
importMetadata(application='webcenter', server='WC_Portal',
fromLocation='template-file-location',
docs='/oracle/webcenter/notification/custom/template/defaultTemplate.xml')
The template-file-location points to the directory under which the fully qualified
custom file is located. The fully qualified custom file is typically placed under the
directory structure equivalent to its namespace.
For example, for a file that is created under the following namespace:
/tmp/repository/oracle/webcenter/notification/custom/template/defaultTemplate.xml
The fromLocation is /tmp/repository since the remaining sub-directory consists of
the namespace for the XML file. The namespace must have at least the path /
oracle/webcenter/notification/custom.
6. Restart WebCenter Portal.
Note:
For information about the importMetada and exportMetada WLST commands,
see Application Metadata Management Commands in WLST Command
Reference for Infrastructure Components.
15.5 Testing the Notifications Connection
In general, Notifications is dependent on the underlying Mail or BPEL connection being
valid when the administrator sets it. If these connections prove to be valid, then, by
extension, the Notifications connections requirements are met.
15-19
Chapter 15
Testing the Notifications Connection
Tip:
For information about testing Mail connections, see Testing Mail Server
Connections.
15-20
16
Managing the SOA Connection for
WebCenter Portal Membership Workflows
Configure and manage the SOA connection for membership workflow notifications
from WebCenter Portal to appear in Oracle BPM Worklist.
Always use Fusion Middleware Control or WLST command-line tool to review and
configure back-end servers for WebCenter Portal. Any changes that you make to
WebCenter Portal post-deployment are stored in MDS metadata store as
customizations.
Note:
Changes that you make to the SOA connection through Fusion Middleware
Control or using WLST are not dynamic, so you must restart the managed
server on which WebCenter Portal is deployed for your changes to take effect.
See Starting and Stopping Managed Servers for WebCenter Portal Application
Deployments.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role in the deployed application:
•
WebCenter Portal: Administrator role granted through WebCenter Portal
Administration.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
For troubleshooting issues with BPM worklists, see Email Notifications Not
Working
Topics:
•
Configuration Roadmap for WebCenter Portal Workflows
•
About BPEL Connections
•
BPEL Server Prerequisites
•
Specifying the BPEL Server Hosting WebCenter Portal Workflows
•
Configuring WebCenter Portal Workflow Notifications to be Sent by Email
•
Excluding Webcenter Portal Workflows URL in OAM
16-1
Chapter 16
Configuration Roadmap for WebCenter Portal Workflows
16.1 Configuration Roadmap for WebCenter Portal
Workflows
Table 16-1 in this section provides an overview of the prerequisites and tasks required
to use Oracle BPM Worklist in WebCenter Portal.
Table 16-1
Configuring Workflows for WebCenter Portal
Actor
Task
Link
Administrator
1. Install WebCenter Portal and
Oracle SOA Suite
•
•
Administrator
Administrator
Preparing to Install and
Configure Oracle
WebCenter Portal in
Installing and Configuring
Oracle WebCenter Portal
Preparing to Install and
Configure Oracle SOA
Suite and Oracle Business
Process Management in
Installing and Configuring
Oracle SOA Suite and
Business Process
Management
2. Create the BPEL connection and
enable the WebCenter Portal
Workflow using either:
•
Fusion Middleware Control
•
WLST: Use
createBPELConnection to create
the BPEL connection and
setSpacesWorkflowConnectionN
ame to enable the workflow
•
3. Deploy the WebCenter Portal
workflows:
•
sca_CommunityWorkflows.jar,
which is available at /
Oracle_Home/wcportal/common/
soa-composite/wcp/
•
WebCenterWorklistDetailApp.e
ar, which is available at
Oracle_Home/wcportal/
webcenter/applications/
WebCenterWorklistDetailApp.e
ar
Deploying and Managing SOA
Composite Applications in
Administering Oracle SOA
Suite and Oracle Business
Process Management Suite
•
Fusion Middleware
Control: Specifying the
BPEL Server Hosting
WebCenter Portal
Workflows.
WLST:
createBPELConnection
and setBPELConnection in
WebCenter WLST
Command Reference.
Note: During the SOA installation, if
you select the option Oracle
Webcenter Portal Composites 12.2.1.0 [wcportal] on the Templates
page,
WebCenterWorklistDetailApp.ear
gets deployed.
16-2
Chapter 16
About BPEL Connections
Table 16-1
(Cont.) Configuring Workflows for WebCenter Portal
Actor
Task
Link
Administrator
4. Configure the BPEL server to use
the same identity store as
WebCenter Portal
Configuring the Identity Store
Administrator
5. Secure the connection to the BPEL
server
•
•
•
•
End User
5.a (Optional) Configure Single
Sign-On
If using OAM R2 or later,
exclude Webcenter Portal
Workflows URL
5.b Configure WS-Security
5.c (Optional) Configure SSL
6. Test that the integration to the
Oracle BPM Worklist application is
working in WebCenter Portal
•
•
•
•
6.a In WebCenter Portal, create
a portal and invite members.
6.b Log in to Oracle BPM
Worklist and view the worklist
items.
6.c Select the invitation worklist
item and click Accept.
6.d Log out and then log in as
the portal manager and view the
Members tab. Confirm that the
user is now a member in the
selected role and the status is
not set to Invited anymore.
•
•
•
•
•
5.a Configuring Single
Sign-On
If using OAM R2 or
later:Excluding Webcenter
Portal Workflows URL in
OAM
5.bConfiguring Web
Services Security
5.cConfiguring SSL
6.a Managing Members
and Assigning Roles in a
Portal in Building Portals
with Oracle WebCenter
Portal.
6.c Using Oracle BPM
Worklist in Developing
SOA Applications with
Oracle SOA Suite
6.d
Inviting a Registered User
in Building Portals with
Oracle WebCenter Portal.
16.2 About BPEL Connections
Consider the following while working with BPEL connections:
•
By configuring a default BPEL server, WebCenter Portal users can manage
memberships through notifications that can be viewed in the SOA BPM worklist.
For more information, see Using Oracle BPM Worklist in Developing SOA
Applications with Oracle SOA Suite.
•
WebCenter Portal workflows require a single connection to the BPEL server
included with the Oracle SOA Suite. For more information, see Specifying the
BPEL Server Hosting WebCenter Portal Workflows.
16.3 BPEL Server Prerequisites
Consider the following to ensure smooth functioning of worklists:
•
Make sure that the Oracle BPM Worklist application is part of the SOA server. The
URL is in the following format:
16-3
Chapter 16
BPEL Server Prerequisites
http://host:port/integration/worklistapp
If Oracle BPM Worklist is not running in the same domain as the Oracle SOA Suite
BPEL server, then the identity store (LDAP) should be either shared
(recommended) or contain identical user names.
•
Clocks on the WebCenter managed server and the Oracle SOA Suite BPEL's
managed server must be synchronized such that the SAML authentication
condition, NotBefore, which checks the freshness of the assertion, is not breached.
•
No configuration-related exceptions must exist. Use the WLST command
listWorklistConnections to display the configured connections and validate the
connection details. After listing the connections, validate them using the URL
property appended with /integration/worklistapp. Hence, verify that http://
host:port/integration/worklistapp can access the Oracle BPM Worklist
application.
•
If the Oracle SOA Suite BPEL's managed server is configured to use an identity
store and that store does not contain BPMWorkflowAdmin, weblogic by default, then
the BPMWorkflowAdmin user must be configured, as described in Enabling the
weblogic User for Logging in to the Worklist in Developing SOA Applications with
Oracle SOA Suite
•
The wsm-pm application must be running on both worklists and Oracle SOA Suite's
BPEL server's managed servers without any issues. This can be validated through
the URL:
http://host:port/wsm-pm/validator
For information on how to resolve BPEL server issues, see Troubleshooting
WebCenter Portal Workflows.
This section includes the following subsections:
•
BPEL Server - Installation and Configuration
•
BPEL Server - Security Considerations
16.3.1 BPEL Server - Installation and Configuration
WebCenter Portal uses the BPM Worklists on the Oracle BPEL Process Manager
(BPEL) server, which is included with Oracle SOA Suite.
To work with worklist, you must install Oracle SOA Suite. For information about how to
install Oracle SOA Suite, see Preparing to Install and Configure Oracle SOA Suite and
Oracle Business Process Management in Installing and Configuring Oracle SOA Suite
and Business Process Management.
After installing Oracle SOA Suite, you can configure WebCenter Portal to use the
BPEL server for viewing and managing worklists.
16.3.2 BPEL Server - Security Considerations
Worklists display tasks for the currently authenticated user. For portal users to store
and retrieve tasks on an Oracle SOA Suite BPEL server, their user names must either
exist in a shared user directory (LDAP), or be set up similarly on both the BPEL Server
and WebCenter Portal.
16-4
Chapter 16
Specifying the BPEL Server Hosting WebCenter Portal Workflows
For example, if the user rsmith wants to store and retrieve tasks from the BPEL server,
you must ensure that the user rsmith exists on both the BPEL server and within
WebCenter Portal.
To access BPEL worklist task details sent from WebCenter Portal, without incurring
additional login prompts, WebCenter Portal and Oracle SOA Suite servers must be
configured to a shared Oracle Single Sign-On server.
For a secure connection you can configure WS-Security between SOA and
WebCenter Portal.
16.4 Specifying the BPEL Server Hosting WebCenter Portal
Workflows
WebCenter Portal uses the BPEL server included with the Oracle SOA Suite to host
internal workflows, such as worklists, portal membership notifications, portal
subscription requests, and so on. To enable workflow functionality for WebCenter
Portal, a connection to this BPEL server is required.
Note:
WebCenter Portal workflows must be deployed on the SOA managed server
that WebCenter Portal is configured to use. See also, Back-End Requirements
for WebCenter Portal Workflows in Installing and Configuring Oracle
WebCenter Portal.
To configure a connection for worklist notifications:
1. Log in to Fusion Middleware Control, and navigate to the home page for
WebCenter Portal.
2. From the WebCenter Portal menu, select Settings, then Application
Configuration.
16-5
Chapter 16
Specifying the BPEL Server Hosting WebCenter Portal Workflows
Figure 16-1
WebCenter Portal Application Configuration Menu
The Application Settings page opens.
Figure 16-2
Choosing the BPEL Server Where Workflows are Deployed
3. In the BPEL SOAP URL field, specify the name of the SOA server for worklists.
The SOA server name that you specify here will contain the BPM worklists for
WebCenter Portal.
4. Select Enable WebCenter Portal Workflows.
5. Click Apply.
6. Restart WC_Portal, the managed server on which the WebCenter Portal application
is deployed, to effect this change.
16-6
Chapter 16
Configuring WebCenter Portal Workflow Notifications to be Sent by Email
16.5 Configuring WebCenter Portal Workflow Notifications to
be Sent by Email
WebCenter Portal provides human workflows (requiring human interaction), which are
integrated with SOA workflows. The SOA server can configure email so that
notifications are delivered to a user's inbox, where the user can accept or reject the
notification.
This section briefly explains how to enable email notifications and configure your mail
server details to have WebCenter Portal workflow notifications sent to users by email.
For a more detailed description, see Configuring Human Workflow Notification
Properties in Administering Oracle SOA Suite and Oracle Business Process
Management Suite.
1. Use Fusion Middleware Control to update SOA to enable email notifications. Under
the SOA server, select SOA Administration, then Workflow Properties, as
shown in the figure.
Figure 16-3
SOA Administration - Workflow Config
2. With Email selected as the Notification Mode, provide valid email accounts to
use.
16-7
Chapter 16
Excluding Webcenter Portal Workflows URL in OAM
Figure 16-4
Email Notification Mode Properties
3. Click Go to the Messaging Driver page.
4. Select the Configure Driver icon for your User Messaging Email Driver.
Figure 16-5
Associated Drivers
5. To configure your email driver for notifications, see Configuring an Email Driver for
Notifications in Using Oracle Managed File Transfer.
6. After you finish, save the configuration updates and restart the SOA managed
server. (No configuration or restart is required for WebCenter Portal.)
When a user is invited to join a portal, they are sent an email including Accept or
Reject links to the invitation.
Note:
To test notifications, in the portal administration settings Members page, you
can add people and edit email notification messages. For more information,
see Managing Members and Assigning Roles in a Portal in Building Portals
with Oracle WebCenter Portal.
16.6 Excluding Webcenter Portal Workflows URL in OAM
When the Oracle SOA Suite BPEL server is configured to use OAM 11g R2 or later,
WebCenter Portal Workflows endpoints need to be excluded from the OAM server.
To exclude WebCenter Portal Workflows endpoints in OAM 11g R2 or later:
1. Open the OAM Admin Console.
2. Navigate to your application domain.
3. Open the Resources tab, and click Create.
4. Create a resource of the type HTTP.
16-8
Chapter 16
Excluding Webcenter Portal Workflows URL in OAM
5. For Resource URL, enter:
/soa-infra/services/default/CommunityWorkflows/**
6. Set the Protection Level to Excluded.
7. Create another HTTP type resource and specify the Resource URL as:
/soa-infra/services/default/CommunityWorkflows*
8. Set the Protection Level to Excluded.
9. Click Apply.
10. Restart OHS.
16-9
Chapter 16
Excluding Webcenter Portal Workflows URL in OAM
16-10
17
Managing Portlet Producers
Register a WSRP portlet producer so that its portlets can be consumed in WebCenter
Portal, and deploy WSRP portlet producer applications.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role in WebCenter Portal granted through WebCenter
Portal Administration.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
Topics:
•
About Portlet Producers
•
Registering WSRP Producers
•
Testing WSRP Producer Connections
•
Editing WSRP Producer Registration Details
•
Deregistering WSRP Portlet Producers
•
Deploying Portlet Producer Applications
•
Managing Oracle PDK-Java Portlet Producers
17.1 About Portlet Producers
WebCenter Portal enables you to expose functionality from other applications in your
portals by consuming portlets provided by those applications. A portal can consume
portlets provided by a third party, such as a packaged-application vendor, as well as
those that are built using WebCenter Portal or other Oracle products.
Table 17-1 lists some of the products supported as portlet producers within
WebCenter Portal.
By default, users with the Administrator role have the AppConnectionManager role; and
therefore, application administrators can configure Portlet Producers through the
WebCenter Portal Administration Console. For more information on
AppConnectionManager role, see Default Application Roles.
17-1
Chapter 17
About Portlet Producers
Table 17-1
Supported Portlet Producers
Portlet Producer
Supported?
Notes
Oracle WebLogic Portal
Yes
For more information, see
Exporting Java Portlets for
Use on Other Systems in
Portlet Development Guide
for Oracle WebLogic Portal.
Oracle WebCenter
Interaction
N/A
E-Business Suite application
Yes
For more information, see
Integrating E-Business Suite
Applications
Peoplesoft application
Yes
For more information, see
Integrating PeopleSoft
Applications.
JD Edwards application
Yes
For more information, see
Integrating JD Edwards
Applications.
Note:
WSRP producers built by a third party and consumed by WebCenter Portal
should function correctly provided:
•
The producer does not rely on any vendor-specific extensions to WSRP.
•
The portlets do not make assumptions about the application in which they
are consumed, for example by expecting a particular JavaScript method to
exist in the page.
Application administrators can register and manage portlet producers at runtime
through out-of-the-box administration pages or from any page that includes the Portlet
Producer task flow.
System administrators can use Fusion Middleware Control or the WLST command-line
tool to register and manage portlet producers for WebCenter Portal.
Consider the following while working with portlet producers:
•
Some out-of-the-box producers are provided with WebCenter Portal: OmniPortlet
and WSRP Tools. The following EAR files are packaged with WebCenter Portal:
–
portalTools.ear - OmniPortlet
–
wsrp-tools.ear - WSRP Tools
You can install the portalTools.ear and wsrp-tools.ear files using the
registerOOTBProducers WLST command. For command syntax and examples, see
registerOOTBProducers in WebCenter WLST Command Reference.
17-2
Chapter 17
Registering WSRP Producers
•
Before users can add JSR 286 portlets to a page, you must register the owning
WSRP producers. See registerSampleProducers in WebCenter WLST Command
Reference.
•
The Oracle Portlet Producer product (server) must be installed in the production
environment and the wsrp-tools and portalTools URLs must be accessible. If the
Oracle Portlet Producer is not installed, see Extending an Existing Domain in
Installing and Configuring Oracle WebCenter Portal to install it in the production
environment.
•
When you create a connection to a portlet producer, the producer is registered
with WebCenter Portal and the connection is added to the connections.xml file. For
WRSP producers, a web service connection is also created, which follows the
naming convention, connectionname-wsconn. During registration, connection
metadata is created in the Oracle Metadata Services (MDS) repository and in the
producer being registered. When a producer's portlets are consumed, the user
customizations are saved to the producer. During deregistration the producer
connection and customizations are removed.
•
All post deployment connection configuration is stored in MDS.
•
Portlet producer registration is dynamic. New portlet producers and updates to
existing producers are immediately available in WebCenter Portal; it is not
necessary to restart WebCenter Portal or the managed server.
•
To migrate producers from one instance to another, use the migration utilities
described in Migrating a WSRP Producer Persistence Store in Developing for
Oracle WebCenter Portal.
•
For information on securing portlet producers, see Securing a WSRP Producer.
•
For information about portlet producers created using Oracle PDK-Java, see
Managing Oracle PDK-Java Portlet Producers.
17.2 Registering WSRP Producers
When you register a WSRP portlet producer, you provide basic information that
describes the producer’s operational paramters. This information is used by
WebCenter Portal to communicate with the producer and with the portlets through the
producer.
WebCenter Portal supports both WSPR 1.0 and WSRP 2.0 producers. The WSRP 2.0
standard provides support for, among other things, interportlet communication and
export and import of portlet customizations. You can leverage the benefits of WSRP
2.0 while building standard-based JSR 286 portlets.
WebCenter Portal provides several tools for registering WSRP producers with
deployed applications.
This section includes the following topics:
•
Registering a WSRP Producer Using Fusion Middleware Control
•
Registering a WSRP Producer Using WLST
•
Adding a Grant to the Policy Store for a Mapped User Identity
•
Registering a WSRP Portlet Producer in WebCenter Portal
You can also register portlet producers that have been developed using Oracle PDKJava. For more information, see Registering an Oracle PDK-Java Portlet Producer.
17-3
Chapter 17
Registering WSRP Producers
17.2.1 Registering a WSRP Producer Using Fusion Middleware
Control
You can register a WSRP portlet producer using Fusion Middleware Control.
To register a WSRP portlet producer using Fusion Middleware Control:
1. Log in to Fusion Middleware Control and navigate to the home page for the
WebCenter Portal application. See Navigating to the Home Page for WebCenter
Portal.
2. From the WebCenter Portal menu, select Settings and then Service
Configuration.
3. In the Add Portlet Producer Connection section, enter connection details for the
WSRP producer.
For detailed parameter information, see WSRP Producer Connection Parameters.
4. Use the Security section to specify the type of security token to use for the identity
propagation/assertion.
For detailed parameter information, see WSRP Producer Security Connection
Parameters.
The security token with the propagated or asserted user information is represented
as an XML element in the SOAP header. The security token and the SOAP
message body are then digitally signed to prove the authenticity of the SOAP
message origin from WebCenter Portal. WebCenter Portal supports six types of
security token:
•
WSS 1.0 Username Token Without Password
•
WSS 1.0 Username Token With Password
•
WSS 1.0 SAML Token
•
WSS 1.0 SAML Token With Message Integrity
•
WSS 1.0 SAML Token With Message Protection
•
WSS 1.1 SAML Token With Message Protection
SAML is an abbreviation for Security Assertion Markup Language. For more
information about each of these security tokens, see WSRP Producer Security
Connection Parameters.
Note:
PeopleSoft WSRP producers support two profiles: Username Token With
Password and SAML Token With Message Integrity. Other Oracle WSRP
producers support all six profiles. For other WSRP containers, check with the
specific vendor to determine the token formats they support.
5. Use the Keystore section to specify the location of the keystore that contains the
certificate and private key that is used for signing some parts (security token and
SOAP message body) of the SOAP message.
17-4
Chapter 17
Registering WSRP Producers
Only configure these properties if you want to override the configuration specified
for the domain.
For detailed parameter information, see WSRP Producer Keystore Connection
Parameters.
6. Click OK.
The new producer appears in the connection table.
17.2.2 Registering a WSRP Producer Using WLST
Use the WLST command registerWSRPProducer to create a connection to a
WSRP portlet producer and register the producer with WebCenter Portal.
Note:
When you use the WLST command listWSRPProducers, you must edit
the $ORACLE_HOME/oracle_common/common/bin/setWlstEnv.sh and append the
following to JVM_ARGS:
-"Dcom.sun.xml.namespace.QName.useCompatibleSerialVersionUID=1.0"
For command syntax and examples, see registerWSRPProducer in the WebCenter
WLST Command Reference.
See Also:
deregisterWSRPProducer, listWSRPProducers, refreshProducer,
registerOOTBProducers, registerSampleProducers
For information on how to run WLST commands, see Running Oracle WebLogic
Scripting Tool (WLST) Commands.
17.2.3 Adding a Grant to the Policy Store for a Mapped User Identity
If you are using the Default User field to map an alternative user identity you must
also add a grant to the policy store.
To add a grant to the policy store do one of the following:
Note:
Replace MyAppID with the name of the client application, including the version
number if any.
•
Add the following grant directly to the policy store:
17-5
Chapter 17
Registering WSRP Producers
<grant>
<grantee>
<codesource>
<url>file:${common.components.home}/modules/oracle.wsm.agent.common_11.1.1/
wsm-agent.jar</url>
</codesource>
</grantee>
<permissions>
<permission>
<class>oracle.wsm.security.WSIdentityPermission</class>
<name>resource=MyAppID</name>
<actions>assert</actions>
</permission>
<permissions>
<grant>
•
Grant the permission by running the grantPermission WLST command.
For example:
grantPermission(codeBaseURL='file:${common.components.home}/modules/
oracle.wsm.agent.common_11.1.1/wsm-agent.jar',
permClass='oracle.wsm.security.WSIdentityPermission',
permTarget='resource=MyAppID', permActions='assert')
For command syntax and examples, see grantPermission in Infrastructure Security
WLST Command Reference. For information on how to run WLST commands, see
Running Oracle WebLogic Scripting Tool (WLST) Commands.
17.2.4 Registering a WSRP Portlet Producer in WebCenter Portal
You can register a WSRP portlet producer in WebCenter Portal Administration.
To register a WSRP producer in WebCenter Portal:
1. On the Settings page (see Accessing the Settings Pages in WebCenter Portal
Administration), click Tools and Services.
You can also enter the following URL in your browser to navigate directly to the
Tools and Services pages:
http://host:port/webcenter/portal/admin/settings/tools
See Also:
WebCenter Portal Pretty URLs in Building Portals with Oracle WebCenter
Portal.
2. Click Portlet Producers.
3. On the menu bar, click Register.
4. In the Register Portlet Producer page, enter connection details for the WSRP
portlet producer.
For details, see WSRP Producer Connection Parameters.
5. Use the Security section to specify the type of security token to use for the identity
propagation/assertion.
17-6
Chapter 17
Registering WSRP Producers
For details, see WSRP Producer Security Connection Parameters.
The security token with the propagated or asserted user information is represented
as an XML element in the SOAP header. The security token and the SOAP
message body are then digitally signed to prove the authenticity of the SOAP
message origin from the WebCenter Portal application. WebCenter Portal supports
six types of security token.
•
WSS 1.0 Username Token Without Password
•
WSS 1.0 Username Token With Password
•
WSS 1.0 SAML Token
•
WSS 1.0 SAML Token With Message Integrity
•
WSS 1.0 SAML Token With Message Protection
•
WSS 1.1 SAML Token With Message Protection
SAML is an abbreviation for Security Assertion Markup Language. For more
information about each of these security tokens, see WSRP Producer Security
Connection Parameters.
6. Click Test to verify that the server details you provided are correct.
If the server is contactable, a success message is displayed. If the server is down
or the host information is incorrect or no longer valid, a connection failure message
is displayed.
Note:
The test performs a simple server (host/port) PING test. Anything in the path
after the host:port is ignored. To verify whether the producer is accessible,
access the producer's test page in your browser. For more information, see
Testing WSRP Producer Connections.
7. Click Ok.
17.2.5 WSRP Producer Connection Parameters
When you register a WSRP portlet producer, there are several connection parameters
that you must set.
Table 17-2
WSRP Portlet Producer Connection Parameters
Field
Description
Connection Name
Enter a unique name to identify this portlet
producer registration within WebCenter
Portal. The name must be unique across all
WebCenter Portal connection types.
The name you specify here appears in the
resource catalog (under the Portlets folder).
Producer Type
Select WSRP Producer.
17-7
Chapter 17
Registering WSRP Producers
Table 17-2
(Cont.) WSRP Portlet Producer Connection Parameters
Field
Description
WSDL URL
Enter the registration URL for the WSRP
producer.
The syntax varies according to your WSRP
implementation. For example, possible URL
formats for a portlet deployed to the Oracle
WSRP container include:
http://host:port/context_root/portlets/
wsrp2?WSDL
http://host:port/context_root/portlets/
wsrp1?WSDL
http://host:port/context_root/
portlets/?WSDL (WSRP 1.0 for backward
compatibility)
Where:
•
•
•
•
host is the server where your producer is
deployed.
port is the HTTP listener port number
context_root is the web application’s
context root
portlets/wsrp(1|2)?WSDL is static text.
All producers deployed to the Oracle
WSRP container are exposed as WSRP
version 1 and version 2 producers.
In WebCenter Portal, only version 2
WSDLs are supported for Oracle
WebLogic Portal producers.
For example:
http://myhost.com:7778/MyPortletApp/
portlets/wsrp2?WSDL
For WSRP producers, you can obtain this
registration URL by accessing the producer
test page at:
http://host:port/context_root/info
Use Proxy?
Select if WebCenter Portal must use an
HTTP proxy when contacting this producer. If
selected, enter values for Proxy Host and
Proxy Port.
A proxy is required when WebCenter Portal
and the remote portlet producer are
separated by a firewall and an HTTP proxy is
needed to communicate with the producer.
Proxy Host
Enter the host name or IP address of the
proxy server.
Do not prefix http:// to the proxy server
name.
Proxy Port
Enter the port number on which the proxy
server listens. The default port is 80.
17-8
Chapter 17
Registering WSRP Producers
Table 17-2
(Cont.) WSRP Portlet Producer Connection Parameters
Field
Description
Default Execution Timeout (Seconds)
Enter a suitable timeout for communications
with the producer, in seconds. For example,
the maximum time the producer may take to
register, deregister, or display portlets on
WebCenter Portal pages. The default is 30
seconds.
Individual portlets may define their own
timeout period, which takes precedence over
the value expressed here.
17.2.6 WSRP Producer Security Connection Parameters
When you register a WSRP portlet producer, there are some security settings that you
can specify.
Table 17-3
WSRP Portlet Producer Security Connection Parameters
Field
Description
Token Profile
Select the type of token profile to use for
authentication with this WSRP producer.
Select from:
•
WSS 1.0 SAML Token With Message
Integrity
•
WSS 1.0 SAML Token With Message
Protection
•
WSS 1.0 Username Token Without
Password
•
WSS 1.0 Username Token With
Password
•
WSS 1.0 SAML Token
•
WSS 1.1 SAML Token with Message
Protection
•
None
For a description of each of these options,
see Table 17-4
Configuration
Select:
•
Default to use a default token profile
configuration.
•
Custom to provide a custom Oracle Web
Service Manager configuration.
Additional security options display (including
all the keystore properties) when you select
Custom.
17-9
Chapter 17
Registering WSRP Producers
Table 17-3
(Cont.) WSRP Portlet Producer Security Connection Parameters
Field
Description
Issuer Name
Enter the name of the issuer of the SAML
Token.
For example: www.example.com
The issuer name is the attesting entity that
vouches for the verification of the subject,
and it must be a trusted SAML issuer on the
producer end.
Valid for: WSS 1.0 SAML Token With
Message Integrity, WSS 1.0 SAML Token
With Message Protection. WSS 1.0 SAML
Token, WSS 1.1 SAML Token with Message
Protection.
Default User
Enter a user name to assert to the remote
producer when the user is not authenticated
with the WebCenter Portal application.
When unauthenticated, the identity
anonymous is associated with the application
user. The value anonymous may be
inappropriate for the remote producer, so it
may be necessary to specify an alternative
identity here. Keep in mind though, that in this
case, WebCenter Portal has not
authenticated the user so the default user you
specify should be a low privileged user in the
remote producer. If the user has
authenticated to the application, the user's
identity is asserted rather than the default
user.
The remote WSRP producer must be set up
to accept this information. You must also add
a grant to the policy store as described in
Adding a Grant to the Policy Store for a
Mapped User Identity.
Valid for: WSS 1.0 SAML Token With
Message Integrity, WSS 1.0 SAML Token
With Message Protection, WSS 1.0 SAML
Token, WSS 1.1 SAML Token with Message
Protection and WSS 1.0 Username Without
Password.
Associated External Application (Username
With Password)
If this producer uses an external application
for authentication, use the Associated
External Application dropdown list to
identify the application. If the application you
want is not listed, select Create New to
define the external application now.
Valid for: WSS 1.0 Username With Password
only.
17-10
Chapter 17
Registering WSRP Producers
Table 17-4
Token Profiles Options
Token Profile
Description
WSS 1.0 SAML Token With Message
Integrity
This policy provides message-level integrity
protection and SAML-based authentication
for outbound SOAP requests in accordance
with the WS-Security 1.0 standard. A SAML
token, included in the SOAP message, is
used in SAML-based authentication with
sender vouches confirmation. This policy
uses WS-Security's Basic 128 suite of
asymmetric key technologies and SHA-1
hashing algorithm for message integrity.
wss10_saml_token_with_message_integrity
_client_policy
WSS 1.0 SAML Token With Message
Protection
oracle/
wss10_saml_token_with_message_protectio
n_client_policy
WSS 1.0 Username Token Without Password
oracle/
wss10_username_id_propagation_with_msg_
protection_client_policy
This policy provides message-level protection
(integrity and confidentiality) and SAMLbased authentication for outbound SOAP
requests in accordance with the WS-Security
1.0 standard. The web service consumer
includes a SAML token in the SOAP header
and the confirmation type is sender-vouches.
This policy uses WS-Security's Basic 128
suite of asymmetric key technologies.
Specifically, RSA key mechanisms for
message confidentiality, SHA-1 hashing
algorithm for message integrity, and AES-128
bit encryption.
This policy provides user name (with
password) token profile based identity
propagation with certificate based message
protection for outbound SOAP requests in
accordance with the WS-Security 1.0
standard. Credentials (user name only) are
included in outbound SOAP request
messages through a WS-Security
UsernameToken header. No password is
included. Message protection is provided
using WS-Security 1.0's Basic 128 suite of
asymmetric key technologies. Specifically,
RSA key mechanisms for message
confidentiality, SHA-1 hashing algorithm for
message integrity, and AES-128 bit
encryption.
17-11
Chapter 17
Registering WSRP Producers
Table 17-4
(Cont.) Token Profiles Options
Token Profile
Description
WSS 1.0 Username Token With Password
This policy provides user name (with
password) token profile based identity
propagation with certificate based message
protection for outbound SOAP requests in
accordance with the WS-Security v1.0
standard. Both plain text and digest
mechanisms are supported. This policy uses
WS-Security's Basic 128 suite of asymmetric
key technologies. Specifically, RSA key
mechanism for message confidentiality,
SHA-1 hashing algorithm for message
integrity, and AES-128 bit encryption.
oracle/
wss10_username_token_with_message_prote
ction_client_policy
Use this token profile if the WSRP producer
has a different identity store. You will need to
define an external application pertaining to
the producer and associate the external
application with this producer.
WSS 1.0 SAML Token
oracle/wss10_saml_token_client_policy
This policy provides SAML-based
authentication for outbound SOAP request
messages in accordance with the WSSecurity 1.0 standard. The policy propagates
user identity and is typically used in intra
departmental deployments where message
protection and integrity checks are not
required.
This policy does not require any keystore
configuration.
WSS 1.1 SAML Token with Message
Protection
oracle/
wss11_saml_token_with_message_protectio
n_client_policy
None
This policy provides message-level protection
(integrity and confidentiality) and SAML token
population for outbound SOAP requests in
accordance with the WS-Security 1.1
standard. A SAML token, included in the
SOAP message, is used in SAML-based
authentication with sender vouches
confirmation. This policy uses the symmetric
key technology for signing and encryption,
and WS-Security's Basic 128 suite of
asymmetric key technologies for endorsing
signatures.
No token. If None is selected, no WSSecurity header is attached to the SOAP
message.
17.2.7 WSRP Producer Keystore Connection Parameters
When you register a WSRP portlet producer, you can specify the location of the
keystore that contains the certificate and private key that is used for signing the SOAP
message.
17-12
Chapter 17
Testing WSRP Producer Connections
Table 17-5
WSRP Producer Key Store Connection Parameters
Field
Description
Recipient Alias
Specify the keystore alias that is associated
with the producer's certificate.
This certificate is used to encrypt the
message to the producer.
Store Path
Enter the absolute path to the keystore that
contains the certificate and the private key
that is used for signing or encrypting the
SOAP message (security token and message
body). The signature, encryption, and
recipient keys described in this table must be
available in this keystore.
The keystore file specified must be created
using JDK's keytool utility.
Password
Provide the password to the keystore that
was set when the keystore was created. The
producer is not available if a password is not
specified or incorrect.
Signature Key Alias
Enter the signature key alias.
The Signature Key Alias is the identifier for
the certificate associated with the private key
that is used for signing.
Signature Key Password
Enter the password for accessing the key
identified by the alias specified in Signature
Key Alias.
Encryption Key Alias
Enter the key alias used by the producer to
encrypt the return message. A valid value is
one of the key aliases that is located in the
specified keystore.
This property is optional. If not specified, the
producer uses the signing key for encrypting
the return message.
Encryption Key Password
Enter the password for accessing the
encryption key.
17.3 Testing WSRP Producer Connections
You can test a WSRP portlet producer connection to confirm that the producer is up
and running.
1. Obtain the producer URL from:
http://host:port/context_root/info
For a WSRP v2 producer connection, the producer URL format is:
http://host:port/context_root/portlets/wsrp2?WSDL
For example:
17-13
Chapter 17
Editing WSRP Producer Registration Details
http://example.com:7778/MyPortletApp/portlets/wsrp2?WSDL
For a WSRP v1 producer connection, the producer URL format is:
http://host:port/context_root/portlets/wsrp1?WSDL
For example:
http://example.com:7778/MyPortletApp/portlets/wsrp1?WSDL
2. Run the producer URL in a browser window.
17.4 Editing WSRP Producer Registration Details
WebCenter Portal provides several tools for editing WSRP portlet producer registration
details.
This section includes the following topics:
•
About Editing WSRP Producer Registration Details
•
Editing WSRP Producer Registration Details Using Fusion Middleware Control
•
Editing Producer Registration Details Using WLST
•
Editing WSRP Producer Registration Details in WebCenter Portal
•
Migrating WSRP Producer Metadata to a New WSDL URL
•
Editing the Portlet Client Configuration
For information about how to edit Oracle PDK-Java portlet producer registration
details, see Editing Oracle PDK-Java Portlet Producer Registration Details.
17.4.1 About Editing WSRP Producer Registration Details
You can update producer registration details at any time.
If a producer moves to a different location, then you must reconfigure any connections
you have defined to this producer. You can use Fusion Middleware Control or WLST
to edit the WDSL URL property.
To retain all the portlet customizations and personalizations that users make while
working with WebCenter Portal, you must also migrate producer customizations and
personalizations to the producer's new location. Use the WLST commands
exportPortletClientMetadata and importPortletClientMetadata to
migrate portlet client metadata to a different location.
See Backing Up and Restoring Portlet Producer Metadata.
17.4.2 Editing WSRP Producer Registration Details Using Fusion
Middleware Control
You can edit WSRP producer registration details using Fusion Middleware Control.
To update connection details for a portlet producer using Fusion Middleware Control:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal. See Navigating to the Home Page for WebCenter Portal.
2. From the WebCenter Portal menu, select Settings and then Service
Configuration.
17-14
Chapter 17
Editing WSRP Producer Registration Details
3. From the list of services on the WebCenter Portal Service Configuration page,
select Portlet Producers.
4. In the Manage Portlet Producer Connections section, select the producer you want
to modify, and click Edit.
5. In the Edit Portlet Producer Connection section, modify connection details, as
required.
For more information, see WSRP Producer Connection Parameters.
6. Click OK.
17.4.3 Editing Producer Registration Details Using WLST
Use the WLST command setWSRPProducer to edit WSRP portlet producer connection
details.
For command syntax and examples, see setWSRPProducer in WebCenter WLST
Command Reference.
For information on how to run WLST commands, see Running Oracle WebLogic
Scripting Tool (WLST) Commands.
17.4.4 Editing WSRP Producer Registration Details in WebCenter
Portal
In WebCenter Portal, you can access and revise many of the registration details
provided for a portlet producer.
To edit portlet producer registration details in WebCenter Portal:
1. Open WebCenter Portal Administration.
For more information, see Accessing the Settings Pages in WebCenter Portal
Administration.
2. Click Tools and Services, and then select Portlet Producers.
Alternatively, use the following URL, and then select Portlet Producers:
http://host:port/webcenter/portal/admin/tools
3. Select the portlet producer that you want to edit.
4. On the menu bar, click Edit.
5. Edit the producer registration properties as required
For details, see WSRP Producer Connection Parameters and WSRP Producer
Security Connection Parameters.
You cannot edit the Producer Name or Producer Type.
17-15
Chapter 17
Editing WSRP Producer Registration Details
Note:
While it is possible to edit the value of the WSDL URL, for example, if the
producer port has changed, you can point to a different producer only if the
new producer has access to the persistence store of the old producer, or if the
persistence store of the old producer has been migrated to that of the new
producer. For more information, see Backing up and Restoring Other Schema
Data (ACTIVITIES and PORTLET).
6. When you have changed all the necessary settings, you can click Test to verify that
the server details you provided are correct.
If the server is contactable, a success message is displayed. If the server is down
or the host information is incorrect or no longer valid, a connection failure message
is displayed.
Note:
The test performs a simple server (host/port) PING test. Anything in the path
after the host:port is ignored. To verify whether the producer is accessible,
access the producer's test page in your browser. For more information, see
Testing WSRP Producer Connections.
7. When you are done, click Ok.
17.4.5 Migrating WSRP Producer Metadata to a New WSDL URL
If a producer moves to a different location, then to retain all the portlet customizations
and personalizations that users have made while working with WebCenter Portal, you
must also migrate the existing producer metadata to the new location. Any existing
connections to the producer must be reconfigured to point to the new location.
To migrate WSRP producer metadata to a new URL endpoint:
1. Export the producer metadata, using the WLST command
exportPortletClientMetadata.
For command syntax and examples, see exportPortletClientMetadata in
WebCenter WLST Command Reference.
2. Change the producer's WSDL URL, using the WLST command setWSRPProducer.
For command syntax and examples, see setWSRPProducer in WebCenter WLST
Command Reference.
3. Import the producer metadata, using the WLST command
importPortletClientMetadata.
For command syntax and examples, see importPortletClientMetadata in
WebCenter WLST Command Reference.
17-16
Chapter 17
Deregistering WSRP Portlet Producers
17.4.6 Editing the Portlet Client Configuration
The adf-config.xml file contains configuration information for WebCenter Portal
services. Portlet client configuration details are specified in the adf-portlet-config
section of the file.
The following example shows the adf-portlet-config element of the adf-config.xml
file.
<adf-portlet-config xmlns="http://xmlns.oracle.com/adf/portlet/config">
<supportedLocales>
<value>en</value>
<value>fr</value>
<value>de</value>
<value>es</value>
</supportedLocales>
<portletTechnologies>
<value>oracle.portlet.client.containerimpl.web.WebPortletTechnologyConfig</value>
<value>oracle.portlet.client.containerimpl.wsrp.WSRPPortletTechnologyConfig</value>
</portletTechnologies>
<defaultTimeout>20</defaultTimeout>
<minimumTimeout>1</minimumTimeout>
<maximumTimeout>300</maximumTimeout>
<resourceProxyPath>/portletresource</resourceProxyPath>
<cacheSettings enabled="true">
<serviceConfigFile>myPortletCoherenceConfig.xml</serviceConfigFile>
</cacheSettings>
</adf-portlet-config>
Application developers can edit the adf-config.xml file for an application and edit the
portlet client configuration. However, this requires that the application be redeployed
after the changes are made. To edit the configuration of the portlet client at runtime,
without having to redeploy the application, you can use WLST commands.
Use the WLST command setPortletClientConfig to edit the portlet client configuration
information. For command syntax and examples, see setPortletClientConfig section
in WebCenter WLST Command Reference.
After using this WLST command, you must restart the Managed Server on which the
WebCenter Portal application is deployed. For details, see Starting and Stopping
Managed Servers for WebCenter Portal Application Deployments.
See Also:
listPortletClientConfig, getPortletClientConfig
For information on how to run WLST commands, see Running Oracle
WebLogic Scripting Tool (WLST) Commands.
17.5 Deregistering WSRP Portlet Producers
WebCenter Portal provides several tools for deregistering WSRP portlet producers.
This section includes the following topics:
17-17
Chapter 17
Deregistering WSRP Portlet Producers
•
About Deregistering Portlet Producers
•
Deregistering a WSRP Portlet Producer Using Fusion Middleware Control
•
Deregistering a WSRP Portlet Producer Using WLST
•
Deregistering a WSRP Portlet Producer in WebCenter Portal
For information about how to deregister Oracle PDK-Java portlet producers, see
Deregistering an Oracle PDK-Java Portlet Producer.
17.5.1 About Deregistering Portlet Producers
You can deregister a WSRP portlet producer at any time.
Before deregistering a producer, consider the impact toWebCenter Portal as portlets
associated with a deregistered producer no longer work. Check the Portlets Producer
Invocation metric to see how frequently the producer is being used. For more
information, see Viewing Performance Metrics Using Fusion Middleware Control.
When you deregister a producer, registration data is removed from both WebCenter
Portal and the remote producer:
•
WebCenter Portal - The producer connection is deleted and producer metadata is
also deleted.
•
Remote producer - Portlet instances are deleted (not the portlets themselves).
Portlet instances are not removed from WebCenter Portal pages. In place of the
portlet, users see a Portlet unavailable message.
Note:
Consider also deleting the external application associated with this portlet
producer if the application's sole purpose was to support this producer. See
Deleting External Application Connections.
17.5.2 Deregistering a WSRP Portlet Producer Using Fusion
Middleware Control
You can deregister a WSRP portlet producer using Fusion Middleware Control.
To deregister a portlet producer:
1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter
Portal.
See Navigating to the Home Page for WebCenter Portal.
2. From the WebCenter Portal menu, select Settings and then Service
Configuration.
3. From the list of services on the WebCenter Portal Service Configuration page,
select Portlet Producers.
4. Select the name of the producer you want to deregister, and click Delete.
17-18
Chapter 17
Deploying Portlet Producer Applications
The connection details are removed. Portlets associated with this producer are no
longer accessible within WebCenter Portal.
17.5.3 Deregistering a WSRP Portlet Producer Using WLST
Use WLST commands to deregister a WSRP portlet producer.
Use the WLST command deregisterWSRPProducer to deregister a WSRP portlet
producer connections.
For command syntax and examples, see deregisterWSRPProducer in WebCenter WLST
Command Reference.
Use the following WLST commands to deregister the out-of-the-box or sample
producers provided with WebCenter Portal:
•
Out-of-the-box producers - deregisterOOTBProducers
For command syntax and examples, see deregisterOOTBProducers in WebCenter
WLST Command Reference.
•
Sample producers - deregisterSampleProducers
For command syntax and examples, see deregisterSampleProducers in WebCenter
WLST Command Reference.
For information on how to run WLST commands, see Running Oracle WebLogic
Scripting Tool (WLST) Commands.
17.5.4 Deregistering a WSRP Portlet Producer in WebCenter Portal
If you no longer want to use a particular producer in WebCenter Portal, you can
deregister the producer.
To deregister a WSRP portlet producer in WebCenter Portal:
1. Open WebCenter Portal Administration.
For more information, see Accessing the Settings Pages in WebCenter Portal
Administration.
2. Click Tools and Services, and then select Portlet Producers.
Alternatively, use the following URL, and then select Portlet Producers:
http://host:port/webcenter/portal/admin/settings/tools
3. Select the portlet producer that you want to deregister.
4. From the menu bar, click Deregister.
5. In the Delete Confirmation dialog, click Deregister to complete the deregistration
process.
17.6 Deploying Portlet Producer Applications
After developing a Portlet Producer application in JDeveloper, you can deploy that
application to any Oracle WebLogic Managed Server instance that is configured to
supportWebCenter Portal portlet producers.
17-19
Chapter 17
Deploying Portlet Producer Applications
To deploy an application to a managed server, you can use Oracle Enterprise
Manager Fusion Middleware Control, Oracle WebLogic Administration Console, or
WLST.
For more information about these administration tools, see Oracle WebCenter Portal
Administration Tools.
You can also deploy a Portlet Producer application from within JDeveloper.
This section includes the following topics:
•
Preparing Portlet Producer Applications for Deployment
•
Deploying a Portlet Producer Application Using Fusion Middleware Control
•
Deploying a Portlet Producer Application Using Oracle WebLogic Server
Administration Console
•
Deploying a Portlet Producer Application Using WLST
•
Deploying a Portlet Producer Application Using Oracle JDeveloper
For more information about deploying applications, see Deploying Applications in
Administering Oracle Fusion Middleware.
17.6.1 Preparing Portlet Producer Applications for Deployment
WebCenter Portal provides a predeployment tool that adds the required configuration
to a portlet producer application's EAR file to expose the portlets over WSRP.
The predeployment tool must be run in the following circumstances:
•
You created the application's WAR file outside of JDeveloper.
•
You created the application's WAR file in JDeveloper, but selected to not expose
the application as a WSRP application. That is, you selected No in the Select
deployment type dialog.
To add the required configuration to a portlet producer application's EAR file to expose
the portlets over WSRP, run the WSRP producer predeployment tool located in the
Middleware directory at WCP_ORACLE_HOME/webcenter/modules/
oracle.portlet.server_11.1.1, as follows:
java -jar wsrp-predeploy.jar source EAR target EAR
For JSR 286 portlets developed with servlet version 2.3, you must specify web proxies
using the following command:
java -Dhttp.proxyHost=proxy host -Dhttp.proxyPort=proxy port -jar
wsrp-predeploy.jar source EAR target EAR
where:
•
proxy host is the server to which your producer has been deployed.
•
proxy port is the HTTP Listener port.
•
wsrp-predeploy.jar is located in the WCP_ORACLE_HOME/webcenter/modules/
oracle.portlet.server_11.1.1 directory.
•
source EAR is the name of the JSR 286 EAR file.
17-20
Chapter 17
Deploying Portlet Producer Applications
•
target EAR file is the name of the new EAR file to be created. If the file name for
the targeted EAR file is not specified, then a new EAR file called WSRP-source EAR is
produced.
The wsrp-predeploy.jar predeployment tool makes all the necessary changes to a JSR
286 portlet to be able to deploy it to the Oracle portlet container and expose it as a
WSRP producer. Here are some examples of what the predeployment tool does:
Creates the wsdldeploy directory in the java.io.tmpdir folder.
•
–
On UNIX, the default value of this property is /tmp or /var/tmp
–
On Microsoft Windows, the default value of this property is c:\temp.
•
Unpacks the EAR file into wsdldeploy/EAR.
•
Unpacks the WAR files into wsdldeploy/warfilename.war/.
•
Inserts WEB-INF/WSDLs into the unpacked application.
•
Modifies WEB-INF/web.xml in the unpackaged WAR files.
•
Inserts or modifies WEB-INF/webservices.xml in the WAR files.
•
Inserts or modifies WEB-INF/oracle-webservices.xml in the WAR files.
•
Repackages the WARs and builds a new EAR file.
In the following example a web proxy is specified:
java -Dhttp.proxyHost=myhttpproxy.com -Dhttp.proxyPort=80 -jar wsrp-predeploy.jar
wsrp-samples.ear
This example produces WSRP-wsrp-samples.ear.
17.6.2 Deploying a Portlet Producer Application Using Fusion
Middleware Control
You can deploy a Portlet Producer using Fusion Middleware Control.
When deploying an application using Fusion Middleware Control you must know the
location of the application archive, and whether a deployment plan exists for the
application.
To deploy a Portlet Producer application using Fusion Middleware Control:
1. Log in to Fusion Middleware Control.
2. In the Target Navigation pane, expand WebLogic Domain and click the domain in
which your target Managed Server was created.
3. From the WebLogic Domain menu, select Deployments.
4. Choose Deployment > Deploy.
The Select Archive page displays.
5. In the Archive or Exploded Directory section, do one of the following:
•
Select Archive is on the machine where this web browser is running and
enter the location of the archive or click Browse to find the archive file.
17-21
Chapter 17
Deploying Portlet Producer Applications
•
Select Archive or exploded directory is on the server where Enterprise
Manager is running and enter the location of the archive or click Browse to
find the archive file.
6. In the Deployment Plan section, do one of the following:
•
Select Create a new deployment plan when deployment configuration is
done to automatically create a new deployment plan after the redeployment
process.
•
Select Deployment plan is on the machine where this web browser is
running and enter the path to the plan or click Browse to find the plan.
•
Select Deployment plan is on the server where Enterprise Manager is
running and enter the path to the plan or click Browse to find the plan.
7. Click Next.
The Select Target page displays.
8. Select the target server(s) to deploy the application and click Next.
The Application Attributes page displays.
9. Click Next.
The Deployment Settings page displays.
10. Click the edit icon for Configure ADF Connections to check connection settings
associated with the application.
The Configure ADF Connections page displays.
11. Click the edit icon for each connection and check that the connection settings are
correct for the target environment (for example, staging or production).
For WSRP producers, two connections are shown for each producer: a WSRP
Producer and a Web Service connection. Typically only the Web Service
connection must be changed to the target producer, and this contains four URL
endpoints, all of which must be changed. The WSRP Producer connection only
configures proxy settings that can be set independent of the default proxy setting
for the application server, if this is required.
If any connections to portlet producers in the EAR file must be changed to point to
producers in the target deployment environment, it is important to change them
here. This ensures the portlet customizations are imported to the target producers
as the application starts.
17-22
Chapter 17
Deploying Portlet Producer Applications
Note:
If any target producers are not reachable as the application starts for the first
time, the import fails. After the portlet producer becomes reachable, restart the
application and try to import again.
If you do not modify producer connections using the Configure ADF
Connections page and they are pointing to incorrect but reachable producer
locations (for example, a producer in a development environment), portlets are
imported to the incorrect producers.
To correct this, after deployment use Fusion Middleware Control or WLST
commands to modify the producer URL endpoint, and then redeploy the
application.
12. If required, specify additional deployment options such as the Web modules to
include in your application or security migration settings.
13. In the Deployment Plan section, click Edit Deployment Plan to optionally edit the
currently selected Deployment Plan.
14. In the Deployment Plan section, click Save Deployment Plan to optionally save
the currently selected Deployment Plan for reuse when you redeploy the
application.
15. To start the deployment process, click Deploy.
Fusion Middleware Control displays processing messages.
16. Click Close in the Deployment Succeeded page.
The portlet producer application (and its deployment plan) is now deployed on the
WebLogic Managed Server instance.
17. If you restart the WebLogic Managed Server on which you deployed the application
during your Fusion Middleware Control session, refresh the Farm from the Farm
menu to update the application status.
If you configured connections during deployment, these are not stored as part of
the deployment plan. You must specify these connection details again the next time
you deploy.
17.6.3 Deploying a Portlet Producer Application Using Oracle
WebLogic Server Administration Console
You can use the WebLogic Server Administration Console to deploy a Portlet
Producer application. However, the Console does not offer a means to change ADF
connections, including the essential MDS connection.
To use the Console to deploy a Portlet Producer application, the MDS connection in
the EAR file must be configured to the target deployment repository. Follow steps 1-5
in Deploying a Portlet Producer Application Using WLST then follow the steps below to
deploy a Portlet Producer application using the WLS Administration Console.
17-23
Chapter 17
Deploying Portlet Producer Applications
Note:
Oracle does not recommend deploying Portlet Producer applications to any of
the preconfigured Managed Servers created during the installation, or to the
Administration Server. Create a new Managed Server instance before
deploying, or optionally deploy to the WC_Portlet server.
To deploy a Portlet Producer application using the Web Logic Server Administration
Console:
1. Log in to the Web Logic Server Administration Console.
2. In the Domain Structure pane, click Deployments.
The Summary of Deployments page displays.
3. Click Install.
The Install Application Assistant page displays.
4. Using the Install Application Assistant Path field, locate the EAR file that
corresponds to the Portlet Producer application you want to install. Select the EAR
file and click Next.
Page 2 of the Install Application Assistant page displays.
5. Select Install this deployment as an application and click Next.
Page 3 of the Install Application Assistant displays.
6. Select the deployment target to which to deploy the application and click Next.
7. Review the configuration settings you specified, and click Finish to complete the
installation.
To change a producer URL after deployment, use Fusion Middleware Control or
WLST commands to modify the producer URL endpoint, and then redeploy the
application.
17.6.4 Deploying a Portlet Producer Application Using WLST
You can deploy a Portlet Producer application using the WLST command line.
To deploy a Portlet Producer application using the WLST command line, WLST must
be connected to the Administration Server. You must invoke the deploy command on
the computer that hosts the administration server.
To deploy a Portlet Producer Application using WLST:
1. Start the WLST shell.
For information on starting the WLST shell, see Oracle WebLogic Scripting Tool
(WLST).
2. Connect to the Administration Server of your Oracle WebCenter Portal installation:
connect("user_name","password","host_name:port")
Where:
17-24
Chapter 17
Deploying Portlet Producer Applications
•
user_name is the user name to access the Administration server (for example,
weblogic).
•
password is the password to access the Administration server (for example,
welcome1).
•
host_name is the host name of the Administration Server (for example,
myserver.example.com).
•
port is the port number of the Administration Server (7001 by default)
You should see the following message:
Successfully connected to Admin Server 'AdminServer' that belongs to domain
'WC_Domain'.
3. Retrieve the MDS configuration by running the following command:
archive = getMDSArchiveConfig(fromLocation='ear_file_path')
Where ear_file_path is the path and file name of the EAR file you are deploying
(for example, /tmp/myEarFile.ear). For more information, see getMDSArchiveConfig in
WLST Command Reference for Infrastructure Components.
4. After retrieving the MDS configuration information from the EAR file, you must set
the proper MDS schema information according to your Oracle WebCenter Portal
setup (for example, your application might be using a database connection based
on a specific schema). To set the MDS schema information, run the following
command:
archive.setAppMetadataRepository(repository='respository',partition='partition',ty
pe='DB',jndi='jndi')
Where:
•
repository is the name of the database schema (for example, mds-Feb23demo).
•
partition is the individual entity in the repository to allow each application to
have its own namespace (for example, webcenter).
•
jndi is the path and name used to allow access by the application server's
other components (for example, jdbc/mds/Feb23demo).
5. After setting the MDS repository information, save the MDS configuration
information with the following command:
archive.save()
6. Deploy the Portlet Producer application using the WLST deploy command.
deploy(app_name, path, [targets] [stageMode], [planPath], [options])
Where:
•
appName is the name of the Portlet Producer application to be deployed (for
example, myPortlets).
•
path is the path to the EAR file to be deployed (for example, /tmp/
customApp.ear).
•
targets specifies the target Managed Server(s) to which to deploy the
application (for example, AppServer). You can optionally list multiple commaseparated targets. To enable you to deploy different modules of the application
archive on different servers, each target may be qualified with a module name,
17-25
Chapter 17
Managing Oracle PDK-Java Portlet Producers
for example, module1@server1. This argument defaults to the server to which
WLST is currently connected.
•
stageMode optionally defines the staging mode for the application you are
deploying. Valid values are stage, nostage, and external_stage.
•
planPath optionally defines the name of the deployment plan file. The file name
can be absolute or relative to the application directory. This argument defaults
to the plan/plan.xml file in the application directory, if one exists.
•
options is an optional comma-separated list of deployment options, specified as
name-value pairs. For more information about valid options, see WLST deploy
in WLST Command Reference for WebLogic Server.
When you see the following message, the application has been successfully deployed
and is ready to be accessed:
Completed the deployment of Application with status completed
Note:
Since WLST does not prompt you to modify connections during deployment,
the connection information in the EAR file is used to identify the target
producer location in the last start-up. If that location is unreachable, correct the
location after deploying the application by bringing up the target producers and
restarting the application. Migration of portlet customizations starts
automatically.
If the producer connections point to incorrect producers (for example,
development producers), and those producers are reachable, the migration of
portlet customizations starts using those producers. Since the migration
completes, although incorrectly, restarting the application does not
automatically restart the migration process.
To remedy this, after deployment, use Fusion Middleware Control or WLST
commands to modify the producer URL endpoint, and then redeploy the
application.
17.6.5 Deploying a Portlet Producer Application Using Oracle
JDeveloper
You can deploy a Portlet Producer application to an Oracle WebLogic Managed
Server instance directly from the development environment using Oracle JDeveloper,
if you have the necessary credentials to access the WebLogic server.
17.7 Managing Oracle PDK-Java Portlet Producers
System administrators can use Fusion Middleware Control or the WLST command-line
tool to register and manage Oracle PDK-Java portlet producers for WebCenter Portal.
This section includes the following topics:
•
Registering an Oracle PDK-Java Portlet Producer
•
Testing Oracle PDK-Java Producer Connections
17-26
Chapter 17
Managing Oracle PDK-Java Portlet Producers
•
Editing Oracle PDK-Java Portlet Producer Registration Details
•
Deregistering an Oracle PDK-Java Portlet Producer
17.7.1 Registering an Oracle PDK-Java Portlet Producer
You can register an Oracle PDK-Java portlet producer using Fusion Middleware
Control, WLST commands, or WebCenter Portal Administration.
Registering an Oracle PDK-Java Portlet Producer Using Fusion Middleware
Control
To register an Oracle PDK-Java portlet producer using Fusion Middleware Control:
1.
Log in to Fusion Middleware Control and navigate to the home page for
WebCenter Portal.
See Navigating to the Home Page for WebCenter Portal.
2.
From the WebCenter Portal menu, select Settings and then Service
Configuration.
3.
In the Add Portlet Producer Connection section, enter connection details for the
Oracle PDK-Java portlet producer.
For detailed parameter information, see Oracle PDK-Java Portlet Producer
Connection Parameters.
4.
Click OK.
The new producer appears in the connection table.
Registering an Oracle PDK-Java Portlet Producer Using WLST
Use the WLST command registerPDKJavaProducer to create a connection to an Oracle
PDK-Java portlet producer and register the producer with WebCenter Portal.
For command syntax and examples, see registerPDKJavaProducer in WebCenter
WLST Command Reference.
See Also:
deregisterPDKJavaProducer, listPDKJavaProducers, refreshProducer
For information on how to run WLST commands, see Running Oracle WebLogic
Scripting Tool (WLST) Commands.
Registering an Oracle PDK-Java Portlet Producer in WebCenter Portal
To register an Oracle PDK-Java portlet producer in WebCenter Portal:
1.
Open WebCenter Portal Administration.
For more information, see Accessing the Settings Pages in WebCenter Portal
Administration.
2.
Click Tools and Services, and then select Portlet Producers.
Alternatively, use the following URL, and then select Portlet Producers:
17-27
Chapter 17
Managing Oracle PDK-Java Portlet Producers
http://host:port/webcenter/portal/admin/settings/tools
3.
On the menu bar, click Register.
4.
In the Register Portlet Producer page, enter connection details for the Oracle
PDK-Java portlet producer. For details, see Oracle PDK-Java Portlet Producer
Connection Parameters.
5.
Click Test to verify that the server details you provided are correct.
If the server is contactable, a success message is displayed. If the server is down
or the host information is incorrect or no longer valid, a connection failure message
is displayed.
Note:
The test performs a simple server (host/port) PING test. Anything in the path
after the host:port is ignored. To verify whether the producer is accessible,
access the producer's test page in your browser. For more information, see
Testing Oracle PDK-Java Producer Connections.
6.
Click Ok.
17.7.2 Testing Oracle PDK-Java Producer Connections
To verify an Oracle PDK-Java portlet producer connection, run the producer URL in a
browser window.
Use the following format:
http://host:port/context-root/providers/producer_name
For example:
http://domain.example.com:7778/axyz/providers/sample
17.7.3 Editing Oracle PDK-Java Portlet Producer Registration Details
WebCenter Portal provides several tools for editing Oracle PDK-Java portlet producer
registration details.
Editing Oracle PDK-Java Portlet Producer Registration Details Using Fusion
Middleware Control
1.
Log in to Fusion Middleware Control and navigate to the home page for the
WebCenter Portal application. For more information, see:
For more information, see Navigating to the Home Page for WebCenter Portal.
2.
From the WebCenter Portal menu, select Settings and then Service
Configuration.
3.
From the list of services on the WebCenter Portal Service Configuration page,
select Portlet Producers.
4.
In the Manage Portlet Producer Connections section, select the producer you want
to modify, and click Edit.
17-28
Chapter 17
Managing Oracle PDK-Java Portlet Producers
5.
In the Edit Portlet Producer Connection section, modify connection details, as
required.
For more information, see Oracle PDK-Java Portlet Producer Connection
Parameters.
6.
Click OK.
Editing Oracle PDK-Java Portlet Producer Registration Details Using WLST
Use the WLST command setPDKJavaProducer to edit Oracle PDK-Java portlet producer
connection details.
For command syntax and examples, see setPDKJavaProducer in WebCenter WLST
Command Reference.
For information on how to run WLST commands, see Running Oracle WebLogic
Scripting Tool (WLST) Commands.
Editing Oracle PDK-Java Portlet Producer Registration Details in WebCenter
Portal
In WebCenter Portal, you can access and revise many of the registration details
provided for a portlet producer.
1.
Open WebCenter Portal Administration.
For more information, see Accessing the Settings Pages in WebCenter Portal
Administration.
2.
Click Tools and Services, and then select Portlet Producers.
Alternatively, use the following URL, and then select Portlet Producers:
http://host:port/webcenter/portal/admin/tools
3.
Select the portlet producer that you want to edit.
4.
On the menu bar, click Edit.
5.
Edit the producer registration properties as required.
For details, see Oracle PDK-Java Portlet Producer Connection Parameters.
You cannot edit the Producer Name or Producer Type.
Note:
While it is possible to edit the value of the URL Endpoint, for example, if the
producer port has changed, you can point to a different producer only if the
new producer has access to the persistence store of the old producer, or if the
persistence store of the old producer has been migrated to that of the new
producer. For more information, see Backing up and Restoring Other Schema
Data (ACTIVITIES and PORTLET).
6.
When you have changed all the necessary settings, you can click Test to verify
that the server details you provided are correct.
If the server is contactable, a success message is displayed. If the server is down
or the host information is incorrect or no longer valid, a connection failure message
is displayed.
17-29
Chapter 17
Managing Oracle PDK-Java Portlet Producers
Note:
The test performs a simple server (host/port) PING test. Anything in the path
after the host:port is ignored. To verify whether the producer is accessible,
access the producer's test page in your browser. For more information, see
Testing Oracle PDK-Java Producer Connections.
17.7.4 Deregistering an Oracle PDK-Java Portlet Producer
WebCenter Portal provides several tools for deregistering WSRP portlet producers.
You can deregister a WSRP portlet producer at any time.
Before deregistering a producer, consider the impact toWebCenter Portal as portlets
associated with a deregistered producer no longer work. Check the Portlets Producer
Invocation metric to see how frequently the producer is being used. For more
information, see Viewing Performance Metrics Using Fusion Middleware Control.
When you deregister a producer, registration data is removed from both WebCenter
Portal and the remote producer:
•
WebCenter Portal - The producer connection is deleted and producer metadata is
also deleted.
•
Remote producer - Portlet instances are deleted (not the portlets themselves).
Portlet instances are not removed from WebCenter Portal pages. In place of the
portlet, users see a Portlet unavailable message.
Note:
Consider also deleting the external application associated with this portlet
producer if the application's sole purpose was to support this producer. See
Deleting External Application Connections.
Deregistering an Oracle PDK-Java Portlet Producer Using Fusion Middleware
Control
To deregister an Oracle PDK-Java portlet producer using Fusion Middleware Control:
1.
Log in to Fusion Middleware Control and navigate to the home page for
WebCenter Portal.
See Navigating to the Home Page for WebCenter Portal
2.
From the WebCenter Portal menu, select Settings and then Service
Configuration.
3.
From the list of services on the WebCenter Portal Service Configuration page,
select Portlet Producers.
4.
Select the name of the producer you want to deregister, and click Delete.
The connection details are removed. Portlets associated with this producer are no
longer accessible within WebCenter Portal.
17-30
Chapter 17
Managing Oracle PDK-Java Portlet Producers
Deregistering an Oracle PDK-Java Portlet Producer Using WLST
Use the WLST command deregisterPDKProducer to deregister an Oracle PDK-Java
portlet producer.
For command syntax and examples, see deregisterPDKJavaProducer in WebCenter
WLST Command Reference.
For information on how to run WLST commands, see Running Oracle WebLogic
Scripting Tool (WLST) Commands.
Deregistering an Oracle PDK-Java Portlet Producer in WebCenter Portal
To deregister an Oracle PDK-Java portlet producer in WebCenter Portal
1.
Open WebCenter Portal Administration.
For more information, see Accessing the Settings Pages in WebCenter Portal
Administration.
2.
Click Tools and Services, and then select Portlet Producers.
Alternatively, use the following URL, and then select Portlet Producers:
http://host:port/webcenter/portal/admin/settings/tools
3.
Select the portlet producer that you want to deregister.
4.
On the menu bar, click Deregister.
5.
In the Delete Confirmation dialog, click Deregister to complete the deregistration
process.
17.7.5 Oracle PDK-Java Portlet Producer Connection Parameters
When you register an Oracle PDK-Java portlet producer, there are several connection
parameters that you must set.
Table 17-6
Oracle PDK-Java Portlet Producer Connection Parameters
Field
Description
Connection Name
Enter a unique name that identifies this
portlet producer registration within
WebCenter Portal. The name must be unique
across all WebCenter Portal connection
types.
The name you specify here appears in the
resource catalog (under the Portlets folder).
Producer Type
Select Oracle PDK-Java Producer.
17-31
Chapter 17
Managing Oracle PDK-Java Portlet Producers
Table 17-6
(Cont.) Oracle PDK-Java Portlet Producer Connection Parameters
Field
Description
URL End Point
Enter the Oracle PDK-Java producer's URL
using the following syntax:
http://host:port/context_root/providers
Where:
•
host is the server where the producer is
deployed
•
port is the HTTP Listener port number
•
context_root is the Web application's
context root
•
providers is static text
For example
http://myHost.com:7778/
myEnterprisePortlets/providers
Service ID
Enter a unique identifier for this producer.
PDK-Java enables you to deploy multiple
producers under a single adapter servlet.
Producers are identified by their unique
service ID. A service ID is required only if the
service ID is not appended to the URL end
point. For example, the following URL
endpoint requires sample as the service ID:
http://domain.example.com:7778/axyz/
providers
However, the following URL endpoint, does
not require a service ID:
http://domain.example.com:7778/axyz/
providers/sample
The service ID is used to look up a file called
service_id.properties, which defines the
characteristics of the producer, such as
whether to display its test page. Use any
value to create the service ID. When no
Service ID is specified, _default.properties
is used.
Use Proxy?
Select this check box if WebCenter Portal
must use an HTTP proxy when contacting
this producer. If selected, enter values for
Proxy Host and Proxy Port.
A proxy is required if WebCenter Portal and
the remote portlet producer are separated by
a firewall and an HTTP proxy is needed for
communication with the producer.
Proxy Host
Enter the host name or IP address of the
proxy server. Do not prefix http:// to the
proxy server name.
Proxy Port
Enter the port number on which the proxy
server listens. The default port is 80.
17-32
Chapter 17
Managing Oracle PDK-Java Portlet Producers
Table 17-6
(Cont.) Oracle PDK-Java Portlet Producer Connection Parameters
Field
Description
Associated External Application
If one of this producer's portlets requires
authentication, use the Associated External
Application drop-down to identify the correct
external application.
If the application you want is not listed, select
Create New to define the external application
now.
See Also Registering External Applications.
Establish Session?
Select to enable a user session when
executing portlets from this producer. When
sessions are enabled, they are maintained on
the producer server. This allows the portlet
code to maintain information in the session.
Message authentication uses sessions, so if
you specify a shared key, you must also
select this option.
For sessionless communication between the
producer and the server, do not select this
option.
Default Execution Timeout (Seconds)
Enter a suitable timeout for communications
with the producer, in seconds. For example,
the maximum time the producer may take to
register, deregister, or display portlets on
WebCenter Portal pages. This defaults to 30
seconds.
Individual portlets may define their own
timeout period, which takes precedence over
the value expressed here.
Subscriber ID
Enter a string to identify the consumer of the
producer being registered.
When a producer is registered with
WebCenter Portal, a call is made to the
producer. During the call, the consumer
(WebCenter Portal in this instance) passes
the value for Subscriber ID to the producer. If
the producer does not see the expected value
for Subscriber ID, it might reject the
registration call.
17-33
Chapter 17
Managing Oracle PDK-Java Portlet Producers
Table 17-6
(Cont.) Oracle PDK-Java Portlet Producer Connection Parameters
Field
Description
Shared Key
Enter a shared key to use for producers that
are set up to handle encryption.
The shared key is used by the encryption
algorithm to generate a message signature
for message authentication. Note that
producer registration fails if the producer is
set up with a shared key and you enter an
incorrect shared key here. The shared key
can contain between 10 and 20 alphanumeric
characters.
The Shared Key is also known as the HMAC
key.
17-34
18
Managing Pagelet Producer
Pagelet Producer (previously called Oracle WebCenter Ensemble) provides a
collection of useful tools that facilitate dynamic pagelet development and deploymen,
providing users with external access to internal resources including internal
applications and secured content. Use Pagelet Producer to expose WSRP portlets and
OpenSocial gadgets as pagelets in portals.
For information about developing and deploying pagelets, see Working with Pagelets
in Developing for Oracle WebCenter Portal.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role granted through Oracle WebCenter Portal
Administration.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
Topics:
•
About Pagelet Producer
•
Registering Pagelet Producer
•
Registering WSRP Portlet Producers in Pagelet Producer
•
Using Portlet-Based Pagelets
•
Configuring the Trust Service Identity Asserter
•
Managing Import, Export, Backup and Recovery of Pagelet Producer Components
18.1 About Pagelet Producer
This section is an introduction to Pagelet Producer concepts and features and includes
the following topics:
•
Overview
•
Using the Pagelet Producer Console
•
Exposing WSRP Portlets
•
Exposing OpenSocial Gadgets
•
Exposing WebCenter Interaction Portlets
18-1
Chapter 18
About Pagelet Producer
18.1.1 Overview
Pagelet Producer (previously known as Oracle WebCenter Ensemble) can be used to
create pagelets to expose platform-specific portlets in other web environments,
including WebCenter Portal applications. Pagelet Producer provides a collection of
useful tools and features that facilitate dynamic pagelet development. For information
about Pagelet Producer architecture, component descriptions, and Pagelet Producer
requirements, see Introduction to Pagelets in Developing for Oracle WebCenter Portal.
Pagelet Producer registration is dynamic. Additions and updates to existing producers
are immediately available; in most cases, it is not necessary to restart the application
or the managed server.
Note:
In the current release, only a single administrator can modify Pagelet Producer
administrative settings at any given time. Concurrent edits will result in only
one edit succeeding. However, data integrity will always be preserved.
18.1.2 Using the Pagelet Producer Console
The Pagelet Producer Console is a browser-based administration tool used to create
and manage the various objects in your Pagelet Producer deployment. From the
Console you can register web applications as resources, create pagelets, manage
proxy and transformation settings, and more.
•
From WebCenter Portal, you can access the Pagelet Producer Console from the
Shared Assets page.
Note:
Pagelet Producer Console supports the standard administration languages
and Dutch only. If you configure the browser language to something other than
one of these languages, it will revert to the language defined for the current
server.
•
The Pagelet Producer Console is also accessible from any web browser at the
following URL:
http://host:port/pagelets/admin
The Pagelet Producer Console can also be launched in accessibility mode at:
http://host:port/pagelets/admin/accessible
For more information about using the Pagelet Producer Console to configure Pagelet
Producer, see Configuring Pagelet Producer Settings in Developing for Oracle
WebCenter Portal.
18-2
Chapter 18
Registering Pagelet Producer
18.1.3 Exposing WSRP Portlets
Using Pagelet Producer, you can expose WSRP portlets as pagelets for use in any
web page or application.
After setting up Pagelet Producer as described in Configuring Pagelet Producer
Settings in Developing for Oracle WebCenter Portal, follow the steps below to import
WSRP portlets:
1.
Register the portlet producer with the Pagelet Producer as described in
Registering WSRP Portlet Producers in Pagelet Producer.
2.
This automatically creates a resource and pagelets in the Pagelet Producer
Console based on the portlet definitions for the producer. For details on resource
settings, see Creating Resources in Developing for Oracle WebCenter Portal.
3.
To modify the imported resource or the associated pagelets, you must make a
copy of the imported resource. For details, see Using Portlet-Based Pagelets.
You can also you the same steps to expose Oracle PDK-Java portlets.
18.1.4 Exposing OpenSocial Gadgets
Using Pagelet Producer, you can expose OpenSocial gadgets as pagelets for use in
any web page or application. For more information, see How to Configure OpenSocial
Resources (OpenSocial Gadget Producers) and How to Configure OpenSocial
Settings in Developing for Oracle WebCenter Portal.
18.1.5 Exposing WebCenter Interaction Portlets
Pagelet Producer can be used as a portlet provider for Oracle WebCenter Interaction.
There are several configuration pages that allow you to define CSP settings for use
with Oracle WebCenter Interaction. For details on configuring these settings and
objects, see How to Configure a WCI Data Source and Consuming a Pagelet in
WebCenter Interaction (an Example) in Developing for Oracle WebCenter Portal.
1.
Configure Pagelet Producer settings for use with the Oracle WebCenter
Interaction Credential Mapper, SOAP API service and image service on the CSP
Settings page in the Pagelet Producer Console.
2.
Set up the Pagelet Producer's connection to the server hosting the portlet code by
creating a "CSP" resource.
3.
Create pagelets for Oracle WebCenter Interaction portlets.
18.2 Registering Pagelet Producer
This section describes how to register and configure Pagelet Producer using Fusion
Middleware Control and WLST commands.
This section includes the following subsections:
•
Registering Pagelet Producer Using Fusion Middleware Control
•
Registering Pagelet Producer Using WLST
•
Configuring the Pagelet Producer Service for WebCenter Portal
18-3
Chapter 18
Registering Pagelet Producer
•
Registering Pagelet Producer Using WebCenter Portal
•
Redeploying Pagelet Producer to a Different Context
For information about developing and deploying pagelets, see Working with Pagelets
in Developing for Oracle WebCenter Portal.
18.2.1 Registering Pagelet Producer Using Fusion Middleware Control
To register Pagelet Producer using Fusion Middleware Control:
1.
Log in to Fusion Middleware Control and navigate to the WebCenter Portal home
page. For more information, see Navigating to the Home Page for WebCenter
Portal.
2.
From the WebCenter Portal menu, select Register Producer.
3.
Enter connection details for Pagelet Producer (Table 18-1).
Table 18-1
Pagelet Producer Connection Parameters
Field
Description
Connection Name
A unique name to identify this Pagelet Producer instance within the
application. The name must be unique across all WebCenter Portal
connection types. The name specified here appears in Composer
under the UI Components > Pagelet Producers folder (by default).
Producer Type
Select Pagelet Producer.
Server URL
The URL to Pagelet Producer. The URL must include a fully-qualified
domain name. Use the following syntax:
<protocol>://<host_name>:<port_number>/pagelets/
For example:
http://myhost.com:7778/pagelets/
If pagelets contain secure data, the registered URL must use the
https protocol. For example:
https://myhost.com:7779/pagelets/
The context root can be changed from /pagelets/ if necessary; for
details, see Redeploying Pagelet Producer to a Different Context.
Note: In WebCenter Portal, if the Pagelet Producer URL is protected
by OAM, the URL to the pagelet catalog must be excluded (mapped
directly without access control), or the catalog will appear to be
empty when using REST. The pagelet catalog URL is http://
<host_name>:<port_number>/ pagelets/api/v2/ensemble/
pagelets
4.
Click OK. The new producer appears in the connection table.
18.2.2 Registering Pagelet Producer Using WLST
Use the registerPageletProducer command to register Pagelet Producer for your
WebCenter Portal application. For command syntax and examples, see
registerPageletProducer in WebCenter WLST Command Reference.
You can also use WLST to list or edit the current connection details.
18-4
Chapter 18
Registering Pagelet Producer
For information on how to run WLST commands, see Running Oracle WebLogic
Scripting Tool (WLST) Commands.
18.2.3 Configuring the Pagelet Producer Service for WebCenter Portal
This section describes how to set up Pagelet Producer for use as a service by Oracle
WebCenter Portal using the Oracle Configuration Wizard.
To set up Pagelet Producer as a WebCenter Portal service:
1.
Launch the Configuration Wizard by selecting Oracle Fusion Middleware , then
Oracle WebLogic Serverand then,Tools > Configuration Wizard.
2.
Select Extend an existing WebLogic Domain and then click Next.
3.
Select Base this domain on an existing template and select the Pagelet
Producer domain template. Confirm that the template location is correct and
click Next.
4.
Complete the domain configuration wizard. For details, see the online help.
All post deployment connection configuration is stored in the Oracle Metadata
Services (MDS) repository.
Pagelet Producer stores all configuration data on a separate partition in the MDS
schema of RCU. Typically, this schema is installed as part of the Oracle WebCenter
Portal installation. This configuration data does not conflict with data that belongs to
other services. When the Pagelet Producer domain template is deployed, the wizard
prompts for connectivity information to the database in which the schema has been
created. The names that Pagelet Producer expects are:
•
Datasource Name: mds-PageletProducerDS
•
JNDI name: jdbc/mds/PageletProducerDS
•
MDS partition name: pageletproducer
To use OpenSocial gadgets in conjunction with WebCenter Portal profile and activities
features, you must manually configure the WebCenterDS data source to target the
WC_Portlet server.
1.
In the Oracle WebLogic Server Console, go to Services then, Data Source.
2.
Click on the WebCenterDS data source.
3.
Go to the Targets tab.
4.
Select WC_Portlet server and click Save.
18.2.4 Registering Pagelet Producer Using WebCenter Portal
This section explains how to register Pagelet Producer in WebCenter Portal.
Log in to WebCenter Portal and click Administration.
Navigate to the Tools and services
Click Portlet producers
1.
Log in to WebCenter Portal and click Administration.
2.
Navigate to the Configuration tab and click Tools and Services.
18-5
Chapter 18
Registering Pagelet Producer
3.
On the Services and Providers page, click Portlet Producers.
4.
Click Register and select Pagelet Producer.
5.
Enter the connection details for Pagelet Producer.
Table 18-2
Pagelet Producer Connection Parameters
Field
Description
Producer Name
A unique name to identify this Pagelet Producer instance within
WebCenter Portal.
Server URL
The URL to the Pagelet Producer. The URL must include a fullyqualified domain name. Use the following syntax:
<protocol>://<host_name>:<port_number>/pagelets/ where host
and port correspond to the WC_Portlet managed server where
Pagelet Producer is configured.
For example:
http://myhost.com:7778/pagelets/
If pagelets contain secure data, the registered URL must use the
HTTPS protocol. For example:
https://myhost.com:7779/pagelets/
The context root can be changed from /pagelets/ if necessary; for
details, see Redeploying Pagelet Producer to a Different Context.
Note: In WebCenter Portal, if the Pagelet Producer URL is protected
by OAM, the URL to the pagelet catalog must be excluded (mapped
directly without access control), or the catalog will appear to be
empty when using REST. The pagelet catalog URL is http://
<host_name>:<port_number>/ pagelets/api/v2/ensemble/
pagelets
18.2.5 Redeploying Pagelet Producer to a Different Context
In some cases, the default web context defined for the Pagelet Producer may need to
be changed. This section describes how to redeploy Pagelet Producer to a different
context.
The first step is to target the Pagelet Producer data source to the Administration
Server and locate the Pagelet Producer EAR file.
1.
In the Oracle WebLogic Server Console, go to Services > Data Source.
2.
Click the mds-PageletProducerDS data source.
3.
Go to the Targets tab.
4.
Check the box next to AdminServer and click Save.
5.
Navigate to Deployments/pagelet-producer.
6.
If Fusion Middleware Control is running on the same host as Pagelet Producer,
record the path to the EAR file. If Fusion Middleware Control is on a different host
than Pagelet Producer, copy the EAR file from the Pagelet Producer host machine
to the browser host machine.
Next, use Fusion Middleware Control to redefine the context:
1.
Navigate to (Application) Deployments/pagelet-producer.
18-6
Chapter 18
Registering WSRP Portlet Producers in Pagelet Producer
2.
From the Application Deployment Menu, select Application Deployment >
Undeploy and follow any prompts that appear. Click Undeploy.
3.
From the Weblogic Domain menu, select Application Deployment > Deploy.
4.
Set the Archive location to the Pagelet Producer EAR file (located and/or copied in
the first set of steps above).
•
If Fusion Middleware Control is running on the same host as the Pagelet
Producer, select the second option and browse to the EAR file location.
•
If Fusion Middleware Control is on a different host than Pagelet Producer,
select the first option and click Choose File to select the EAR file from the
location it was copied to on the browser host machine.
5.
Select the portlet managed server, for example WC_Portlet.
6.
Change the Context Root of the Web Modules as follows, where "new_context" is
the web context that should be used (to redeploy to root, omit "new_context"):
•
ensemblestatic.war: new_context/ensemblestatic
•
pageletadmin.war: new_context/admin
•
opensocial.war: new_context/os
•
loginserver.war: new_context/loginserver
•
ensembleproxy.war: new_context/
Note:
OpenSocial pagelets will not function properly if Pagelet Producer is deployed
to root context.
7.
Click Deploy.
If your implementation uses OpenSocial, update the context setting in the Pagelet
Producer Console. For details, see How to Configure OpenSocial Settings in
Developing for Oracle WebCenter Portal.
18.3 Registering WSRP Portlet Producers in Pagelet
Producer
The Pagelet Producer can expose WSRP portlets as pagelets for use in Oracle
WebCenter Portal and third-party portals, but before you can use a portlet producer as
a pagelet, you must first register it.
To register a WSRP portlet producer using Fusion Middleware Control:
You can use the Pagelet Producer Console to register a WSRP endpoint as a portlet
producer, or you can also use Fusion Middleware Control, WLST, or the WebCenter
Administration page as described in Managing Portlet Producers. After registration, a
new Pagelet Producer resource is created and automatically populated with pagelets
to represent the portlets associated with the WSRP endpoint.
18-7
Chapter 18
Registering WSRP Portlet Producers in Pagelet Producer
Note:
After registrering the portlet producer, make a copy of the portlet resource and
rename the copy of the resource for use in the Oracle WebCenter Portal.
To access portlet producer settings from the Pagelet Producer Console.
1.
Log into WebCenter Portal as an administrator and go to the Administration page.
2.
Open the Shared assets tab and select Pagelets.
3.
Click Create and log into Pagelet Producer.
4.
From the Navigator toolbar menu, select Producers and click Register.
5.
On the Register Portlet Producer page, enter the registration details for the
producer. See WSRP Producer Connection Parameters for detailed parameter
information.
6.
Click Test to test the settings, then click Ok when you’re ready to register the
producer or Cancel to return to the Pagelet Producer Console.
18-8
Chapter 18
Using Portlet-Based Pagelets
18.4 Using Portlet-Based Pagelets
Auto-generated portlet resources and pagelets cannot be modified. To make changes
and create a permanent reference to the producer, the auto-generated asset must first
be copied. Select the asset on the Shared Assets page and select Copy from the
Actions menu. The copied version of the resource can be edited, and various
elements such as injectors can be added to customize pagelet functionality. Any
replicated resources will be included in metadata exports.
You can also define a portlet-based pagelet from scratch by creating a new resource
based on an existing portlet producer and then creating individual pagelets. For
details, see Consuming WSRP Portlets as Pagelets in Developing for Oracle
WebCenter Portal.
18.5 Configuring the Trust Service Identity Asserter
This section describes how to configure the trust service identity asserter.
This section includes the following topics:
•
About the Trust Service Identity Asserter
•
Preparing for Configuring the Trust Service Identity Asserter
•
Executing Trust Service Identity Asserter Configuration
18.5.1 About the Trust Service Identity Asserter
The WebCenter Portal communicates with a Pagelet Producer using a server to server
REST call. In order to pass the identity of the administrative user to the Pagelet
Producer a WLS "Trust Service Identity Asserter" must be set up on the Pagelet
Producer (server) and OPSS keystore service credentials must be set up on both the
Pagelet Producer (server) and WebCenter Portal (client). For more information, see
Integrating Application Security with OPSS in Securing Applications with Oracle
Platform Security Services.
18.5.2 Preparing for Configuring the Trust Service Identity Asserter
The WebCenter Portal installation (same installer is used for both the WebCenter
Portal and the Pagelet Producer) will place the following two files in the WCP_HOME/
webcenter/scripts directory (for example, /home/user/Oracle/Middleware/Oracle_WC1/
webcenter/scripts):
•
configureTrustServiceIdentityAsserter.py
•
configureTrustServiceIdentityAsserter.properties
The WLST script configureTrustServiceIdentityAsserter.py uses the values set in the
configureTrustServiceIdentityAsserter.properties file to configure trust identity on
both the client (WebCenter Portal) and server (Pagelet Producer).
Properties to Fill Out
The following properties must be filled out before executing
configureTrustServiceIdentityAsserter.py:
18-9
Chapter 18
Configuring the Trust Service Identity Asserter
Table 18-3
Properties Used by configureTrustServiceIdentityAsserter.py
Property
Description
Example Value
admin.user
WLS administrative user
weblogic
admin.password
WLS administrative user password
welcome1
admin.url
WLS administrative server host url
t3://localhost:7001
trust.alias
Keystore alias name that will contain
private key pair used for signing token
used in REST calls. Use alphanumeric
characters.
wckey
trust.issuer
This is the value placed inside the
token that indicates who the issuer of
the token is
mycompany
keystore.exported.cer
t
This is a file path where the public key
for the key pair in trust.alias is exported
to and exported from.
/home/user/Oracle/
Middleware/
user_projects/
domains/my_domain/
config/fmwconfig/
wckey.cer
In addition to the above properties there are several optional properties defined in
configureTrustServiceIdentityAsserter.properties. If these properties are not defined
in the file the values listed under 'Default Value' column below will be used:
Table 18-4
Properties Used by configureTrustServiceIdentityAsserter.py
Original Property
Description
Default Value
keystore.distinguishe
d.name
DN used in keystore key pair
generation
CN=<property value of
trust.issuer>,O=Oracl
e,C=US
trust.identity.assert
er.name
Name to give the WLS Trust Service
Identity Asserter
TrustServiceIA
For more details, open the configureTrustServiceIdentityAsserter.properties file. A
full description of each property and the overall trust identity assertion configuration
process is provided in inline comments.
18.5.3 Executing Trust Service Identity Asserter Configuration
WebCenter Portal and Pagelet Producer on same WLS Domain
In most deployment scenarios, the Pagelet Producer and WebCenter Portal run on
separate WebLogic managed servers on the same WebLogic domain. In this scenario,
the OPSS keystore configuration runs once and handles both the client (WebCenter
Portal) and server (Pagelet Producer) set up as shown in the following examples:
18-10
Chapter 18
Managing Import, Export, Backup and Recovery of Pagelet Producer Components
cd WCP_ORACLE_HOME/webcenter/scripts
WCP_ORACLE_HOME/common/bin/wlst.sh ./configureTrustServiceIdentityAsserter.py ./
configureTrustServiceIdentityAsserter.properties
Note that for Windows environments the .sh is not needed.
18.6 Managing Import, Export, Backup and Recovery of
Pagelet Producer Components
Pagelet Producer stores data related to its configuration and content in the Oracle
metadata store (MDS) to facilitate disaster recovery and the full production lifecycle
from development through staging and production. This section describes the import,
export and backup capabilities available.
•
Exporting and Importing Pagelet Producer Resources
•
Exporting and Importing Pagelet Producer Metadata Using WLST
•
Backing Up and Restoring Pagelet Producer
For detailed information about MDS, see Managing the Oracle Metadata Repository in
Administering Oracle Fusion Middleware.
18.6.1 Exporting and Importing Pagelet Producer Resources
Pagelet Producer assets can be exported and imported using the Pagelet Producer
Console. Note that you cannot export or import pagelets directly from the Shared
Assets page in WebCenter Portal. To export or import Pagelet Producer shared
assets you must use the Pagelet Producer Console as described in this section, or use
WLST as described in Exporting and Importing Pagelet Producer Metadata Using
WLST.
To import or export Pagelet Producer assets using the Pagelet Producer Console:
1.
Open the Pagelet Producer Console in either of the following ways:
•
From WebCenter Portal, navigate to Administration > Shared Assets >
Pagelets. Click Create and then click Continue to open the Pagelet Producer
Console. When you're ready to return to WebCenter Portal click Cancel.
•
Navigate to the following URL:
http://<host_name>:<port_number>/pagelets/admin.
2.
From the Jump to: dropdown list, select Export/Import.
3.
Click either Export, Import, or Variables to select the activity to be performed:
4.
•
Use the Export pane to choose from a list of assets and export them to a new
MDS package.
•
Use the Import pane to browse to an existing MDS package and import it into
Pagelet Producer.
•
Use the Variables pane to define variables for root URLs to protect internal
URLs and simplify import.
To export resources, click Export.
The Export pane displays (see Figure 18-1)
18-11
Chapter 18
Managing Import, Export, Backup and Recovery of Pagelet Producer Components
Figure 18-1
Pagelet Producer Console - Export Pane
a.
Check the items to include in the export.
b.
Click Next.
The Host URL displays (Figure 18-2):
Figure 18-2
c.
5.
Host URL
Enter the URL for the Host (click the Variable field to use a variable if you've
defined one) and then click Export.
To import resources, click Import.
The Import pane displays (see Figure 18-1).
Figure 18-3
6.
Pagelet Producer Console - Import Options
a.
Click Browse to select the file to import.
b.
Click Submit to start the import.
c.
If prompted, select either Skip or Overwrite if there is an existing resource on
the target side of the import.
To define a variable, click Variables.
The Variables pane displays (Figure 18-4).
18-12
Chapter 18
Managing Import, Export, Backup and Recovery of Pagelet Producer Components
Figure 18-4
Pagelet Producer Console - Variables Pane
a.
Click Add Variable.
b.
Enter the host name in the Host field.
c.
Enter the variable name with which to associate the host URL in the Variable
field.
d.
To continue adding variables, click Add Variable.
Once added, you can use the variables as part of the host URL in the Export
pane.
18.6.2 Exporting and Importing Pagelet Producer Metadata Using
WLST
The metadata created by Pagelet Producer is stored in MDS and can be accessed
using WLST. For detailed information on running WLST commands, see Running
Oracle WebLogic Scripting Tool (WLST) Commands.
Only global migration using WLST is currently supported; all data in the source
environment is included in the exported MDS package, and all data in the target
environment is overwritten when the package is imported.
Note:
If you are migrating your WebCenter Portal implementation from staging to
production, exporting and importing Pagelet Producer data is handled by the
migration tool. However, if changes were made to Pagelet Producer objects in
the staging environment, these changes must be migrated independently
using the WLST commands described in this section. If Pagelet Producer does
not function after migration, check the Server URL defined for Pagelet
Producer in your WebCenter Portal application. For information on setting this
URL, see Registering Pagelet Producer. For details on WebCenter Portal
migration, see Understanding theWebCenter Portal Lifecycle.
18.6.2.1 Exporting Pagelet Producer Metadata Using WLST
To export base documents for Pagelet Producer, including any resources, pagelets
and custom configuration settings, use the WLST command exportMetadata.
For example:
exportMetadata(application='pagelet-producer', server='WC_Portlet_Staging',
toLocation='c:\work\myexport', docs='/**')
18-13
Chapter 18
Managing Import, Export, Backup and Recovery of Pagelet Producer Components
Where:
•
application: Name of the Pagelet Producer application for which the metadata is
to be exported (for example, pagelet-producer).
•
server: Server on which Pagelet Producer is deployed (for example,
WC_PortletStaging).
•
toLocation: Target directory to which documents selected from the source partition
are to be exported. The toLocation parameter can be used as a temporary file
system for migrating metadata from one server to another.
•
docs: List of comma-separated fully qualified document name(s) and/or document
name patterns (* and ** patterns).
For detailed syntax and examples, see exportMetadata in WebCenter WLST
Command Reference.
18.6.2.2 Importing Pagelet Producer Metadata Using WLST
To import Pagelet Producer metadata and customizations, use the WLST command
importMetadata.
For example:
importMetadata(application='pagelet-producer', server='WC_Portlet_Production',
fromLocation='c:\work\myexport', docs='/**')
Where:
•
application: Name of the Pagelet Producer application for which the metadata is
be imported (for example, pagelet-producer).
•
server: Name of the target server on which Pagelet Producer is deployed (for
example, WC_Portlet_Production).
•
fromLocation: Source directory from which documents are imported. The
fromLocation parameter can be any temporary file system location for migrating
metadata from one server to another.
•
docs: List of comma separated fully qualified document name(s) and/or document
name patterns (* and ** patterns).
For detailed syntax and examples, see importMetadata in WebCenter WLST
Command Reference.
Note:
Any environment-specific URLs used in object configuration must be updated
manually after import.
18.6.3 Backing Up and Restoring Pagelet Producer
Backup and recovery operations for Pagelet Producer are part of standard MDS
backup and restoration and can be managed through database export and import
utilities, and various other tools. For detailed information, see Advanced
Administration: Backup and Recovery in Administering Oracle Fusion Middleware.
18-14
Chapter 18
Managing Import, Export, Backup and Recovery of Pagelet Producer Components
By default, the MDS configuration for Pagelet Producer is as follows (from adfconfig.xml):
<metadata-store name="PageletProducerMetadataRepos" classname="oracle.mds.persistence.stores.db.DBMetadataStore">
<property name="partition-name" value="pageletproducer"/> <property name="jndidatasource" value="jdbc/mds/PageletProducerDS"/>
<property name="repository-name" value="mds-PageletProducerDS"/> </metadata-store>
18-15
Chapter 18
Managing Import, Export, Backup and Recovery of Pagelet Producer Components
18-16
19
Managing External Applications
Register and manage external applications for WebCenter Portal deployments.
An external application is any application that implements its own authentication
process. Specifically, it is an application that does not take part in the single sign-on
process for WebCenter Portal.
Application administrators can register and manage external applications using Fusion
Middleware Control or the WLST command-line tool, or at runtime through built-in
administration pages or using external application task flows.
All external application changes that you make for WebCenter Portal post deployment,
are stored in the MDS repository as customizations.
Note:
External application configuration is dynamic. Configuration changes are
immediately reflected in WebCenter Portal; it is not necessary to restart the
application or the managed server.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role granted through WebCenter Portal Administration.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
Topics:
•
About External Applications
•
Registering External Applications
•
Modifying External Application Connection Details
•
Deleting External Application Connections
•
Managing External Applications at Runtime
19.1 About External Applications
If WebCenter Portal interacts with an application that handles its own authentication,
you can associate that application with an external application definition to allow for
credential provisioning. In doing so, you use an external application definition to
19-1
Chapter 19
Registering External Applications
provide a means of accessing content from these independently authenticated
applications.
To replicate a single sign-on experience from the end user's perspective, the external
application service captures the user name and password, and any other credentials
for the external application, and supplies it to the WebCenter Portal tool or application
requiring the credentials. The WebCenter Portal tool or other application then uses this
information to log in on behalf of the end user. This username and password
combination is securely stored in a credential store configured for the WebLogic
domain where the application is deployed.
Note:
When logging in to an external application, if you clear the Remember My
Login Information check box, then the credentials provisioned for that user
session are lost in the event of a failover in a high availability (HA)
environment. You are prompted to specify the credentials again if you try to
access the external application content in the same user session.
Figure 19-1
Add External Application Connection
19.2 Registering External Applications
You can register external applications for WebCenter Portal through Fusion
Middleware Control or using WLST commands.
Before registering an external application, access the application's login page and
examine the HTML source for the application's login form. All the registration details
you require are located in the <form tag>.
19-2
Chapter 19
Registering External Applications
For example, the underlying code for the Yahoo! Mail login form looks something like
this:
<form method=post action="https://login.yahoo.com/config/login?" autocomplete="off"
name="login_form">
...
<td><input name="login" size="17"</td>
...
<td><input name="passwd" size="17"</td>
...
In this example, to provide WebCenter Portal users with a direct link to the Yahoo! Mail
application, the following sample registration information is required:
Registration Information
Sample Value
HTML Source
Login URL
https://login.yahoo.com/config/
login?
action
User Name / User ID Field
login
name="login"
Password Field Name:
passwd
name="passwd"
Authentication Method
post
method
Note:
External application configuration is dynamic. New external applications and
updates to existing applications are immediately available; there is no need to
restart WebCenter Portal.
This section includes the steps for:
•
Registering External Applications Using Fusion Middleware Control
•
Registering External Applications Using WLST
For information about registering external applications through WebCenter Portal
Administration, see Registering External Applications at Runtime.
19.2.1 Registering External Applications Using Fusion Middleware
Control
To register an external application:
1. Log in to Fusion Middleware Control and navigate to the home page for your
WebCenter Portal instance.
2. From the WebCenter Portal menu, select Settings , then Service Configuration.
19-3
Chapter 19
Registering External Applications
3. From the list of services on the WebCenter Portal Service Configuration page,
select External Applications.
4. To register a new external application, click Add.
5. Enter a unique name for the external application and a display name that
application users working with this external application sees.
19-4
Chapter 19
Registering External Applications
Table 19-1
External Application Connection - Name
Field
Description
Application Name
Enter a name for the application. The name must be unique
(across all connection types) within the application.
For example: yahoo
Note: Once registered, you cannot edit the Application Name.
Display Name
Enter a user friendly name for the application that WebCenter
Portal users will recognize. Application end-users working with this
external application will see the display name you specify here.
For example: My Yahoo
If you leave this field blank, the Application Name is used.
6. Enter the login details for the external application.
Table 19-2
External Application Connection - Login Details
Field
Description
Enable Automatic Login
Select to allow automatically log users in to this application.
Choosing this option requires you to complete the Login URL,
HTML User ID Field Name, and HTML User Password Field
Name fields
With automated single sign-on, the user directly links to the
application and is authenticated automatically, as their
credentials are retrieved from the credential store. Selecting
this option provides the end user with a seamless single signon experience.
Note: Automated login is not supported for:
•
•
•
•
•
Login URL
External applications using BASIC authentication.
External applications configured for SSO.
External applications with a customized login form (built
using ADF Faces) that does not implement the J2EE
security container login method j_security_check
for authentication.
External sites that do not support UTF8 encoding.
External applications that accept randomly generated
hidden field values or cookies for successful login.
Enter the login URL for the external application.
To determine the URL, navigate to the application's login
page and record the URL.
For example: http://login.yahoo.com/config/login
Note: A login URL is not required if the sole purpose of this
external application is to store and supply user credentials on
behalf of another service.
19-5
Chapter 19
Registering External Applications
Table 19-2
(Cont.) External Application Connection - Login Details
Field
Description
HTML User ID Field Name
Enter the name that identifies the "user name" or "user ID"
field on the login form.
Tip: To find this name, look at the HTML source for the login
page.
This property does not specify user credentials.
Mandatory if the Authentication Method is GET or POST.
Leave this field blank if the application uses BASIC
authentication (see Authentication Method).
HTML User Password
Field Name
Enter the name that identifies the "password" field on the
login form.
Tip: To find this name, look at the HTML source for the login
page.
Mandatory if the Authentication Method is GET or POST.
Leave this field blank if the application uses BASIC
authentication (see Authentication Method).
7. Select the authentication method used by the external application.
Table 19-3
External Application Connection - Authentication Details
Field
Description
Authentication Method
Select the form submission method used by the external
application. Choose from one of the following:
•
GET: Presents a page request to a server, submitting
the login credentials as part of the login URL. This
authentication method may pose a security risk because
the user name and password are exposed in the URL.
•
POST: Submits login credentials within the body of the
form. This is the default.
•
BASIC: Submits login credentials to the server as an
authentication header in the request. This authentication
method may pose a security risk because the credentials
can be intercepted easily and this scheme also provides
no protection for the information passed back from the
server. The assumption is that the connection between
the client and server computers is secure and can be
trusted.
The Authentication Method specifies how message data is
sent by the browser. You can find this value by viewing the
HTML source for the external application's login form, for
example, <form method="POST" action="https://
login.yahoo.com/config/login?" AutoComplete="off">
8. Specify additional login fields and details, if required.
19-6
Chapter 19
Registering External Applications
Table 19-4
External Application Connection - Additional Login Fields
Field
Description
Additional Login Fields
If your application requires additional login criteria, expand
Additional Login Fields.
For example, in addition to user name and password, the
Lotus Notes application requires two additional fields - Host
and MailFilename.
Click Add to specify an additional field for the login form. For
each new field, do the following:
•
Name – Enter the name that identifies the field on the
HTML login form that may require user input to log in.
This field is not applicable if the application uses basic
authentication.
•
Value – Enter a default value for the field or leave blank
for a user to specify. This field is not applicable if the
application uses basic authentication.
•
Display to User – Select to display the field on the
external application login screen. If the field is not
displayed (unchecked), then a default Value must be
specified.
Click Delete to remove a login field.
9. Optional: Specify shared and public user credentials, if required.
Table 19-5 External Application Connection - Shared User and Public User
Credentials
Field
Description
Enable Shared
Credentials
Indicate whether this external application enables shared
user credentials, and specify the credentials. Select Enable
Shared Credentials, and then enter User Name and
Password credentials for the shared user.
When shared credentials are specified, every user accessing
this external application through WebCenter Portal is
authenticated using the user name and password defined
here. WebCenter Portal users are not presented with a login
form.
Because WebCenter Portal users do not need to define
personal credentials of their own, external applications with
shared credentials are not listed in the external application's
change password task flows such as My Accounts.
Enable Public Credentials
Indicate whether unauthenticated users (public users) may
access this external application. Select Enable Public
Credentials, and then enter User Name and Password
credentials for the public user.
When public credentials are specified, public users accessing
this external application through WebCenter Portal’s public
pages are logged in using the user name and password
defined here. If public credentials are not specified, public
users will see an authorization error indicating this external
application is not accessible to public users.
10. Click OK to register the application.
19-7
Chapter 19
Modifying External Application Connection Details
19.2.2 Registering External Applications Using WLST
Use the WLST command createExtAppConnection to create an external application
connection. For command syntax and examples, see createExtAppConnection in
WebCenter WLST Command Reference.
Use the WLST command addExtAppCredential to add shared or public credentials for
an existing external application connection. For more information, see
addExtAppCredential in WebCenter WLST Command Reference.
Use the WLST command addExtAppField to define additional login criteria for an
existing external application connection. For more information, see addExtAppField in
WebCenter WLST Command Reference.
For information on how to run WLST commands, see Running Oracle WebLogic
Scripting Tool (WLST) Commands.
19.3 Modifying External Application Connection Details
This section shows you how to modify the external application connection details by:
•
Modifying External Application Connection Using Fusion Middleware Control
•
Modifying External Application Connection Using WLST
19.3.1 Modifying External Application Connection Using Fusion
Middleware Control
To update external application connection details:
1. Log in to Fusion Middleware Control and navigate to the home page for your
WebCenter Portal application.
2. From the WebCenter Portal menu, select Settings > Service Configuration.
3. From the list of services on the WebCenter Portal Service Configuration page,
select External Applications.
4. Select the name of the external application you want to modify, and click Edit.
5. Edit the connection details, as required. For detailed parameter information, see
Table 19-2. Note that you cannot edit the name of the external application.
6. Click OK to save your changes.
19.3.2 Modifying External Application Connection Using WLST
Use the WLST command setExtAppConnection to edit existing external application
connection details. For command syntax and examples, see setExtAppConnection in
WebCenter WLST Command Reference.
19-8
Chapter 19
Deleting External Application Connections
Note:
To edit details relating to an additional login field, use setExtAppField. To edit
existing shared or public credentials, use setExtAppCredential.
To delete an additional login field, use removeExtAppField. To delete shared or
public credentials, use removeExtAppField.
For information on how to run WLST commands, see Running Oracle WebLogic
Scripting Tool (WLST) Commands.
For information about modifying external applications in WebCenter Portal, see Editing
External Application Connection Details in Using Portals in Oracle WebCenter Portal.
19.4 Deleting External Application Connections
Take care when deleting an external application connection as users in WebCenter
Portal will no longer have access to that external application, and any tools or services
dependent on the external application may not function correctly.
This section includes the following topics:
•
Deleting External Application Connections Using Fusion Middleware Control
•
Deleting External Application Connections Using WLST
19.4.1 Deleting External Application Connections Using Fusion
Middleware Control
To delete an external application connection:
1. Log in to Fusion Middleware Control and navigate to the home page for your
WebCenter Portal application:
2. From the WebCenter Portal menu, select Settings > Service Configuration.
3. From the list of services on the WebCenter Portal Service Configuration page,
select External Applications.
4. Select the name of the external application you want to remove, and click Delete.
19.4.2 Deleting External Application Connections Using WLST
Use the WLST command deleteConnection to remove an external application
connection. For command syntax and examples, see deleteConnection in WebCenter
WLST Command Reference.
Note:
To delete an additional login field, use removeExtAppField. To delete shared or
public credentials, use removeExtAppCredential.
19-9
Chapter 19
Managing External Applications at Runtime
For information on how to run WLST commands, see Running Oracle WebLogic
Scripting Tool (WLST) Commands.
19.5 Managing External Applications at Runtime
An external application is any application that implements its own authentication
process. Specifically, it is an application that does not take part in the WebCenter
Portal application's single sign-on process. If your WebCenter Portal application
interacts with an application that handles its own authentication, you can register an
external application to allow for credential provisioning.
By default, users with the Administrator role have the AppConnectionManager role; and
therefore, can configure and manage external applications through the WebCenter
Portal Administration Console at runtime. For more information about
AppConnectionManager role, see Default Application Roles.
This section includes the following topics:
•
Registering External Applications at Runtime
•
Editing and Deleting External Applications at Runtime
19.5.1 Registering External Applications at Runtime
To register an external application at runtime:
1.
On the Settings page (see Accessing the Settings Pages in WebCenter Portal
Administration), click Tools and Services.
You can also enter the following URL in your browser to navigate directly to the
Tools and Services pages:
http://host:port/webcenter/portal/admin/settings/tools
See Also:
WebCenter Portal Pretty URLs in Building Portals with Oracle WebCenter
Portal.
2.
Click External Applications.
3.
Click Register.
19-10
Chapter 19
Managing External Applications at Runtime
Figure 19-2 WebCenter Portal Administration Console - External
Applications
4.
Enter connection details for the external application.
If you need help with one or more fields, refer to:
•
Table 19-1
•
Table 19-2
•
Table 19-3
•
Table 19-4
•
Table 19-5
5.
Click Test to verify your connection details.
6.
Click OK to register the application.
19.5.2 Editing and Deleting External Applications at Runtime
To modify or delete external applications at runtime:
1.
On the Settings page (see Accessing the Settings Pages in WebCenter Portal
Administration), click Tools and Services.
You can also enter the following URL in your browser to navigate directly to the
Tools and Services pages:
http://host:port/webcenter/portal/admin/settings/tools
See Also:
WebCenter Portal Pretty URLs in Building Portals with Oracle WebCenter
Portal.
2.
Click External Applications.
3.
Select the external application to edit or delete, then click one of the following:
•
Click Edit to update connection details.
•
Click Deregister to remove the external application.
19-11
Chapter 19
Managing External Applications at Runtime
Take care when deleting an external application connection as users will no
longer have access to that application, and any services dependent on the
external application may not function correctly.
19-12
20
Managing REST Services
Use REST services to access many WebCenter Portal tools and services, such as
lists, people connections, and search.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration Console
and the Administrator role through WebCenter Portal Administration.
For more information about roles and permissions, see Understanding
Administrative Operations, Roles, and Tools.
Topics:
•
About REST Services
•
Performing Required Manual Configurations to Enable REST
•
Understanding Security Tokens
•
Changing the REST Root Name
•
Using Compression
•
Handling Authentication
20.1 About REST Services
REST (REpresentational State Transfer) is an architectural style for making distributed
resources available through a uniform interface that includes uniform resource
identifiers (URIs), well-defined operations, hypermedia links, and a constrained set of
media types. Typically, these operations include reading, writing, editing, and
removing. Media types include JSON and XML/ATOM.
REST APIs are commonly used in client-side scripted, Rich Internet Applications. For
example, a browser-based application written in JavaScript can use Ajax techniques
with REST APIs to send and receive application data from the server and update the
client view.
WebCenter Portal provides a REST interface to many of its tools and services, like
lists, people connections, and search. For a complete list of the services that support
REST and a more complete introduction to REST and Oracle WebCenter Portal REST
APIs, see Using the WebCenter Portal REST APIs in Developing for Oracle
WebCenter Portal.
20-1
Chapter 20
Performing Required Manual Configurations to Enable REST
20.2 Performing Required Manual Configurations to Enable
REST
Oracle WebCenter Portal REST APIs are not enabled by default. To enable the REST
APIs to work, you must perform the two separate server-side configurations: you must
configure an identity asserter and you must seed required entries in the credential
store to enable the REST security tokens to function properly. For more information on
security tokens, see Security Considerations for WebCenter Portal REST APIs in
Developing for Oracle WebCenter Portal.
Perform the following configuration tasks after Oracle WebCenter Portal is installed for
the first time or if you know the configuration tasks have not been previously
performed.
•
Configuring an Identity Asserter
•
Configuring the WebLogic Server Credential Store
20.2.1 Configuring an Identity Asserter
You must configure an identity asserter before using the REST APIs. For detailed
instructions, see Configuring the REST Service Identity Asserter.
20.2.2 Configuring the WebLogic Server Credential Store
After configuring an identity asserter, the next step is to configure the WLS credential
store. To configure the credential store, execute the following WLST commands while
the server is running. No restart is required.
createCred(map="o.webcenter.jf.csf.map", key="keygen.algorithm",
user="keygen.algorithm", password="AES")
createCred(map="o.webcenter.jf.csf.map", key="cipher.transformation",
user="cipher.transformation", password="AES/CBC/PKCS5Padding")
20.3 Understanding Security Tokens
A user-scoped security token is embedded in the href and template attributes of every
REST service URI. The token is both generated and validated by the server, and is
enabled by the keygen.algorithm and cipher.transformation configuration steps
described in Configuring the WebLogic Server Credential Store. The purpose of the
security token is to prevent Cross-Site Request Forgery (CSRF) attacks.
For example:
<link
template="opaque-template-uri/@me?startIndex={startIndex}
&itemsPerPage={itemsPerPage}&utoken=generated-token"
resourceType="urn:oracle:webcenter:messageBoard"
href="opaque-uri/@me?token=generated-token"
capabilities="urn:oracle:webcenter:read"/>
20-2
Chapter 20
Changing the REST Root Name
Note:
The security token is not used for authentication or identity propagation.
Security tokens are based on the authenticated user's name. They do not expire,
making it possible to both cache and bookmark the URIs.
Security tokens are also "salted," a cryptographic technique of adding extra characters
to a string before encrypting it. Because of salting, if a security token is compromised,
you will not have to change the user's user name across the entire system to address
the problem.
This technique prevents cases where a user name is compromised and you don't want
to have to change the user name system wide to fix the problem. If you need to
regenerate the salt, you can do so by simply deleting it with the following WLST
command:
deleteCred(map="o.webcenter.jf.csf.map", key="user.token.salt", user="
user.token.salt", password="AES")
For more information on security tokens, see Security Considerations for WebCenter
Portal REST APIs in Developing for Oracle WebCenter Portal.
20.4 Changing the REST Root Name
Although not required, in some cases you might want to change the root name for the
REST APIs. The recommended technique for changing the REST root name is to do
so by URL Rewriting. For more information, see URL Rewriting and Proxy Server
Capabilities in Administering Oracle HTTP Server. For example, after URL Rewriting,
the following REST API URLs point to the same server:
•
http://myhost:8888/rest/api/resourceIndex
•
http://myhost:8888/pathname/rest/api/resourceIndex
20.5 Using Compression
This section explains techniques for enabling compression on the XML or JSON
responses that are returned to the client by the Oracle WebCenter Portal REST APIs.
If you are running Apache, you can add the mod_deflate or mod_gzip server modules to
the server configuration. Refer to the Apache documentation for more information.
If you are using Oracle HTTP Server (OHS), Oracle recommends using Oracle Web
Cache for this purpose. For detailed information, see Oracle Fusion Middleware
Administrator's Guide for Oracle Web Cache.
If you are using Oracle HTTP Server (OHS) or running Apache, you can add the HTTP
request header Accept-Encoding: gzip, deflate to use the compression in Rest API
response.
If you are using OHS, you can also add the mod_deflate or mod_gzip server module to
enable compression. For detailed information on this technique, see Understanding
20-3
Chapter 20
Handling Authentication
Oracle HTTP Server Modules in Oracle Fusion Middleware Administrators Guide for
Oracle HTTP Server.
For more information on Oracle Web Cache, see Compression and Caching and
Compressing Content in Oracle Fusion Middleware Administrators Guide for Oracle
HTTP Server.
20.6 Handling Authentication
By default, REST services are configured to accept authentication from identity
assertion providers. If no identity assertion providers are configured, basic
authentication is used.
For information on configuring identity assertion providers, see Configuring the REST
Service Identity Asserter.
For more information, see Configuring Authentication Providers in Administering
Security for Oracle WebLogic Server.
20-4
Part IV
Monitoring
This part of Administering Oracle WebCenter Portal provides information about
monitoring Oracle WebCenter Portal using Oracle Enterprise Manager Fusion
Middleware Console.
•
Monitoring WebCenter Portal Performance
•
Managing WebCenter Portal Logs
•
Managing WebCenter Portal Audit Logs
21
Monitoring WebCenter Portal Performance
Monitor a range of performance metrics for WebCenter Portal through Fusion
Middleware Control, and troubleshoot issues by analyzing information that is recorded
in diagnostic log files.
Note:
Beginning with 12c (12.2.1.3.0), Oracle WebCenter Portal has deprecated
support for Jive features (announcements and discussions). If you are
upgrading from a prior release, these features remain available in your existing
installations that are being upgraded.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin, Operator, or Monitor role through the Oracle WebLogic Server
Administration Console.
See also Understanding Administrative Operations, Roles, and Tools.
Topics:
•
Understanding Oracle WebCenter Portal Performance Metrics
•
Viewing Performance Metrics Using Fusion Middleware Control
•
Customizing Key Performance Metric Thresholds and Collection
•
Diagnosing and Resolving Performance Issues with Oracle WebCenter Portal
•
Tuning Oracle WebCenter Portal Performance
•
Monitoring Performance Using WebCenter Portal Performance Pack
•
Improving Data Caching Performance
21.1 Understanding Oracle WebCenter Portal Performance
Metrics
Through Fusion Middleware Control, administrators can monitor the performance and
availability of all the components, tools, and services that make up WebCenter Portal,
as well as the application as a whole. To access Oracle WebCenter Portal metrics
through Fusion Middleware Control, see Viewing Performance Metrics Using Fusion
Middleware Control.
21-1
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
To make best use of the information displayed it is important that you understand how
performance metrics are calculated and what they mean. All Oracle WebCenter
Portal's performance metrics are listed and described here for your reference. Some
applications (such as Oracle WebCenter Portal) might use the full range of social
networking, personal productivity, and collaboration metrics listed, while others may
only use one or more of these features.
This section includes the following topics:
•
Understanding Oracle WebCenter Portal Metric Collection
•
Understanding the Key Performance Metrics
•
Using Key Performance Metric Data to Analyze and Diagnose System Health
•
Understanding Some Common Performance Issues and Actions
•
Understanding Page Request Metrics
•
Understanding Portlet Producer Metrics
•
Understanding WebLogic Server Metrics
•
Understanding Security Metrics
•
Understanding Page Response and Load Metrics
•
Understanding Portal Metrics
•
Understanding Tool and Service Metrics
21.1.1 Understanding Oracle WebCenter Portal Metric Collection
Performance metrics are automatically enabled for Oracle WebCenter Portal and
display in Fusion Middleware Control. You do not need to set options or perform any
extra configuration to collect performance metrics for WebCenter Portal. If you
encounter a problem, such as, an application running slowly or hanging, you can find
out more about the problem by investigating performance metrics, in real-time, through
Fusion Middleware Control.
This section describes the different ways Oracle WebCenter Portal collects and
presents metric data:
•
Metric Collection: Since Startup
•
Metric Collection: Recent History
•
Metric Collection: Last 'N' Samples
21.1.1.1 Metric Collection: Since Startup
At any given time, real-time metrics are available for the duration for which the
WebLogic Server hosting WebCenter Portal is up and running. Real-time metrics that
are collected or aggregated since the startup of the container are displayed on Oracle
WebCenter Portal metric pages under the heading Since Startup. These metrics
provide data aggregated over the lifetime of the WebLogic Server. The aggregated
data enables you to understand overall system performance and compare the
performance of recent requests shown in Recent History.
For example, consider WebCenter Portal deployed on a managed server that was
started 4 hours ago. During that time, WebCenter Portal serviced 10,000 portlet
21-2
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
requests with a total response time of 500, 000 ms. For this scenario, Since Startup
metrics for portlets show:
•
Since Startup: Invocations (count) - 10000
•
Since Startup: Average Time (ms) - 50
Note:
Metric collection starts afresh after the container is restarted. Data collected
before the restart becomes unavailable.
21.1.1.2 Metric Collection: Recent History
In addition to Since Startup metrics, Oracle WebCenter Portal reports metrics for
requests serviced in the last 10 to 15 minutes as Recent History metrics. To do this,
Oracle WebCenter Portal takes regular snapshots of real time metrics at an internal
frequency. These metric snapshots are used to calculate the "delta" time spent
performing service requests in the last 10 to 15 minutes and this data displays as
Recent History metrics. Since Recent History metrics only aggregate data for the last
10-15 minutes, this information is useful if you want to investigate ongoing
performance/availability issues.
If you compare Recent Metrics to Since Startup metrics you can gauge how the
system characteristics have changed, compared to overall system availability/
performance.
For example, consider a system that has been up and running for 2 days. During that
time, Oracle WebCenter Portal recorded that the total time spent servicing 100, 000
portlet requests was 5 000 000 ms. The system starts to experience performance
issues, that is, in the last 10-15 minutes, 100 portlet requests took a total time of 3 000
000 ms. In this scenario, the average response time reported "Since Startup" is quite
low and would not indicate a performance issue (5 000 000ms/100 000 = 50ms).
However, the same Recent History metric is considerably higher (3000000ms/100 =
30 seconds) which immediately tells the administrator that performance degraded
recently. A quick comparison of "Recent History" with the corresponding "Since
Startup" metric can clearly show whether or not the recent metric data is normal and in
this case shows there is currently a problem with the system.
Recent History metrics can also help you prioritize which areas to investigate and
which areas you can ignore when performance issues arise. For example, if an
ongoing performance issue is reported and Recent History metrics for a particular
component shows a value of 0, it indicates that the component has not been used in
the last 10-15 minutes. Similarly, if the "Average Response Time" value is small and
the "Invocation" count is low, the component may not be contributing to the
performance problem. In such cases, administrators can investigate other areas.
Typically, Recent History shows data for the most recent 10-15 minutes. However,
there are situations when the data does not reflect the last 10-15 minutes:
•
If the WebLogic Server has just started up, and has been running for less than
10-15 minutes, then Recent History shows data for the duration for which the
server has been up and running.
21-3
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
•
If one or more tools or services are not accessed for an extended period of time,
then older metric snapshots slowly age out. In such cases, metric data is no longer
available for the last 10-15 minutes so Recent History metrics cannot calculate the
delta time spent in performing service requests that occurred in last 10-15
minutes. When this happens, the Recent History data can show the same values
as the Since Startup metrics. When the tool or service is used again, metric
snapshots for it resume. After enough recent data is available, the Recent History
metrics again start to display metrics for the last 10-15 minutes.
Most live environments are not idle for extended periods, so recent metric
collection is rarely suspended due to inactivity. However, if you have a test
environment that is used intermittently or not used for a while, you might notice
recent metric collection stop temporarily, as described here.
21.1.1.3 Metric Collection: Last 'N' Samples
Since Startup and Recent History metrics calculate performance over a specific
duration, and show aggregated metrics for that duration. In addition to these, Oracle
WebCenter Portal collects and reports per-request performance information for a
range of key WebCenter Portal metrics. Such metrics allow you to look at the success
and response time of each request individually, without considering previous requests.
Out-of-the-box, the last 100 samples are used to calculate key metric performance/
availability but you can increase or decrease the sample set to suit your installation.
For example, if 10 out of the last 100 page requests failed, page availability is
calculated as 90%. If you reduce the sample set to 50 and 10 pages fail, page
availability is reported to be 80%.
The examples show how the sample set size can effect the performance reports. The
value you select is up to you but if you increase the number of samples, consider the
additional memory requirements since the last 'N' metric samples are maintained in
memory. Oracle recommends a few hundred samples at most.
To change the number of samples used to report key performance metrics in your
installation, see Configuring the Number of Samples Used to Calculate Key
Performance Metrics.
To find out more about Oracle WebCenter Portal's key performance metrics and
thresholds, refer to Understanding the Key Performance Metrics.
21.1.2 Understanding the Key Performance Metrics
Diagnosing the availability and performance of WebCenter Portal typically requires
that you look at various important metrics across multiple components such as the
JVM, the WebLogic Server, as well as the application.
To help you quickly identity and diagnose issues that can impact WebCenter Portal
performance, Oracle WebCenter Portal collects the last 'N' samples for a range of "key
performance metrics" and exposes them in Fusion Middleware Control. To access key
performance metric information for your application, see Viewing Performance Metrics
Using Fusion Middleware Control.
Thresholds determine when a performance alert or warning is triggered. Allowing you
to set threshold values that represent suitable boundaries for your Oracle WebCenter
Portal system, ensures that you obtain relevant performance alerts in Enterprise
Manager Fusion Middleware Control. When key performance metrics are "out of
bounds" with respect to their configured thresholds they are easy to find in Fusion
21-4
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Middleware Control as they appear color-coded. For more information about
thresholds, see Customizing Key Performance Metric Thresholds and Collection.
You do not need to specifically set thresholds for metrics, such as "availabilty", that
report success or failure.
Oracle WebCenter Portal allows you to manage warning thresholds for the key
performance metrics described in Table 21-1:
Table 21-1
Key Performance Metric Collection
Component
Key Performance Metric
Metric Sampling
WebCenter Portal
Active Sessions
1 sample every X
minutes
WebCenter Portal - Pages
Page Response Time
Per Request
WebCenter Portal - Portlets
Portlet Response Time
Per Request
JVM
CPU Usage
1 sample every X
minutes
JVM
Heap Usage
1 sample every X
minutes
JVM
Garbage Collection Rate
1 sample every X
minutes
JVM
Average Garbage Collection
Time
1 sample every X
minutes
WebLogic Server
Active Execute Threads
1 sample every X
minutes
WebLogic Server
Execute Threads Idle Count
1 sample every X
minutes
WebLogic Server
Hogging Execute Threads
1 sample every X
minutes
WebLogic Server
Open JDBC Sessions
1 sample every X
minutes
Oracle WebCenter Portal captures end-user requests for pages and portlets, and a
metric sample is collected for each request. For example, if user A accesses page X,
both the availability of page X (success/fail metric) and the response time of the
request is captured by Oracle WebCenter Portal. Metric samples that take longer than
a configured metric alert threshold or fail, show "red" in Fusion Middleware Control to
immediately alert administrators when issues arise.
Other metrics, such as JVM and WebLogic Server metrics, are collected at a predefined frequency. Out-of-the-box, the sample frequency is 1 sample every 5 minutes
but you can customize this value if required. For details, see Configuring the
Frequency of WebLogic Server Health Checks.
The total number of samples that Oracle WebCenter Portal collects is configurable too,
as described in Configuring the Number of Samples Used to Calculate Key
Performance Metrics. The default sample set is 100 samples. Since there is a memory
21-5
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
cost to maintain metric samples, do not specify an excessive number of samples;
Oracle recommends a few hundred at most.
Oracle WebCenter Portal's key performance metrics are specifically selected to help
administrators quickly identity and diagnose common issues that can impact
WebCenter Portal performance. You can view all key performance metric data from
your application's home page in Fusion Middleware Control.
21.1.3 Using Key Performance Metric Data to Analyze and Diagnose
System Health
If you monitor WebCenter Portal regularly, you will learn to recognize trends as they
develop and prevent performance problems in the future. The best place to start is
your application's home page in Enterprise Manager Fusion Middleware Control. The
home page displays status, performance, availability, and other key metrics for the
various components, tools, and services that make up your application, as well as the
WebLogic Server on which the application is deployed.
If you are new to Oracle WebCenter Portal, use the information in this section to better
understand how to use the information displayed through Fusion Middleware Control
to identify and diagnose issues.
Figure 21-1 presents high-level steps for monitoring the out-of-the-box application
WebCenter Portal.
Figure 21-1
Analyzing System Health for WebCenter Portal - Main Steps
Note:
•
Steps 4 applies only if your application utilizes the portlets feature.
•
Bar charts appear grey if a feature is not used.
•
Line charts require at least 3 data points before they start to show data.
21-6
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-2
Analyzing System Health - Step by Step
Step
Description
Navigate to the
home page for
WebCenter
Portal
Use Enterprise Manager Fusion Middleware Control to monitor the
performance of your portal application. The best place to start is your
application's home page. See Navigating to the Home Page for WebCenter
Portal.
1 Check CPU
and heap
memory usage
Overall performance deteriorates when CPU or memory usage is too high
so its important that you always look at the CPU and memory metrics
before looking at any other Oracle WebCenter Portal-specific metric.
Check the Recent CPU and Memory Usage charts to see the current
usage trend:
•
•
High CPU usage? Occasional spikes in CPU usage is normal but if
CPU usage remains high (85-90%) over a long period of time, it
normally indicates there is an issue with CPU. To troubleshoot CPU
issues, see:
Understanding WebLogic Server Metrics
High memory usage? When the chart shows that memory is close to
the maximum heap size and the trend is not downwards, take some
memory dumps to further analyze the cause. To access maximum
heap size information:
1. Log in to WebLogic Server Administration Console.
2. Navigate to: Environment> Servers> <managed_server name>
3. Click Monitoring> Performance tab.
4. Look at "Heap Size Max".
See Troubleshooting Slow Requests Using JFR Recordings.
Next Step: If the charts indicate that CPU and memory usages are normal,
verify the health of the WebLogic Server.
21-7
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-2
(Cont.) Analyzing System Health - Step by Step
Step
Description
2 Verify the
health of
WebLogic
Server
Look in the WebLogic Server Metrics region:
•
Health - The bar chart summarizes recent WebLogic Server health, as
reported by the Oracle WebLogic Server self-health monitoring feature.
For example, if 10 out of the last 100 WebLogic Server health checks
fail (do not report OK), WebLogic Server health is shown as 90%. Click
the Health link to navigate to more detail on the Recent WebLogic
Server Metrics page.
•
Incidents - The number of times WebLogic Server metrics, such as
CPU usage, memory usage, thread count, number of JDBC
connections, session metrics, and so on, exceed threshold settings.
Click the Incidents link to diagnose incidents further.
The actions you take next depend on the metric data. For example, if there
are hogging threads, you can take thread dumps. If JDBC connections are
exceeding limits, you can analyze further for connection leaks. If the
garbage collection rate is exceeding limits, you can take heap dumps, an
so on.
For details, see Understanding WebLogic Server Metrics and
Troubleshooting Oracle WebCenter Portal Performance Issues.
Out-of-bound metrics show "red" in charts and "orange" in the Health
Metrics table. Examine all occurrences of such situations by scanning the
diagnostic logs. In-memory information is limited to "N" metric samples, but
the logs store much more historical information about how often a problem
is happening, as well as additional contextual information, such as which
user.
Here is sample message:
[WC_Portal] [WARNING] [WCS-69252]
[oracle.webcenter.system-management] [tid:
oracle.webcenter.DefaultTimer] [ecid:
0000JhEX92mEgKG_Ix8Dyf1Ghz32000002,0] [APP:
webcenter#11.1.1.4.0] wlsCpuUsage: 21.92100394175851 % of
WebLogicServer is out-of-bounds
Tip: You can use Fusion Middleware Control to locate all messages of this
type by searching the message type, message code, and other string
pattern details. See Viewing and Configuring Log Information.
By default, a warning thresholds is only set for CPU Usage but you can
configure thresholds for other key WebLogic Server metrics, such as Heap
Memory Usage. See Configuring Thresholds for Key Metrics.
Look at diagnostics logs for errors, failures, and any configuration or
network issues.
If an issue relates to another backend server, such as, WebCenter Content
and SOA, verify the JVM/WebLogic Server health (CPU, heap, threads,
and so on) for those managed servers too.
Similarly, investigate WebLogic Server health for other managed servers in
your WebCenter Portal installation such as WC_Portlet
Next Step: If the charts indicate that WebLogic Server is performing within
thresholds, verify the health of your WebCenter Portal application.
21-8
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-2
(Cont.) Analyzing System Health - Step by Step
Step
Description
3 Monitor page
performance
Look at the WebCenter Portal Metrics section at the top of the home
page.
Review the page availability/performance charts to see whether page
requests are currently responding as expected. Drill down to more detail to
investigate issues relating to recent page requests.
Use the Sort Ascending/Descending arrows for the Time and Page Name
columns to see whether a pattern is emerging for a specific page or set of
pages, or whether performance spikes appear to be more random.
Out-of-bound metrics show "red" in charts and "orange" in the Page Metrics
table. For details, see Understanding Page Request Metrics. Examine all
occurrences of such situations by scanning the diagnostic logs. In-memory
information is limited to "N" metric samples, but the logs store much more
historical information about how often a problem is happening, as well as
additional contextual information, such as which user.
Here is sample message:
[WC_Portal] [WARNING] [WCS-69251]
[oracle.webcenter.system-management] [tid:
[ACTIVE].ExecuteThread: '4' for queue:
'weblogic.kernel.Default (self-tuning)'] [userId: weblogic]
[ecid:
6356ef0164cbad47:3fe105c5:13b4e847973:-8000-0000000000000031,0
] [APP: webcenter#11.1.1.4.0] [DSID:
0000JhEYRT^EgKG_Ix8Dyf1Ghz32000005] pageResponseTime: 22223
ms of PersonalSpace/Activities is out-of-bounds
Tip: You can use Fusion Middleware Control to locate all messages of this
type by searching the message type, message code, and other string
pattern details. See Viewing and Configuring Log Information.
Identify individual pages that are not performing. For details, see How to
Identify Slow Pages.
Navigate to the "Overall Page Metrics" page to see how this page has
performed historically (since startup, and last 10-15 minutes). Has it always
been slow?
For pages that are failing, see How to Troubleshoot Slow Page Requests.
21-9
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-2
(Cont.) Analyzing System Health - Step by Step
Step
Description
4. Monitor
portlet
performance
Look at the WebCenter Portal Metrics section at the top of the home
page.
Review the portlet availability/performance charts to see whether portlets
are currently performing as expected. Drill down to more detail to
investigate issues relating to recent portlet requests. Out-of-bound metrics
show "red" in charts and "orange" in the Portlet Metrics table. For details,
see Understanding Portlet Producer Metrics.
Out-of-bound conditions are also logged in managed server diagnostic logs
so you can examine all historical events, that is, more that the most recent
sample set that is held in memory. For example:
[WC_Portal] [WARNING] [WCS-69253]
[oracle.webcenter.system-management] [tid:
pool-3-daemon-thread-1] [userId: weblogic] [ecid:
6356ef0164cbad47:3fe105c5:13b4e847973:-8000-0000000000000088,0
:16] [APP: webcenter#11.1.1.4.0] portletResponseTime: 20523 ms
of Portlet: slowRenderingPortlet from Web Producer MyPortlets is
out-of-bounds.
Identify individual portlets or portlet producers that are not performing as
expected.
Navigate to the "Overall Service Metrics" page, and then select Portlet
Producers or Portlets to see how these portlets/portlet producers have
performed historically (since startup, and last 10-15 minutes). Has
performance deteriorated recently or always been slow?
If portlet performance is normally within thresholds:
1.
Verify JVM/WebLogic Server health for the managed server that is
hosting the portlets (for example, WC_Portlet), that is, investigate
CPU, heap, threads, and so on.
2.
Enter the portlet producer's URL in your browser to determine whether
the producer is available.
3.
Review the portlet producer's connection configuration.
4.
Check for network connectivity issues between the WebCenter Portal
application and the portlet producer.
5.
Simulate portlet operations in WebCenter Portal, that is, view,
personalize, or interact with the portlet to verify whether the problem is
pervasive or intermittent.
Next Step: If the charts indicate that portlet requests are performing within
thresholds, verify the performance of your LDAP server.
21-10
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-2
(Cont.) Analyzing System Health - Step by Step
Step
Description
5. Monitor
LDAP server
performance
Look at the LDAP metrics in the Security section on the home page.
When the server first starts up the cache hit ratio is zero and typically
increases above 90% as the system warms up. For more information, see
Understanding Security Metrics.
Typically, the average LDAP lookup time is only a few milliseconds. If
lookups are taking a long time there maybe a problem with the LDAP
server or network relate issue.
•
If you want to measure the response time from the LDAP server for a
simple bind operation, run the command: ldapbind -D "UserDN" -h
ldaphost.example.com -p <port> -w <password>
If you are using Oracle Internet Directory, see Oracle Internet Directory
Performance Tuning in Tuning Performance for advice on how to improve
performance and avoid bottlenecks. For other LDAP servers, refer to the
appropriate product documentation.
Next Step: If your LDAP server is performing within thresholds, investigate
other areas.
6. Monitor
individual
tools and
services
Look at the WebCenter Portal Services section at the bottom of the home
page. For details, see Understanding Tool and Service Metrics.
Quickly see if a particular tool or service is "Down" or "Unknown". Refer to
Troubleshooting Common Issues with Tools and Services for guidance on
possible causes and actions.
Sort the table by Average Time or Invocations to prioritize which tool or
service to focus on.
Click a name to navigate to the "Overall Service Metrics" page. Compare
Since Startup and Recent History metrics to see if performance
deteriorated recently or always been slow.
21.1.4 Understanding Some Common Performance Issues and
Actions
If an Oracle WebCenter Portal metric is out-of-bounds, do the following:
•
Check system resources, such as memory, CPU, network, external processes, or
other factors. See Troubleshooting WebCenter Portal.
•
Check other metrics to see if the problem is system-wide or only in a particular tool
or service.
•
If the issue is related to a particular tool or component, then check if the back-end
server is down or overloaded.
•
If the WebLogic Server has been running for a long time, compare the Since
Startup metrics with the Recent History metrics to determine if performance has
recently deteriorated, and if so, by how much.
•
When the status of a tool or service is Down or some operations do not work, then
validate, test, and ping the back-end server through direct URLs. For details, refer
21-11
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
to the "Testing Connection" section in the relevant chapter. For a list of chapters,
see Administering Tools and Services .
When you reconfigure connections to tools and services you must always restart
the managed server on which the WebCenter Portal application is deployed to pick
up the changes. If key connection attributes change, such as a server's host/port
details, connectivity to the server may be lost and the service may become
unavailable until you reconfigure the connection and restart the managed server.
Note:
You can customize the threshold at which some key performance metrics
trigger out-of-bound conditions. See Customizing Key Performance Metric
Thresholds and Collection.
21.1.5 Understanding Page Request Metrics
You can monitor the availability and performance of page requests for WebCenter
Portal through Fusion Middleware Control. You can monitor recent page data and
historical (overall) page data.
This section includes the following information:
•
Understanding Full Page and Partial Page Metrics
•
Recent Page Metrics
•
Overall Page Metrics
Note:
The page request metrics discussed in this section are different from the page
operation metrics discussed in Page Operation Metrics. Page operation
metrics monitor page related operations such as creating pages. Whereas the
page request metrics described here monitor individual page view/display
requests (do not include page edit operations).
21.1.5.1 Understanding Full Page and Partial Page Metrics
Performance data is collected for full page and partial page requests. Full page
metrics do not include partial page metrics.
Partial page requests display only portions of the page. Therefore, you can monitor the
performance of pages within a page. Partial page refresh behavior is called partial
page rendering (PPR). PPR allows only certain components on a page to be
rerendered without the need to refresh the entire page. A common scenario is when
an output component displays what a user has chosen or entered in an input
component. Similarly, a command link or button can cause another component on the
page to be rerendered without refreshing the entire page.
Partial page rendering of individual components on a page only increases partial page
metrics and does not cause any change in full page metrics. For example, a calendar
21-12
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
refresh on a page increases partial page invocations by 1, but full page invocations
remain unchanged.
For more information about PPR, see Rerendering Partial Page Content in Developing
Web User Interfaces with Oracle ADF Faces.
21.1.5.2 Recent Page Metrics
Recent page availability and performance metrics are summarized on the home page
for WebCenter Portal (Figure 21-2 and Table 21-3). The page availability/performance
charts show at a glance if page requests are slower than expected or failing.
Note:
To access the home page, see Navigating to the Home Page for WebCenter
Portal.
The Page Availability and Page Performance charts report availability and
performance over the last 'N' page requests (by default, 'N' is 100). The time range
starts with the earliest page/portlet request time and ends with the current time. See
Configuring the Number of Samples Used to Calculate Key Performance Metrics.
The % value on the right shows the percentage of page requests that responded
within a specific time limit. The percentage is calculated using information from the last
'N' page requests. For example, if 'N' is 100, and if 3 of the last 100 page requests
exceeded the page response threshold, page performance is shown as 97%.
The bar chart status (green/red) does not change over time until the status changes,
so the % performance value and the visual green/red ratio do not always match up.
For example, consider a scenario where the first 5 page requests are "out of bounds",
the system is idle (no page requests) for 9 hours, and then there are 95 "good" page
requests within an hour. In this instance the chart displays 90% red (9 hours) and 10%
green (1 hour) but the % performance value shows 95% ('N' is 100 and 95 samples
out of 100 are "good"). The mismatch occurs because the bar charts plot uniformly
over time, whereas page requests are not usually uniformly distributed over time.
Figure 21-2
Recent Page Summary on the WebCenter Portal Home Page
If the chart indicates issues or incidents, click the Page Availability or Page
Performance link to navigate to more detailed information to diagnose the issue
further (see Figure 21-3 and Table 21-3).
21-13
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Use the information on the Recent Page Metrics page (Figure 21-3) to troubleshoot
recent page performance issues. The page availability/performance charts at the top
of the page show "red" if page requests are slower than expected or failing.
Note:
Out-of-the-box, the page response threshold is 10, 000ms so pages taking
longer than 10, 000ms to respond show "red" in the chart. If this threshold is
not suitable for your installation you can change the threshold value. See
Customizing Key Performance Metric Thresholds and Collection.
Figure 21-3
Recent Page Metrics
The charts report availability/performance over the last 'N' page requests. The time
range starts with the earliest page request time and ends with the time of the last page
request.
Use the information in the table to identify slow pages, that is, the name of the page
and the portal to which the page belongs.
To diagnose page response issues, refer to the advice in "Step 3. Monitor page
performance" in Table 21-2.
21-14
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-3
Recent Page Request Metrics
Metric
Description
Availability
Indicates page availability over the last 'N' page requests:
•
•
•
Performance
Green - Indicates successful page requests.
Red - Indicates that a failure occurred during a page
request.
Look at the Status column in the table below to identify any
page requests that fail.
% - Percentage of page requests that succeeded. The
percentage is calculated using status information from the
last 'N' page requests. For example, if 'N' is 100 and 5 of
the last 100 page requests failed, page availability is shown
as 95%.
Indicates page performance over the last 'N' page requests:
•
•
Green - Indicates acceptable page response times, that is,
the time taken to respond is less than a predefined
threshold.
Red - Indicates page responses exceeding the limit set.
For example, if your installation specifies the page
response threshold to be 3, 000 ms, responses longer then
3, 000 ms trigger a warning message and an "out-ofbounds" condition is logged.
Out-of-the-box, the page response threshold is 10, 000ms.
•
Look at the Time column in the table below. Responses
that exceed the threshold appear in orange. Click the Sort
Descending arrow to identify the slowest pages. Open and
examine slow pages to assess whether there is scope to
improve page performance either by redesigning the page
or modifying/removing page content.
% - Percentage of page requests that responded within the
time limit specified. The percentage is calculated using
information from the last 'N' page requests. For example, if
'N' is 100, and 10 of the last 100 page requests exceeded
the page response threshold, page performance is shown
as 90%.
Date Time
Date and time page requested.
Page Name
Name of the page requested.
Portal Name
Name of the portal in which the page is stored.
Partial Page Refresh
Indicates whether the page request refreshed the whole page
(false) or a part of the page (true).
Status
Indicates whether the page request was successful (Success)
or failed (Failure). Failure displays in orange text.
Time (ms)
Time taken to refresh the page (full or partial), in milliseconds. If
the time exceeds the predefined page response threshold, the
value displays in "orange".
21-15
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
21.1.5.3 Overall Page Metrics
Historical performance metrics associated with page activity are also available as
shown in Figure 21-4 and described in Table 21-4. This page displays metrics for both
full and partial page requests and you can filter the data displayed to suit your
requirements.
Note:
To access these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
Figure 21-4
Overall Page Request Metrics
The table at the top of this page summarizes the status and performance of individual
pages. Use the table to quickly see which pages are available, and to review their
individual and relative performances.
Statistics become available when a page is created and are updated every time
someone accesses and uses the page.
21-16
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Note:
Metrics for pages in the Home portal are not included.
Table 21-4
Page Request Metrics - Full Page and Partial Page
Field
Description
Display Options
Filter the data displayed in the table:
•
•
•
•
Page Name Filter - Enter a full or partial search term, then
click the Refresh icon to refresh the list with all pages for
which a match is found in the page name. To display all
pages, clear the search term and click Refresh again.
Portal Name Filter - Enter a full or partial search term,
then click the Refresh icon to refresh the list with all pages
for which a match is found in the portal's display name. To
display page metrics from all portals (previously referred to
as spaces), clear the search term and click Refresh again.
Maximum Rows - Restrict the total number of pages
displayed in the table.
Display - Display metrics for the most accessed pages,
the slowest pages, or the pages experiencing the most
errors. Depending on you selection, the table orders pages
by:
- Number of Invocations (Most Accessed Pages)
- Average Page Processing Time (Slowest Pages)
- Number of Errors (Pages with Most Errors)
Duration - Display metric information collected since
startup or in the last 15 minutes (Recent History).
The top five pages display in the chart.
•
Page Name
Names of pages that match your filter criteria (if any).
If you do not specify filter criteria, all the pages are listed.
Portal Name
Names of portals that match your filter criteria (if any).
If you do not specify filter criteria, pages from all portals are
listed.
Invocations
Total number of page invocations per minute (full or partial):
- Since Startup
- Last 15 Minutes
Average Time (ms)
Average time (in ms) to display the page (full or partial):
- Since Startup
- Last 15 Minutes
Maximum Time (ms)
Maximum time taken to display a page (full or partial):
Errors (Only for full page)
Number of errors that occurred for a page per minute.
21-17
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-4
(Cont.) Page Request Metrics - Full Page and Partial Page
Field
Description
Successful Invocations
(Only for full page)
Percentage of page invocations that succeeded:
- Since Startup
- Last 15 Minutes
If Successful Invocations (%) is below 100%, check the
diagnostic logs to establish why page requests are failing. See
Viewing and Configuring Log Information.
Pages per Minute
Number of times the page is accessed per minute, also referred
to as page throughput:
- Since Startup
- Last 15 Minutes
Overall Page Request Metrics - Graphs
Use the graphs below the table to see, at a glance:
•
Invocations - Graph showing the most popular or least used pages, that is, pages
recording the most or least invocations.
•
Page Throughput - Graph showing the average number of pages accessed per
minute. Use this graph to identify pages with high (or low) hit rates.
•
Errors - Graph showing the number of errors. Use this graph to compare error
rates.
•
Average Processing Time - Graph showing the average page response time (in
milliseconds). Use this graph to identify pages with the best (or worst)
performance.
To compare a different set of pages:
•
Specify the appropriate filtering criteria in the Page Name Filter.
•
Select one or more pages in the table, and then click Display in Chart.
21.1.6 Understanding Portlet Producer Metrics
You can monitor the availability and performance of all the portlets and portlet
producers used by WebCenter Portal through Fusion Middleware Control. You can
monitor recent and historical (overall) portlet data. The following topics describe the
metrics that are available:
•
Recent Portlet Metrics
•
Overall Portlet Producer Metrics
•
Overall Portlet Metrics
21.1.6.1 Recent Portlet Metrics
Recent portlet availability and performance metrics are summarized on the home page
for WebCenter Portal (Figure 21-5 and Table 21-5). The portlet availability/
21-18
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
performance charts show at a glance if portlet requests are slower than expected or
failing.
Note:
To access the home page, see Navigating to the Home Page for WebCenter
Portal.
The Portlet Availability and Portlet Performance charts report availability and
performance over the last 'N' portlet requests (by default, 'N' is 100). The time range
starts with the earliest page/portlet request time and ends with the current time. See
Configuring the Number of Samples Used to Calculate Key Performance Metrics.
The % value on the right shows the percentage of portlet requests that responded
within a specific time limit. The percentage is calculated using information from the last
'N' portlet requests. For example, if 'N' is 100, and if 25 of the last 100 portlet requests
exceeded the portlet response threshold, portlet performance is shown as 75%. For
more information, see Table 21-5.
The bar chart status (green/red) does not change over time until the status changes,
so the % performance value and the visual green/red ratio do not always match up. An
explanation for this is provided in Recent Page Metrics and the same applies to the
portlet charts.
Figure 21-5
Page
Recent Portlet Metric Summary on the WebCenter Portal Home
If the chart indicates issues or incidents, click the Portlet Availability or Portlet
Performance link navigate to more detailed information to diagnose the issue further
(Figure 21-6 and Table 21-5).
21-19
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-6
Recent Portlet Metrics
Use the information on this page to troubleshoot recent portlet performance issues.
The portlet availability/performance charts at the top of the page show "red" if portlet
requests are slower than expected or failing.
Note:
Out-of-the-box, the portlet response threshold is 10, 000ms so portlets taking
longer than 10, 000ms to respond show "red" in the chart. If this threshold is
not suitable for your installation you can change the threshold value. For more
information, see Customizing Key Performance Metric Thresholds and
Collection.
The charts report availability/performance over the last 'N' portlet requests. The time
range starts with the earliest portlet request time and ends with the time of the last
portlet request.
Use the information in the table to identify slow portlets. You can determine the name
of the portlet and the producer to which the portlets belongs.
To diagnose portlet issues, refer to the advice in Step 5. Monitor portlet performance in
Table 21-2.
21-20
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-5
Recent Portlet Metrics
Metric
Portlet Availability
Description
Indicates portlet availability over the last 'N' portlet requests:
•
•
•
Portlet Performance
Green - Indicates successful portlet requests.
Red - Indicates that a failure occurred during a portlet
request.
Look at the Status column in the table below to identify any
portlet requests that fail.
% - Percentage of portlet requests that succeeded. The
percentage is calculated using status information from the
last 'N' portlet requests. For example, if 'N' is 100 and 5 of
the last 100 portlet requests failed, portlet availability is
shown as 95%.
Indicates portlet performance over the last 'N' portlet requests:
•
•
Green - Indicates acceptable portlet response times, that
is, the time taken to respond is less than a predefined
threshold.
Red - Indicates portlet responses exceeding the limit set.
For example, if your installation specifies the portlet
response threshold to be 60 ms, responses longer then 60
ms trigger a warning message and an "out-of-bounds"
condition is logged.
Out-of-the-box, the portlet response threshold is 10,000ms.
•
Look at the Time column in the table below. Responses
that exceed the threshold appear in orange. Click the Sort
Descending arrow to identify the slowest portlets. Once
you have the portlet's name, you can examine the portlet to
assess how they might be modified to improve efficiency.
% - Percentage of portlet requests that responded within
the time limit specified. The percentage is calculated using
information from the last 'N' portlet requests. For example,
'N' is 100, and 10 of the last 100 portlet requests exceeded
the portlet response threshold, portlet performance is
shown as 90%.
Date Time
Date and time of the portlet request.
Portlet Name
Name of the portlet requested.
21.1.6.2 Overall Portlet Producer Metrics
Historical performance metrics are also available for portlet producers used by
WebCenter Portal, as shown in Figure 21-7. The information displayed on this page is
described in the following tables:
•
Table 21-6
•
Table 21-7
21-21
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Note:
To access these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
Figure 21-7
Portlet Producer Metrics
Table 21-6
Portlet Producers - Summary
Metric
Description
Status
The current status of portlet producers used in the application:
•
•
•
Up (Green Up Arrow) - Indicates that all portlet producers
are up and running.
Down (Red Down Arrow) - Indicates that the one or more
portlet producers are currently unavailable. A producer
instance might be down, or there could be some network
connectivity issues.
Unknown (Clock) - Unable to query the status of the
portlet producers for some reason. Maybe the managed
server is down or the node cannot be reached due to a
network issue. To diagnose further, review the Admin
Server log, and the managed server logs.
21-22
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-6
(Cont.) Portlet Producers - Summary
Metric
Description
Successful Invocations (%)
The percentage of portlet producer invocations that succeeded:
- Since Startup
- Last 15 Minutes
Any request that fails will impact availability. This includes
application-related failures such as timeouts and internal errors,
and also client/server failures such as requests returned with
response codes HTTP4xx or HTTP5xx, responses with a bad
content type, and SOAP faults, where applicable.
If Successful Invocations (%) is below 100%, check the
diagnostic logs to establish why service requests are failing.
See Viewing and Configuring Log Information.
Invocations
The number of portlet producer invocations per minute:
- Since Startup
- Last 15 Minutes
This metric measures each application-related portlet request
and therefore, due to cache hits, errors, or timeouts on the
application, this total may be higher than the number of actual
HTTP requests made to the producer server.
Average Time (ms)
The average time taken to make a portlet request, regardless of
the result:
- Since Startup
- Last 15 Minutes
Table 21-7
Portlet Producer - Detail
Metric
Description
Most Popular Producers
The number of invocations per producer (displayed on a chart).
The highest value on the chart indicates which portlet producer
is used the most.
The lowest value indicates which portlet producer is used the
least.
Response Time
The average time each portlet producer takes to process
producer requests since WebCenter Portal started up
(displayed on a chart).
The highest value on the chart indicates the worst performing
portlet producer.
The lowest value indicates which portlet producer is performing
the best.
Producer Name
The name of the portlet producer being monitored.
Click the name of a portlet producer to pop up more detailed
information about each portlet that the application uses. See
Table 21-9.
21-23
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-7
(Cont.) Portlet Producer - Detail
Metric
Description
Status
The current status of each portlet producer:
•
•
•
Producer Type
The portlet producer type: Web or WSRP
•
•
Successful Invocations (%)
Up (Green Up Arrow) - Indicates that the portlet producer is
up and running.
Down (Red Down Arrow) - Indicates that the portlet
producer is currently unavailable. The producer instance
might be down, or there could be some network
connectivity issues.
Unknown (Clock) - Unable to query the status of portlet
producer for some reason.
Web portlet producer - Oracle PDK Java producer
deployed to a J2EE application server, which is often
remote and communicates through Simple Object Access
Protocol (SOAP) over HTTP.
WSRP portlet producer - Web Services for Remote Portlets
(WSRP) is a Web services standard that allows
interoperability between a standards enabled container and
any WSRP application.
The percentage of producer invocations that succeeded:
- Since Startup
- Last 15 Minutes
Invocations
The number of invocations, per producer:
- Since Startup
- Last 15 Minutes
By sorting the table on this column, you can find the most
frequently accessed portlet producer in WebCenter Portal.
Average Time (ms)
The average time taken to make a portlet request, regardless of
the result:
- Since Startup
- Last 15 Minutes
Use this metric to detect non-functional portlet producers. If you
use this metric with the Invocations metric, then you can
prioritize which producer to focus on.
Maximum Time (ms)
The maximum time taken to process producer requests:
- Successes - HTTP200xx response code
- Re-directs - HTTP300xx response code
- Client Errors - HTTP400xx response code
- Server Errors - HTTP500xx response code
21.1.6.3 Overall Portlet Metrics
Historical performance metrics are available for individual portlets used by WebCenter
Portal, as shown in Figure 21-8. The information displayed on this page is described in
the following tables:
21-24
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
•
Table 21-8
•
Table 21-9
•
Table 21-10
•
Table 21-11
Note:
To access these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
Figure 21-8
Portlet Metrics
21-25
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-8
Portlets - Summary
Metric
Description
Status
The current status of portlets used in WebCenter Portal:
•
•
•
Successful Invocations (%)
Up (Green Up Arrow) - Indicates that all portlets are up and
running.
Down (Red Down Arrow) - Indicates that the one or more
portlets are currently unavailable. A producer instance
might be down, or there could be some network
connectivity issues. For other causes, see Portlets and
Producers - Issues and Actions.
Unknown (Clock) - Unable to query the status of portlets
for some reason. Maybe the managed server is down or
the node cannot be reached due to a network issue. To
diagnose further, review the Admin Server log, and the
managed server logs.
The percentage of portlet invocations that succeeded:
- Since Startup
- Last 15 Minutes
Any request that fails will impact availability. This includes
application-related failures such as timeouts and internal errors,
and also client/server errors.
If Successful Invocations (%) is below 100%, check the
diagnostic logs to establish why service requests are failing.
See Viewing and Configuring Log Information.
Invocations
The number of portlet invocations per minute:
- Since Startup
- Last 15 Minutes
This metric measures each application-related portlet request
and therefore, due to cache hits, errors, or timeouts on the
application, this total may be higher than the number of actual
HTTP requests made to the portlet producer.
Average Time (ms)
The average time taken to process operations associated with
portlets, regardless of the result:
- Since Startup
- Last 15 Minutes
Table 21-9
Portlet - Detail
Metric
Description
Most Popular Portlets
The number of invocations per portlet (displayed on a chart).
The highest value on the chart indicates which portlet is used
the most.
The lowest value indicates which portlet is used the least.
21-26
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-9
(Cont.) Portlet - Detail
Metric
Description
Response Time
The average time each portlet takes to process requests since
WebCenter Portal started up (displayed on a chart).
The highest value on the chart indicates the worst performing
portlet.
The lowest value indicates which portlet is performing the best.
Portlet Name
The name of the portlet being monitored.
Status
The current status of each portlet:
•
•
Producer Name
Producer Type
The name of the portlet producer through which the portlet is
accessed.
The portlet producer type: Web or WSRP
•
•
Successful Invocations (%)
Up (Green Up Arrow) - Indicates that the portlet is up and
running.
Down (Red Down Arrow) - Indicates that the portlet is
currently unavailable. The producer instance might be
down, or there could be some network connectivity issues.
Web portlet producer - Oracle PDK Java producer
deployed to a J2EE application server, which is often
remote and communicates through Simple Object Access
Protocol (SOAP) over HTTP.
WSRP portlet producer - Web Services for Remote Portlets
(WSRP) is a Web services standard that allows
interoperability between a standards enabled container and
any WSRP application.
The percentage of portlet invocations that succeeded:
- Since Startup
- Last 15 Minutes
If Successful Invocations (%) is below 100%, check the
diagnostic logs to establish why service requests are failing.
See Viewing and Configuring Log Information.
Invocations
The number of invocations, per portlet:
- Since Startup
- Last 15 Minutes
By sorting the table on this column, you can find the most
frequently accessed portlet in WebCenter Portal.
Average Time (ms)
The average time each portlet takes to process requests,
regardless of the result:
- Since Startup
- Last 15 Minutes
Use this metric to detect non-performant portlets. If you use this
metric with the Invocations metric, then you can prioritize which
portlet to focus on.
21-27
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-9
(Cont.) Portlet - Detail
Metric
Description
Maximum Time (ms)
The maximum time taken to process portlet requests:
- Successes - HTTP200xx
- Redirects - HTTP300xx
- Client Errors - HTTP400xx
- Server Errors - HTTP500xx
The breakdown of performance statistics by HTTP response
code can help you identify which factors are driving up the total
average response time. For example, failures due to portlet
producer timeouts would adversely affect the total average
response time.
Table 21-10
Portlet - HTTP Response Code Statistics
Metric
Description
Portlet Name
The name of the portlet being monitored.
Invocations Count
The number of invocations, by type (HTTP response code):
- Successes
- Since Startup
- Redirects
- Last 15 Minutes
- Client Errors
See Table 21-11.
- Server Errors
Average Time (ms)
The average time each portlet takes to process requests:
- Successes
- Since Startup
- Redirects
- Last 15 Minutes
- Client Errors
Use this metric to detect non-functional portlets. If you use this
metric with the Invocations metric, then you can prioritize which
portlet to focus on.
- Server Errors
Table 21-11
HTTP Response Codes
HTTP Response and Error Description
Code
200 -Successful Requests
Portlet requests that return any HTTP2xx response code, or
which were successful without requiring an HTTP request to the
remote producer, for example, a cache hit.
300 -Unresolved
Redirections
Portlet requests that return any HTTP3xx response code.
400 -Unsuccessful Request
Incomplete
Portlet requests that return any HTTP4xx response code.
500 -Unsuccessful Server
Errors
Portlet requests that failed for any reason, including requests
that return HTTP5xx response codes, or which failed due to a
application-related error, timeout, bad content type response, or
SOAP fault.
21-28
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
21.1.7 Understanding WebLogic Server Metrics
Recent WebLogic Server performance is summarized on the home page for
WebCenter Portal (Figure 21-9 and Table 21-12). If the chart indicates issues or
incidents, you can navigate to more detailed information to diagnose the issue further.
Note:
To access the home page, see Navigating to the Home Page for WebCenter
Portal.
Figure 21-9
Recent WebLogic Server Metric Summary on the Home Page
The charts report results from the last WebLogic Server 100 health checks. By default,
metrics are recorded every five minutes so data collected over the last 8 hours can
display here. If the server started up recently, the chart displays data from the time the
server started to the current time.
Note:
If required, you can customize the metric collection frequency to better suit
your installation. For details, see Customizing Key Performance Metric
Thresholds and Collection.
Table 21-12
Recent WebLogic Server Metrics on the Home Page
Metric
Description
Health
Summarizes recent WebLogic Server health as reported by the
Oracle WebLogic Server self-health monitoring feature. This
metric considers recent server health, thread health, and JDBC
health:
•
•
•
Green - Indicates successful WebLogic Server health
checks.
Red - Indicates that an incident occurred during a
WebLogic Server health check.
Click Health to identify health checks that fail (do not report
OK). See Figure 21-10.
% - Percentage of WebLogic Server health checks that
succeeded. By default, the percentage is calculated using
status information from the last 100 health checks. For
example, if 5 of the last 100 health checks fail (do not
report OK), Health is shown as 95%.
21-29
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-12
(Cont.) Recent WebLogic Server Metrics on the Home Page
Metric
Description
Incidents
Number of times WebLogic Server metrics exceed threshold
settings (that is, metrics such as CPU usage, memory usage,
thread count, number of JDBC connections, session metrics,
and so on).
For example, if the metric data set contains 2 incidents where
thread count exceeded the predefined threshold and the
number of JDBC connections exceeded the threshold limit 3
times, then the number of incidents displayed is 5.
When the number of incidents is greater than 0, an icon with a
red cross displays. Click the Incidents link to drill down to the
Recent WebLogic Server Metrics Page (Figure 21-9) and
examine the Health Metrics table to diagnose the incidents
further.
You can click Health or Incidents to drill down to the Recent WebLogic Server Metrics
Page (Figure 21-9). The metrics displayed on this page are described in the following
topics:
•
WebLogic Server Metrics Section
•
Recent CPU and Memory Usage Section
•
Recent Session and Thread Usage Section
•
Recent JDBC Usage Section
•
Health Metrics Section
21-30
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-10
Recent WebLogic Server Metrics Page
21.1.7.1 WebLogic Server Metrics Section
Metric
Description
General
Up Since
Date and time the server last started up.
21-31
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Metric
Description
State
Current lifecycle state of this server.For example, a server can be in
a RUNNING state in which it can receive and process requests or in
an ADMIN state in which it can receive only administrative requests.
For more information, see Understanding Server Life Cycle in
Administering Server Startup and Shutdown for Oracle WebLogic
Server.
Health
Health status of the server, as reported by the Oracle WebLogic
Server self-health monitoring feature.
For example, the server can report if it is overloaded by too many
requests, if it needs more memory resources, or if it will soon fail for
other reasons.
For more information, see Configure health monitoring in Oracle
WebLogic Server Administration Console online help.
CPU Usage (%)
Percentage of the CPU currently in use by the Java Virtual Machine
(JVM). This includes the load that the JVM is placing on all
processors in the host computer.
For example, if the host uses multiple processors, the value
represents a snapshot of the average load on all the processors.
Heap Usage (MB)
Size of the memory heap currently in use by the Java Virtual
Machine (JVM), in megabytes.
Java Vendor
Name of the company that provided the current Java Development
Kit (JDK) on which the server is running.
Java Version
Version of the JDK on which the current server is running.
Performance
Garbage Collection
Rate (per min)
Rate (per minute) at which the Java Virtual Machine (JVM) is
invoking its garbage-collection routine.
By default, this metric shows the rate recorded in the last five
minutes. See Configuring the Frequency of WebLogic Server
Health Checks.
Average Garbage
Collection Time (ms)
Average length of time (ms) the Java Virtual Machine spent in each
run of garbage collection. The average shown is for the last five
minutes.
By default, this metric shows the average over the last five minutes.
See Configuring the Frequency of WebLogic Server Health Checks.
Active Execute Threads
Number of active execute threads in the pool.
Execute Threads Idle
Count
Number of idle threads in the pool. This count does not include
standby threads or stuck threads. The count indicates threads that
are ready to pick up new work when it arrives.
Hogging Execute
Threads
Number of threads that are being held by a request right now.
These threads will either be declared as stuck after a configured
timeout or return to the pool. The self-tuning mechanism backfills if
necessary.
Active Sessions
Number of active sessions for the application.
21-32
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Metric
Description
Open JDBC Sessions
Number of JDBC connections currently open.
Incidents
Number of times WebLogic Server metrics exceed threshold
settings (that is, metrics such as CPU usage, memory usage,
thread count, number of JDBC connections, session metrics, and
so on).
For example, if the metric data set contains 2 incidents where
thread count exceeded the predefined threshold and the number of
JDBC connections exceeded the threshold limit 3 times, then the
number of incidents displayed is 5.
When the number of incidents is greater than 0, an icon with a red
cross displays.
Health
Summarizes recent health status, as reported by the Oracle
WebLogic Server self-health monitoring feature.
The Health charts report results from the last 100 performance
checks. By default, metrics are recorded every five minutes so data
collected over the last 500 minutes displays. If the server started up
recently, the chart displays data from the time the server started to
the current time.
•
•
•
WebLogic Server
Green - Indicates successful health checks, that is, checks that
return "OK".
Red - Indicates that a health check returned a status other than
"OK". For example, if all threads in the default queue become
stuck, server health state changes to "CRITICAL". Similarly, if
all threads in weblogic.admin.HTTP, weblogic.admin.RMI, or
a user-defined execute queue become stuck, server health
state changes to "WARNING".
To identify failed health checks, review the Health Metrics
Section at the bottom of the page.
% - Percentage of health checks that succeeded (OK). The
percentage is calculated using status information from the last
100 health checks. For example, if 5 of the last 100 thread
health checks fail, thread health is shown as 95%.
Reports recent WebLogic Server health checks.
For example, if 10 out of the last 100 WebLogic Server health
checks failed (not "OK"), WebLogic Server health is shown as 90%.
Thread
Reports recent thread health checks.
For example, if 10 out of the last 100 WebLogic Server health
checks report a thread health status other than "OK", WebLogic
Server thread health is shown as 90%
Some example thread health failures include:
•
•
If all threads in the default queue become stuck, server health
state changes to "CRITICAL".
If all threads in weblogic.admin.HTTP, weblogic.admin.RMI,
or a user-defined execute queue become stuck, server health
state changes to "WARNING".
21-33
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Metric
Description
JDBC
Reports recent JDBC health checks. For example, the server can
report too many JDBC connection requests.
If 10 out of the last 100 WebLogic Server health checks report a
JDBC health status other than "OK", WebLogic Server JDBC health
is shown as 90%.
21.1.7.2 Recent CPU and Memory Usage Section
This graph charts CPU and memory utilization for the Java Virtual machine over the
the last 100 health checks.The time range starts with the earliest health check and
ends with the time of the last health check.
From this performance graph, you will be able to tell how much of the memory/CPU
configured for the virtual machine is actually being used and whether the trend is
increasing. This might reveal to you that the applications running inside that virtual
machine need more memory than the virtual machine has been assigned and that
adding more memory to the virtual machine -- assuming that there is sufficient memory
at the host level -- might improve performance. Similarly, you can assess whether
additional CPU resources are required.
Metric
Description
CPU Usage (%)
Percentage of the CPU currently in use by the Java Virtual Machine
(JVM). This includes the load that the JVM is placing on all
processors in the host computer.
For example, if the host uses multiple processors, the value
represents a snapshot of the average load on all the processors.
Heap Usage (MB)
Size of the memory heap currently in use by the Java Virtual
Machine (JVM), in megabytes.
21.1.7.3 Recent Session and Thread Usage Section
This graph charts the number of active sessions and active threads recorded over the
last 100 health checks.The time range starts with the earliest health check and ends
with the time of the last health check.
The number of active sessions and threads should rise and fall with the load on your
system. If the graph shows a sudden rise or the number of sessions or threads keep
increasing, investigate the issue further to understand what triggered the change in
behavior.
Metric
Description
Active Sessions
Number of active sessions for the application.
Active Thread
Number of active threads for the application.
21-34
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
21.1.7.4 Recent JDBC Usage Section
This graph charts the number of open JDBC sessions recorded over the last 100
health checks. The time range starts with the earliest health check and ends with the
time of the last health check.
The Current Active Connection Count metric across all the data sources belonging to
the server are used to calculate the overall open JDBC session count displayed here.
Use this chart to determine the number of JDBC sessions being used and to see
whether the system is leaking JDBC resources. You can use the information in this
chart to assess whether JDBC configuration or the connection pool size needs to be
adjusted.
21.1.7.5 Health Metrics Section
This table displays data from the last 100 WebLogic Server health metrics collected,
as reported by the Oracle WebLogic Server self-health monitoring feature.
Metric
Description
Date Time
Date and time of the WebLogic Server health check.
Server Health
Sever health status, as reported by the Oracle WebLogic Server
self-health monitoring feature.
Successful health checks return "OK". Unsuccessful health checks
report various failures, for example, the server can report if it is
overloaded by too many requests, if it needs more memory
resources, or if it will soon fail for other reasons.
For more information, see Configure health monitoring in Oracle
WebLogic Server Administration Console online help.
Thread Health
Thread health status, as reported by the Oracle WebLogic Server
self-health monitoring feature.
Successful health checks return "OK". Unsuccessful thread checks
report various failures, for example, if all the threads in the default
queue become stuck, server health state changes to "CRITICAL". If
all threads in weblogic.admin.HTTP, weblogic.admin.RMI, or a
user-defined execute queue become stuck, server health state
changes to "WARNING".
For more information, see Configure health monitoring in Oracle
WebLogic Server Administration Console online help.
JDBC Health
JDBC health status, as reported by the Oracle WebLogic Server
self-health monitoring feature.
Successful health checks return "OK". Unsuccessful JDBC checks
report various failures, for example, if the server reports too many
JDBC connection requests or that more memory resources are
required, server health state changes to "WARNING".
For more information, see Configure health monitoring in Oracle
WebLogic Server Administration Console online help.
21-35
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Metric
Description
Server CPU (%)
If you are using the Oracle JRockit JDK, this metric shows the
percentage of the CPU currently in use by the Java Virtual Machine
(JVM). This includes the load that the JVM is placing on all
processors in the host computer.
For example, if the host uses multiple processors, the value
represents a snapshot of the average load on all the processors.
Heap Usage (MB)
Total heap memory (in MB) currently in use by the JVM.
Average Garbage
Collection Time (ms)
Average length of time (ms) the Java Virtual Machine spent in each
run of garbage collection. The average shown is for the last five
minutes.
By default, this metric shows the average over the last five minutes.
See Configuring the Frequency of WebLogic Server Health Checks.
Garbage Collection
Rate (per min)
Rate (per minute) at which the Java Virtual Machine (JVM) is
invoking its garbage-collection routine.
By default, this metric shows the rate recorded in the last five
minutes. See Configuring the Frequency of WebLogic Server
Health Checks.
Active Sessions
Number of active sessions for the application.
Active Execute Threads
Number of active execute threads in the pool.
Execute Threads Idle
Count
Number of idle threads in the pool. This count does not include
standby threads or stuck threads. The count indicates threads that
are ready to pick up new work when it arrives.
Hogging Thread Count
Number of threads that are being held by a request right now.
These threads will either be declared as stuck after a configured
timeout or return to the pool. The self-tuning mechanism backfills if
necessary.
Open JDBC
Connections
Number of JDBC connections currently open.
21.1.8 Understanding Security Metrics
Some key security-related performance metrics are displayed for WebCenter Portal on
the home page (Figure 21-11 and Table 21-13).
Note:
To access the home page, see Navigating to the Home Page for WebCenter
Portal.
21-36
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-11
Security Metrics on the Home Page
If you compare Since Startup metrics with Recent History metrics you can determine
whether performance has recently deteriorated, and if so, by how much.
Table 21-13
Security Metrics
Metric
Description
LDAP Cache Hit Ratio (%)
Percentage of LDAP searches that result in a cache hit.
Average LDAP Lookup
Time (ms)
Average time to complete an LDAP search request:
- Since Startup
- Last 15 Minutes1
If LDAP searches are taking too long, its most likely an issue on
the LDAP server that is causing slow response times. If you are
using Oracle Internet Directory, see Oracle Internet Directory
Performance Tuning in Tuning Performance for advice on how
to improve performance and avoid bottlenecks. For other LDAP
servers, refer to the appropriate product documentation.
1
The last 10-15 minutes of data is used to calculate recent performance metrics. For details,
seeUnderstanding Oracle WebCenter Portal Metric Collection .
21.1.9 Understanding Page Response and Load Metrics
The page response chart on your application's home page (Figure 21-11) shows you
how quickly WebLogic Server is responding to page requests and how many requests
are being processed (its load).
The average page processing time (in ms) for all portals, is calculated over a 15
minute period. The number of invocations per minute is also displayed to help you
determine whether the average page processing time is increasing or decreasing. If
slower page processing times are due to a large number of users accessing the
system, an increase in invocations per minute will display on the graph. If the number
of users has not increased (the invocations per minute graph is not increasing or
fluctuating), then slower page processing times are most likely due to machine
resource issues or lack of JVM resources (low memory, contention for database
connections, and so on).
Click Table View to see detailed response and load values, recorded at 5 minute
intervals.
Note:
To access the home page, see Navigating to the Home Page for WebCenter
Portal.
21-37
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-12
Page Response Metrics on the Home Page
If you compare Since Startup metrics with Recent History metrics (last 15 minutes),
you can determine whether performance has recently deteriorated, and if so, by how
much.
21.1.10 Understanding Portal Metrics
(WebCenter Portal only) You can view live performance metrics for individual portals
through Fusion Middleware Control, as shown in Figure 21-13. The metrics displayed
on this page are described in Table 21-14 and Metrics Common to all Tools and
Services.
Note:
Metrics for the Home portal are not included.
21-38
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-13
Portal Metrics
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
The table at the top of this page summarizes the status and performance of individual
portals. Use the table to quickly see which portals are up and running, and to review
their individual and relative performances.
Statistics become available when a portal is created and are updated every time a
member accesses and uses the portal.
You can filter the data displayed in the following ways:
•
Portal Name Filter - Enter a full or partial search term, and then press Enter to
refresh the list with all portals for which a match is found in the display name. To
display metrics for all portals, clear the search term and press Enter again.
•
Maximum Rows - Restrict the total number of portals displayed in the table.
•
Display - Display metrics for the most accessed portals, the slowest portals, or the
portals experiencing the most errors. Depending on you selection, the table orders
portals by:
- Number of Invocations (most accessed portals)
- Average Page Processing Time (slowest portals)
- Number of Errors (portals with most errors)
•
Duration - Display metric information collected since startup or in the last 15
minutes (Recent History).
The top five portals display in the chart.
21-39
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-14
Portal Metrics
Metric
Description
Name
Names of portals that match your filter criteria (if any).
If you do not specify filter criteria, all the portals are listed.
Status
Current status of each portal:
•
•
•
Invocations
Up (Green Up Arrow) - Indicates that the last portal
operation was successful. The portal is up and running.
Down (Red Down Arrow) - Indicates that the portal is not
currently available or the last portal operation was
unsuccessful due to an unexpected error or exception.
User errors, such as an authentication failure, do not
change the status to "Down".
Unavailable (Clock) - Status information is currently
unavailable.
Total number of portal invocations:
- Since Startup
- Last 15 Minutes
Errors
Number of errors recorded.
Successful Invocations (%)
Percentage of portal invocations that succeeded:
- Since Startup
- Last 15 Minutes
If Successful Invocations (%) is below 100%, check the
diagnostic logs to establish why portal requests are failing. See
Viewing and Configuring Log Information.
Page Throughput
The average number of pages processed per minute for each
portal:
- Since Startup
- Last 15 Minutes
Average Time (ms)
The average time (in ms) to display pages in the portal:
- Since Startup
- Last 15 Minutes
Maximum Time (ms)
Maximum time taken to display a page in the portal.
Minimum Time (ms)
Minimum time taken to display a page in the portal.
Portal Metrics - Graphs
Use the graphs below the table to see information about portals:
•
Invocations - Graph showing the most active/popular portals, that is, portals
recording the most invocations.
•
Page Throughput - Graph showing the average number of pages accessed per
minute for each portal. Use this graph to identify portals with high (or low) page hit
rates.
21-40
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
•
Average Processing Time - Graph showing the average page response time (in
milliseconds). Use this graph to identify portals with the best (or worst) page
performance.
•
Errors - Graph showing which portals are reporting the most errors. Use this
graph to compare error rates.
To compare a different set of portals:
•
Specify the appropriate filtering criteria.
•
Select one or more portals in the table, and then click Display in Chart.
21.1.11 Understanding Tool and Service Metrics
This section includes the following topics:
•
Metrics Common to all Tools and Services
•
Metrics Specific to a Particular Tool or Service
•
Troubleshooting Common Issues with Tools and Services
21.1.11.1 Metrics Common to all Tools and Services
Fusion Middleware Control provides capabilities to monitor performance of tools and
services used in WebCenter Portal in the following ways:
•
Services summary: Summary of performance metrics for each tool or service used
in WebCenter Portal. Table 21-15 lists tools and services that use common
performance metrics and Table 21-16 describes the common metrics.
•
Most popular operations and response time for individual operations. Table 21-17
describes these metrics.
•
Per operation metrics: Performance metrics for individual operations. Table 21-15
lists common performance metrics used to monitor performance of individual
operations. Table 21-17 describes these metrics.
Table 21-15
Common Metrics for Tools and Services
Tool or Service
Services Summary
(Since Startup and Last 15
Minutes)
Per Operation Metrics
(Since Startup and Last 15
Minutes)
Announcements
The performance metrics
include:
The performance metrics
include:
•
•
•
•
•
Status
Successful Invocations (%)
Invocations
Average Time (ms)
•
•
•
•
Most Popular
Operations
Response Time
Invocations
Average Time (ms)
Maximum Time (ms)
(Since Startup only)
21-41
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-15
(Cont.) Common Metrics for Tools and Services
Tool or Service
Services Summary
(Since Startup and Last 15
Minutes)
Per Operation Metrics
(Since Startup and Last 15
Minutes)
SOA Server
The performance metrics
include:
Not applicable
•
•
•
•
Discussion Forums
Status
Successful Invocations (%)
Invocations
Average Time (ms)
The performance metrics
include:
The performance metrics
include:
•
•
•
•
•
Status
Successful Invocations (%)
Invocations
Average Time (ms)
•
•
•
•
•
External Applications
The performance metrics
include:
The performance metrics
include:
•
•
•
•
•
Status
Successful Invocations (%)
Invocations
Average Time (ms)
•
•
•
•
•
Events
Most Popular
Operations
Response Time
Successful Invocations
(%)
Invocations
Average Time (ms)
Maximum Time (ms)
(Since Startup only)
Most Popular
Operations
Response Time
Successful Invocations
(%)
Invocations
Average Time (ms)
Maximum Time (ms)
(Since Startup only)
The performance metrics
include:
The performance metrics
include:
•
•
•
•
•
Status
Successful Invocations (%)
Invocations
Average Time (ms)
•
•
•
•
•
Most Popular
Operations
Response Time
Successful Invocations
(%)
Invocations
Average Time (ms)
Maximum Time (ms)
(Since Startup only)
21-42
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-15
(Cont.) Common Metrics for Tools and Services
Tool or Service
Services Summary
(Since Startup and Last 15
Minutes)
Per Operation Metrics
(Since Startup and Last 15
Minutes)
Import/Export
The performance metrics
include:
The performance metrics
include:
•
•
•
•
•
Status
Successful Invocations (%)
Invocations
Average Time (ms)
•
•
•
•
•
Instant Messaging and
Presence (IMP)
The performance metrics
include:
The performance metrics
include:
•
•
•
•
•
Status
Successful Invocations (%)
Invocations
Average Time (ms)
•
•
•
•
•
Lists
Most Popular
Operations
Response Time
Successful Invocations
(%)
Invocations
Average Time (ms)
Maximum Time (ms)
(Since Startup only)
The performance metrics
include:
The performance metrics
include:
•
•
•
•
•
Status
Successful Invocations (%)
Invocations
Average Time (ms)
•
•
•
•
•
Mail
Most Popular
Operations
Response Time
Successful Invocations
(%)
Invocations
Average Time (ms)
Maximum Time (ms)
(Since Startup only)
Most Popular
Operations
Response Time
Successful Invocations
(%)
Invocations
Average Time (ms)
Maximum Time (ms)
(Since Startup only)
The performance metrics
include:
The performance metrics
include:
•
•
•
•
•
Status
Successful Invocations (%)
Invocations
Average Time (ms)
•
•
•
•
•
Most Popular
Operations
Response Time
Successful Invocations
(%)
Invocations
Average Time (ms)
Maximum Time (ms)
(Since Startup only)
21-43
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-15
(Cont.) Common Metrics for Tools and Services
Tool or Service
Services Summary
(Since Startup and Last 15
Minutes)
Per Operation Metrics
(Since Startup and Last 15
Minutes)
Notes
The performance metrics
include:
The performance metrics
include:
•
•
•
•
•
Status
Successful Invocations (%)
Invocations
Average Time (ms)
•
•
•
•
•
Pages
The performance metrics
include:
The performance metrics
include:
•
•
•
•
•
Status
Successful Invocations (%)
Invocations
Average Time (ms)
•
•
•
•
•
People Connections
Most Popular
Operations
Response Time
Successful Invocations
(%)
Invocations
Average Time (ms)
Maximum Time (ms)
(Since Startup only)
The performance metrics
include:
The performance metrics
include:
•
•
•
•
Average Processing Time
(ms)
Invocations
Successful Invocations (%)
•
•
•
•
•
RSS
Most Popular
Operations
Response Time
Successful Invocations
(%)
Invocations
Average Time (ms)
Maximum Time (ms)
(Since Startup only)
The performance metrics
include:
•
•
•
•
Most Popular
Operations
Response Time
Successful Invocations
(%)
Invocations
Average Time (ms)
Maximum Time (ms)
(Since Startup only)
Not available
Status
Successful Invocations (%)
Invocations
Average Time (ms)
21-44
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-15
(Cont.) Common Metrics for Tools and Services
Tool or Service
Services Summary
(Since Startup and Last 15
Minutes)
Per Operation Metrics
(Since Startup and Last 15
Minutes)
Search
The performance metrics
include:
The performance metrics
include:
•
•
•
•
•
Status
Successful Invocations (%)
Invocations
Average Time (ms)
•
•
•
•
•
Most Popular
Operations
Response Time
Successful Invocations
(%)
Invocations
Average Time (ms)
Maximum Time (ms)
(Since Startup only)
Table 21-16 describes metrics used for monitoring performance of all operations.
Table 21-16
Description of Common Metrics - Summary (All Operations)
Metric
Description
Status
The current status of the tool or service:
•
Up (Green Up Arrow) - Indicates that a tool or service is up
and running and the last operation was successful.
•
Down (Red Down Arrow) - Indicates that a tool or service
is not currently available. The last operation was
unsuccessful due to an unexpected error or exception.
User errors, such as an authentication failure, do not
change the status to Down.
•
Unknown (Clock) - Indicates that a tool or service cannot
query the status of WebCenter Portal for some reason.
Maybe the managed server is down or the node cannot be
reached due to a network issue.
If a particular tool or service is "Down" or "Unknown", refer to
Troubleshooting Common Issues with Tools and Services for
guidance on possible causes and actions.
Successful Invocations (%)
Percentage of service invocations that succeeded. Successful
Invocations (%) equals the number of successful invocations
divided by the invocation count:
- Since Startup
- Last 15 Minutes
If Successful Invocations (%) is below 100%, check the
diagnostic logs to establish why service requests are failing.
See Viewing and Configuring Log Information.
21-45
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-16
(Cont.) Description of Common Metrics - Summary (All Operations)
Metric
Description
Invocations
Number of service invocations per minute:
- Since Startup
- Last 15 Minutes
This metric provides data on how frequently a particular tool or
service is being invoked for processing of operations.
Comparing this metric across services can help determine the
most frequently used tools and services in the application.
Average Time (ms)
The average time taken to process operations associated with a
tool or service. This metric can be used with the Invocations
metric to assess the total time spent in processing operations.
- Since Startup
- Last 15 Minutes
Use this metric to determine the overall performance of tools
and services. If this metric is out-of-bounds (the average time
for operations is increasing or higher than expected), click
individual names to view more detailed metric data.
Table 21-17 describes metrics used to monitor performance of each operation
performed by a tool, service or component.
Table 21-17
Description of Common Metrics - Per Operation
Metric
Description
Most Popular Operations
The number of invocations per operation (displayed on a chart).
The highest value on the chart indicates which operation is
used the most.
The lowest value indicates which operation is used the least.
Response Time
The average time to process operations associated with a
service since WebCenter Portal started up (displayed on a
chart).
The highest value on the chart indicates the worst performing
operation.
The lowest value indicates which operation is performing the
best.
Operation
The operation being monitored. See Metrics Specific to a
Particular Tool or Service.
Invocations
The number of invocations, per operation:
- Since Startup
- Last 15 Minutes
This metric provides data on how frequently a particular tool or
service is being invoked for processing of operations.
Comparing this metric across services can help determine the
most frequently used service in the application.
21-46
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-17
(Cont.) Description of Common Metrics - Per Operation
Metric
Description
Average Time (ms)
The average time taken to process each operation:
- Since Startup*
- Recent History
*This information is also displayed on the Response Time
chart.
Maximum Time (ms)
The maximum time taken to process each operation.
21.1.11.2 Metrics Specific to a Particular Tool or Service
This section describes per operation metrics for all tools, services and components.
This section includes the following topics:
•
Announcements Metrics
•
BPEL Worklist Metrics
•
Content Repository Metrics
•
Discussion Metrics
•
Events Metrics
•
External Application Metrics
•
Instant Messaging and Presence Metrics
•
Import and Export Metrics
•
List Metrics
•
Mail Metrics
•
Note Metrics
•
Page Operation Metrics
•
People Connection Metrics
•
RSS News Feed Metrics
•
Search Metrics
To access live performance metrics for WebCenter Portal, see Viewing Performance
Metrics Using Fusion Middleware Control.
21.1.11.2.1 Announcements Metrics
Performance metrics associated with announcements (Figure 21-14) are described in
Table 21-18 and Metrics Common to all Tools and Services.
21-47
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-14
Announcements Metrics
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
Table 21-18
Announcements - Operations Monitored
Operation
Description
Performance Issues - User Action
Login
Logs a WebCenter Portal user
(accessing announcements) into the
discussions server that is hosting
announcements.
For specific causes, see Announcements
- Issues and Actions.
Logs a WebCenter Portal user out
of the discussions server that is
hosting announcements.
For specific causes, see Announcements
- Issues and Actions.
Logout
For common causes, see Understanding
Some Common Performance Issues and
Actions.
For common causes, see Understanding
Some Common Performance Issues and
Actions.
21-48
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-18
(Cont.) Announcements - Operations Monitored
Operation
Description
Performance Issues - User Action
Search
Searches for terms within
announcement text.
If announcement searches are failing,
verify that announcement text contains
the search terms.
For other causes, see Announcements Issues and Actions.
For common causes, see Understanding
Some Common Performance Issues and
Actions.
Create
Creates an announcement.
For specific causes, see Announcements
- Issues and Actions.
For common causes, see Understanding
Some Common Performance Issues and
Actions.
List
Retrieves a list of announcements.
For specific causes, see Announcements
- Issues and Actions.
For common causes, see Understanding
Some Common Performance Issues and
Actions.
21.1.11.2.2 BPEL Worklist Metrics
Performance metrics associated with worklists are described in Metrics Common to all
Tools and Services.
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
21.1.11.2.3 Content Repository Metrics
Performance metrics associated with documents and Content Presenter (Figure 21-15
and Figure 21-16) are described in the following tables:
•
Table 21-19
•
Table 21-20
•
Table 21-21
•
Table 21-22
21-49
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-15
Content Repository Metrics
21-50
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-16
Content Repository Metrics - Per Operation
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
Table 21-19
Content Repository - Operations Monitored
Operation
Description
Performance Issues - User Action
Download
Downloads one or more documents from
a content repository.
For specific causes, see Content
Repository (Documents and
Content Presenter) - Issues and
Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
21-51
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-19
(Cont.) Content Repository - Operations Monitored
Operation
Description
Performance Issues - User Action
Upload
Uploads one or more documents to a
content repository.
For specific causes, see Content
Repository (Documents and
Content Presenter) - Issues and
Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Search
Searches for documents stored in a
content repository.
For specific causes, see Content
Repository (Documents and
Content Presenter) - Issues and
Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Login
Establishes a connection to the content
repository and authenticates the user.
For specific causes, see Content
Repository (Documents and
Content Presenter) - Issues and
Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Delete
Deletes one or more documents stored in
a content repository.
For specific causes, see Content
Repository (Documents and
Content Presenter) - Issues and
Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
List
Folders
Lists folders stored in a content
repository. This operation is specific to
Content Presenter.
For specific causes, see Content
Repository (Documents and
Content Presenter) - Issues and
Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Get Items
Displays items, such as a document or
image stored in a content repository. This
operation is specific to Content Presenter.
For specific causes, see Content
Repository (Documents and
Content Presenter) - Issues and
Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
21-52
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-20
Content Repository Metrics - Summary (All Repositories)
Metric
Description
Status
The current status of document tool:
•
•
Up (Green Up Arrow) - Indicates that documents tool is up
and running and the last operation was successful.
Down (Red Down Arrow) - Indicates that documents tool is
not currently available or service requests are failing. This
also indicates that the last operation was unsuccessful due
to an unexpected error or exception. User errors, such as
an authentication failure, do not change the status to
Down.
If you are having problems with documents, check the
diagnostic logs to establish why this tool is "Down". See
Viewing and Configuring Log Information.
Some typical causes of failure include:
- Content repository is down or not responding.
- Network connectivity issues exist between the application
and one or more content repositories.
•
Successful Invocations (%)
- Connection configuration information associated with one
or more content repositories is incorrect or no longer valid.
Unknown (Clock) - Unable to query the status of the tool
for some reason. Maybe the managed server is down or
the node cannot be reached due to a network issues. To
diagnose further, review the Admin Server log, and the
managed server logs.
The percentage of document invocations that succeeded
(Upload, Download, Search, Login, Delete):
- Since Startup
- Last 15 Minutes
If Successful Invocations (%) is below 100%, check the
diagnostic logs to establish why service requests are failing.
See Viewing and Configuring Log Information.
Invocations
The number of document invocations per minute (Upload,
Download, Search, Login, Delete):
- Since Startup
- Last 15 Minutes
This metric provides data on how frequently a particular tool or
service is being invoked for processing of operations.
Comparing this metric across services can help determine the
most frequently used tool or service in the application.
Average Time (ms)
The average time taken to process operations associated with
documents (Upload, Download, Search, Login, Delete):
- Since Startup
- Last 15 Minutes
Most Popular Operations
The number of invocations per operation (displayed on a chart).
The highest value on the chart indicates which operation is
used the most.
The lowest value indicates which operations is used the least.
21-53
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-20
(Cont.) Content Repository Metrics - Summary (All Repositories)
Metric
Description
Response Time
The average time to process operations associated with
documents since WebCenter Portal started up (displayed on a
chart).
The highest value on the chart indicates the worst performing
operation.
The lowest value indicates which operations is performing the
best.
Download Throughput
(bytes per second)
The rate at which documents are downloaded.
Upload Throughput (bytes
per second)
The rate at which documents are uploaded.
Table 21-21
Content Repository Metrics - Operation Summary Per Repository
Metric
Description
Status
The current status of the content repository:
•
•
Up (Green Up Arrow) - Indicates that the content repository
is up and running and the last operation was successful.
Down (Red Down Arrow) - Indicates that the content
repository is not currently available or service requests are
failing. It also indicates that the last operation was
unsuccessful due to an unexpected error or exception.
User errors, such as an authentication failure, do not
change the status to Down.
If you are having problems with a content repository, check
the diagnostic logs to establish why this service is "Down".
See Viewing and Configuring Log Information.
Some typical causes of failure include:
- Content repository is down or not responding.
- Network connectivity issues exist between the application
and one or more content repositories.
•
Successful Invocations (%)
- Connection configuration information associated with one
or more content repositories is incorrect or no longer valid.
Unknown (Clock) - Unable to query the status of the tool
or service for some reason. Maybe the managed server is
down or the node cannot be reached due to a network
issues. To diagnose further, review the Admin Server log,
and the managed server logs.
The percentage of document invocations that succeeded
(Upload, Download, Search, Login, Delete) for this content
repository:
- Since Startup
- Last 15 minutes
If Successful Invocations (%) is below 100%, check the
diagnostic logs to establish why service requests are failing.
See Viewing and Configuring Log Information.
21-54
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-21
Repository
(Cont.) Content Repository Metrics - Operation Summary Per
Metric
Description
Invocations
The number of document invocations per minute (Upload,
Download, Search, Login, Delete) for this content repository:
- Since Startup
- Last 15 minutes
This metric provides data on how frequently a particular tool or
service is being invoked for processing of operations.
Comparing this metric across tools and services can help
determine the most frequently used tools and services in the
application.
Average Time (ms)
The average time taken to process operations associated with
documents (Upload, Download, Search, Login, Delete) for this
content repository:
- Since Startup
- Last 15 minutes
Bytes Downloaded
The volume of data downloaded from this content repository.
Download Throughput
(bytes per second)
The rate at which documents are downloaded from this content
repository.
Bytes Uploaded
The volume of data uploaded to this content repository.
Upload Throughput (bytes
per second)
The rate at which documents are uploaded to this content
repository.
Maximum Time (ms)
The maximum time to process operations associated with
documents (Upload, Download, Search, Login, Delete) for this
content repository.
Table 21-22
Content Repository Metrics - Operation Detail Per Repository
Metric
Description
Invocations
The number of invocations per document operation (Upload,
Download, Search, Login, Delete):
- Since Startup
- Last 15 minutes
This metric provides data on how frequently a particular service
is being invoked for processing of operations. Comparing this
metric across services can help determine the most frequently
used services in the application.
Average Processing Time
(ms)
The average time taken to process each operation associated
with documents (Upload, Download, Search, Login, Delete):
- Since Startup
- Last 15 minutes
21-55
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
21.1.11.2.4 Discussion Metrics
Performance metrics associated with discussions (Figure 21-17) are described in
Table 21-23 and Metrics Common to all Tools and Services.
Figure 21-17
Discussion Metrics
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
21-56
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-23
Discussions - Operations Monitored
Operation
Description
Performance Issues - User Action
Login
Logs a WebCenter Portal user
(accessing discussions) into the
discussions server that is hosting
discussions forums.
For specific causes, see Discussions
- Issues and Actions.
Logs a WebCenter Portal user
out of the discussions server that
is hosting discussion forums.
For specific causes, see Discussions
- Issues and Actions.
Creates a discussion forum in the
discussions server, under a
specific category.
If you are having problems creating
forums, it may be due to:
Logout
Create Forum
For common causes, see
Understanding Some Common
Performance Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
•
Category under which
discussion forums must be
created has been deleted.
•
User does not have permissions
to create discussion forums.
For other specific causes, see
Discussions - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Create Topic
Creates a topic in the discussions
server, under a specific forum.
If you are having problems creating
topics, it may be due to:
•
Discussion forum under which
topics must be created has been
deleted.
•
User does not have permissions
to create topics.
For other specific causes, see
Discussions - Issues and Actions.
For information on common causes,
see Understanding Some Common
Performance Issues and Actions.
List Forums
Retrieves a list of forums, under a
specific category, from the
discussion server.
If you are having problems viewing
discussion forums, it may be due to:
•
User does not have permissions
to view forums in the category.
•
Category from which to fetch
forums has been deleted.
For other specific causes, see
Discussions - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
21-57
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-23
(Cont.) Discussions - Operations Monitored
Operation
Description
Performance Issues - User Action
List Topics
Retrieves a list of topics, under a
specific forum, from the
discussion server.
If you are having problems viewing
topics, it may be due to:
•
User does not have permissions
to view topics in the forum.
•
Forum from which to fetch topics
has been deleted.
For other specific causes, see
Discussions - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Search
Searches for terms within
discussion forum text, in the
discussions server.
If you are having problems searching
forums, it may be due to:
•
No topic/messages exist with
the specified search term.
•
Category or forum in which the
search term object resides has
been deleted.
For other specific causes, see
Discussions - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
21.1.11.2.5 Events Metrics
Performance metrics associated with events are described in Table 21-24 and Metrics
Common to all Tools and Services.
21-58
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-18
Events Metrics
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
Table 21-24
Events - Operations Monitored
Operation
Description
Performance Issues - User Action
Create Event
Creates a portal event or personal
calendar event in the WebCenter
Portal's repository.
For specific causes, see Events Issues and Actions.
Updates a portal event or
personal calendar event stored in
the WebCenter Portal's
repository.
For specific causes, see Events Issues and Actions.
Deletes a portal event or personal
calendar event from the
WebCenter Portal's repository.
For specific causes, see Events Issues and Actions.
Retrieves a list of events from the
WebCenter Portal's repository.
For specific causes, see Events Issues and Actions.
Update Event
Delete Event
List Event
For common causes, see
Understanding Some Common
Performance Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
21-59
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-24
(Cont.) Events - Operations Monitored
Operation
Description
Performance Issues - User Action
Search Event
Searches for terms within event
text.
For specific causes, see Events Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
21.1.11.2.6 External Application Metrics
Performance metrics associated with external applications are described in
Table 21-25 and Metrics Common to all Tools and Services.
Figure 21-19
External Application Metrics
21-60
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-20
External Application Metrics - Per Operation
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
Table 21-25
External Applications - Operations Monitored
Operation
Description
Performance Issues - User Action
Fetch Credentials
Retrieves credentials for an
external application.
For specific causes, see External
Applications - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Store Credentials
Stores user credentials for an
external application.
For specific causes, see External
Applications - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Fetch External
Application
Retrieves an external
application.
For specific causes, see External
Applications - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Automated Logins
Logs a WebCenter Portal
user in to an external
application (using the
automated login feature).
For specific causes, see External
Applications - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
21.1.11.2.7 Instant Messaging and Presence Metrics
Performance metrics associated with instant messaging and presence are described
in Table 21-26 and Metrics Common to all Tools and Services.
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
21-61
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-26
Instant Messaging and Presence - Operations Monitored
Operation
Description
Performance Issues - User Action
Get Presence
Retrieves user presence
information from the instant
messaging and presence server.
For specific causes, see Instant
Messaging and Presence - Issues
and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Login
Logout
Logs a WebCenter Portal user
(accessing the instant messaging
and presence) into the instant
messaging and presence server.
For specific causes, see Instant
Messaging and Presence - Issues
and Actions.
Logs a WebCenter Portal user
(accessing instant messaging and
presence) out of the instant
messaging and presence server.
For specific causes, see Instant
Messaging and Presence - Issues
and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
21.1.11.2.8 Import and Export Metrics
Performance metrics associated with import and export (Figure 21-21) are described
in Table 21-27 and Metrics Common to all Tools and Services. These metrics apply to
WebCenter Portal only.
Figure 21-21
Import/Export Metrics
21-62
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
Table 21-27
Import/Export - Operations Monitored
Operation
Description
Performance Issues - User Action
Export
Exports an entireWebCenter
Portal application.
For specific causes, see Import and
Export - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Import
Imports an entire WebCenter
Portal application.
For specific causes, see Import and
Export - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
21.1.11.2.9 List Metrics
(WebCenter Portal only) Performance metrics associated with lists (Figure 21-22) are
described in Table 21-28 and Metrics Common to all Tools and Services.
21-63
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-22
List Metrics
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
Table 21-28
Lists- Operations Monitored
Operation
Description
Performance Issues - User Action
Create List
Creates a list in the user
session.
For specific causes, see Lists - Issues
and Actions.
The Save Data operation
commits new lists to the MDS
repository.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Copies a list and its data in the
user session.
For specific causes, see Lists - Issues
and Actions.
The Save Data operation
commits copied lists and list
data to the MDS repository
and the WebCenter Portal's
repository (the database
where list data is stored).
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Copy List
21-64
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-28
(Cont.) Lists- Operations Monitored
Operation
Description
Performance Issues - User Action
Delete List
Deletes a list and its data in
the user session.
For specific causes, see Lists - Issues
and Actions.
The Save Data operation
commits list changes to the
MDS repository and the
WebCenter Portal's repository
(the database where list data
is stored).
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Creates row of list data in the
user session.
For specific causes, see Lists - Issues
and Actions.
The Save Data operation
commits list data changes to
the WebCenter Portal's
repository (the database
where list data is stored).
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Updates row of list data in the
user session.
For specific causes, see Lists - Issues
and Actions.
The Save Data operation
commits list data changes to
the WebCenter Portal's
repository (the database
where list data is stored).
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Deletes row of list data in the
user session.
For specific causes, see Lists - Issues
and Actions.
The Save Data operation
commits list data changes to
the WebCenter Portal's
repository (the database
where list data is stored).
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Retrieves a list by its ID from
the Metadata repository.
For specific causes, see Lists - Issues
and Actions.
Create Row
Update Row
Delete Row
Search
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Save Data
Saves all changes to lists and
list data (in the user session)
to the Metadata Services
repository and the WebCenter
Portal's repository (the
database where list
information is stored).
For specific causes, see Lists - Issues
and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
21.1.11.2.10 Mail Metrics
Performance metrics associated with mail (Figure 21-23) are described in Table 21-29
and Metrics Common to all Tools and Services.
21-65
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-23
Mail Metrics
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
Table 21-29
Mail - Operations Monitored
Operation
Description
Performance Issues - User Action
Login
Logs a WebCenter Portal user
into the mail server that is
hosting mail services.
For specific causes, see Mail - Issues
and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
21-66
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-29
(Cont.) Mail - Operations Monitored
Operation
Description
Performance Issues - User Action
Logout
Logs a WebCenter Portal user
out of the mail server that is
hosting mail services.
For specific causes, see Mail - Issues
and Actions.
Receives a mail.
For specific causes, see Mail - Issues
and Actions.
Receive
For common causes, see
Understanding Some Common
Performance Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Send
Sends a mail.
For specific causes, see Mail - Issues
and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Search
Searches for mail that contains
a specific term.
For specific causes, see Mail - Issues
and Actions.
For information on common causes,
see Understanding Some Common
Performance Issues and Actions.
21.1.11.2.11 Note Metrics
Performance metrics associated with notes (Figure 21-24) are described in
Table 21-30 and Metrics Common to all Tools and Services.
21-67
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-24
Notes Metrics
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
Table 21-30
Notes - Operations Monitored
Operation
Description
Performance Issues - User Action
Create
Creates a personal note.
For specific causes, see Notes - Issues
and Actions.
The Save Changes operation
commits new notes to the MDS
repository.
Update
Updates a personal note.
The Save Changes operation
commits note updates to the
MDS repository.
Find
Retrieves a note from the MDS
repository.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
For specific causes, see Notes - Issues
and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
For specific causes, see Notes - Issues
and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
21-68
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-30
(Cont.) Notes - Operations Monitored
Operation
Description
Performance Issues - User Action
Delete
Deletes a note from the MDS
repository.
For specific causes, see Notes - Issues
and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
21.1.11.2.12 Page Operation Metrics
Performance metrics associated with the page operations (Figure 21-25) are
described in Table 21-31 and Metrics Common to all Tools and Services.
Note:
The page operation metrics discussed in this section are different from the
page request metrics discussed in Understanding Page Request Metrics.
Page operation metrics monitor page related operations such as creating
pages. Whereas the page request metrics monitor individual page view/display
requests (do not include page edit operations).
21-69
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-25
Page Operation Metrics
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
Table 21-31
Page Service - Operations Monitored
Operation
Description
Performance Issues - User Action
Create
Creates a page in WebCenter
Portal.
For specific causes, see Page Services Issues and Actions.
For common causes, see Understanding
Some Common Performance Issues and
Actions.
Copy
Copies a page.
For specific causes, see Page Services Issues and Actions.
For common causes, see Understanding
Some Common Performance Issues and
Actions.
Delete
Deletes a page.
For specific causes, see Page Services Issues and Actions.
For common causes, see Understanding
Some Common Performance Issues and
Actions.
21-70
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-31
(Cont.) Page Service - Operations Monitored
Operation
Description
Performance Issues - User Action
Search
Searches for pages that contain
a specific term.
For specific causes, see Page Services Issues and Actions.
For common causes, see Understanding
Some Common Performance Issues and
Actions.
21.1.11.2.13 People Connection Metrics
Performance metrics associated with people connections are described in Table 21-32
and Metrics Common to all Tools and Services.
Figure 21-26
People Connection Metrics
21-71
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
Table 21-32
People Connections - Operations Monitored
Operation
Description
Performance Issues - User Action
Get Profiles
Retrieves profiles of a user.
For specific causes, see People
Connections - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Get Activities
Retrieves the activities based
on the user filter options.
For specific causes, see People
Connections - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Publish Activities
Get Messages
Publishes an activity in the
user session and saves it in
WebCenter Portal.
For specific causes, see People
Connections - Issues and Actions.
Retrieves the messages of the
user.
For specific causes, see People
Connections - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Get Feedback
Retrieves the feedback of the
user.
For specific causes, see People
Connections - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
Get Connections
Retrieves the connections of
users.
For specific causes, see People
Connections - Issues and Actions.
For common causes, see
Understanding Some Common
Performance Issues and Actions.
21.1.11.2.14 RSS News Feed Metrics
Performance metrics associated with RSS news feeds (Figure 21-27) are described in
Metrics Common to all Tools and Services.
21-72
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-27
RSS News Feed Metrics
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
21.1.11.2.15 Search Metrics
Performance metrics associated with search (Figure 21-28) are described in
Table 21-33 and Metrics Common to all Tools and Services.
21-73
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Figure 21-28
Search Metrics
To monitor these metrics through Fusion Middleware Control, see Viewing
Performance Metrics Using Fusion Middleware Control.
Table 21-33
Search - Search Sources
Operation
Description
Announcements
Announcement text is searched.
Documents
Contents in files and folders are searched.
Discussion Forums
Forums and topics are searched.
WebCenter Portal
Contents saved in a portal, such as links, lists, notes, tags, and
events are searched.
Portal Events
Portal events are searched.
Links
Objects to which links have been created are searched (for
example, announcements, discussion forum topics, documents,
and events).
21-74
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
Table 21-33
(Cont.) Search - Search Sources
Operation
Description
Lists
Information stored in lists is searched.
Notes
Notes text, such as reminders, is searched.
Oracle Secure Enterprise
Search
Contents from discussions, tag clouds, notes, and other tools
and services are searched.
Pages
Contents added to application, personal, public, wiki, and blog
pages are searched.
21.1.11.3 Troubleshooting Common Issues with Tools and Services
This section describes issues that you may have with individual tools and services and
suggests actions you can take to address those issue.
See Also:
Understanding Some Common Performance Issues and Actions
This section includes the following topics:
•
Announcements - Issues and Actions
•
Content Repository (Documents and Content Presenter) - Issues and Actions
•
Discussions - Issues and Actions
•
External Applications - Issues and Actions
•
Events - Issues and Actions
•
Instant Messaging and Presence - Issues and Actions
•
Import and Export - Issues and Actions
•
Lists - Issues and Actions
•
Mail - Issues and Actions
•
Notes - Issues and Actions
•
Page Services - Issues and Actions
•
Portlets and Producers - Issues and Actions
•
People Connections - Issues and Actions
•
RSS News Feeds - Issues and Actions
•
Search - Issues and Actions
21-75
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
21.1.11.3.1 Announcements - Issues and Actions
If you are experiencing problems with announcements and the status is Down, check
the diagnostic logs to establish why this service is unavailable. Some typical causes of
failure include:
•
Discussions server is down or not responding.
•
Network connectivity issues exist between the application and the Discussions
server.
•
Connection configuration information associated with announcements is incorrect
or no longer valid.
21.1.11.3.2 Content Repository (Documents and Content Presenter) - Issues and Actions
If you are experiencing problems with documents service and the status is Down,
check the diagnostic logs to establish why this service is unavailable. Also, do one of
the following:
•
For Content Server (Oracle WebCenter Content), verify that the back-end server is
up and running.
•
For Content Server, verify that the socket connection is open for the client for
which the service is not functioning properly. Check the list of IP addresses that
are allowed to communicate with the Content Server through the Intradoc Server
Port (IP Address Filter). For details, see Using Fusion Middleware Control to
Modify Internet Configuration in Oracle Fusion Middleware Administering Oracle
WebCenter Content.
•
(Functional check) Check logs on the back-end server. For Content Server, go to
Content Server > Administration > Log files > Content Server Logs.
•
(Functional check) Search for entries in the diagnostic log where the module name
starts with oracle.vcr, oracle.webcenter.content, oracle.webcenter.doclib, and
oracle.stellent. Specifically, the diagnostics log for the managed server on which
WebCenter Portal is deployed located at:
DOMAIN_HOME/servers/managed_server_name/logs/<managed_server>-diagnostic.logs
For example, the diagnostics log for WebCenter Portal is named WC_Portaldiagnostic.log. See Viewing and Configuring Log Information.
21.1.11.3.3 Discussions - Issues and Actions
If you are experiencing problems with discussions and the status is Down, check the
diagnostic logs to establish why this service is unavailable. Some typical causes of
failure include:
•
Discussions server is down or not responding.
•
Network connectivity issues exist between the application and the discussion
server.
•
Connection configuration information associated with discussions is incorrect or no
longer valid.
21-76
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
21.1.11.3.4 External Applications - Issues and Actions
If you are experiencing problems with the External Applications service and the status
is Down, check the diagnostic logs to establish why this service is unavailable. Some
typical causes of failure include:
•
Credential store is not configured for the application.
•
Credential store that is configured, for example Oracle Internet Directory, is down
or not responding.
21.1.11.3.5 Events - Issues and Actions
If you are experiencing problems with events (portal events or personal events) and
the status is Down, check the diagnostic logs to establish why this service is
unavailable. Some typical causes of failure include:
•
WebCenter Portal's repository is not available (the database where event
information is stored).
•
Network connectivity issues exist between the application and the WebCenter
Portal's repository.
•
Connection configuration information associated with events is incorrect or no
longer valid.
21.1.11.3.6 Instant Messaging and Presence - Issues and Actions
If you are experiencing problems with instant messaging and presence and the status
is Down, check the diagnostic logs to establish why this service is unavailable. Some
typical causes of failure include:
•
Instant messaging and presence server is not available.
•
Network connectivity issues exist between the application and the instant
messaging and presence server.
•
Connection configuration information associated with instant messaging and
presence server is incorrect or no longer valid.
21.1.11.3.7 Import and Export - Issues and Actions
If you are experiencing import and export problems and the status is Down, check the
diagnostic logs to establish why this service is unavailable.
21.1.11.3.8 Lists - Issues and Actions
If you are experiencing problems with lists and the status is Down, check the
diagnostic logs to establish why this service is unavailable. Some typical causes of
failure include:
•
MDS repository or WebCenter Portal's repository, in which the data associated
with lists is stored, is not available.
•
Network connectivity issues exist between the application and the repository.
21-77
Chapter 21
Understanding Oracle WebCenter Portal Performance Metrics
21.1.11.3.9 Mail - Issues and Actions
If you are experiencing problems with mail and the status is Down, check the
diagnostic logs to establish why this service is unavailable. Some typical causes of
failure include:
•
Mail server is not available.
•
Network connectivity issues exist between the application and the mail server.
•
Connection configuration information associated with mail server is incorrect or no
longer valid.
21.1.11.3.10 Notes - Issues and Actions
If you are experiencing problems with notes, check if the MDS repository is
unavailable or responding slowly (the repository where note information is stored).
21.1.11.3.11 Page Services - Issues and Actions
If you are experiencing problems with the page editing services and the status is
Down, check the diagnostic logs to establish why this service is unavailable. Some
typical causes of failure include:
•
WebCenter Portal's repository is not available (the database where page
information is stored).
•
Network connectivity issues exist between the application and the WebCenter
Portal's repository.
21.1.11.3.12 Portlets and Producers - Issues and Actions
If you are experiencing problems with a portlet producer and the status is Down,
check the diagnostic logs to establish why this service is unavailable. Some typical
causes of failure include:
•
Portlet producer server is down or not responding.
•
Connection configuration information associated with the portlet producer is
incorrect or no longer valid.
•
Producer requests are timing out.
•
There may be a problem with a particular producer, or the performance issue is
due to a specific portlet(s) from that producer.
21.1.11.3.13 People Connections - Issues and Actions
If you are experiencing problems with people connections and the status is Down,
check the diagnostic logs to establish why this service is unavailable. Some typical
causes of failure include:
•
The service is down or not responding.
•
WebCenter Portal's repository is not available (the database where people
connection information is stored).
•
Network connectivity issues exist between the application and the WebCenter
Portal's repository.
21-78
Chapter 21
Viewing Performance Metrics Using Fusion Middleware Control
21.1.11.3.14 RSS News Feeds - Issues and Actions
If you are experiencing problems with RSS news feeds and the status is Down, check
the diagnostic logs to establish why this service is unavailable. Some typical causes of
failure include:
•
RSS services are not available.
•
A service being searched for activity data has failed, for example:
–
Unable to get discussions or announcement data - check the performance of
discussions and announcements.
–
Unable to get list data - check the performance of lists.
21.1.11.3.15 Search - Issues and Actions
If you are facing problems with search (a service executor) and the status is Down,
check the diagnostic logs to establish why this executor is unavailable. Some typical
causes of failure include:
•
The repository of the executor is not available.
•
Network connectivity issues exist between the application and the repository of the
executor.
•
Connection configuration information associated with the executor is incorrect or
no longer valid.
•
Content repositories being searched is currently unavailable.
21.2 Viewing Performance Metrics Using Fusion Middleware
Control
Fusion Middleware Control monitors a wide range of performance metrics for
WebCenter Portal.
Administrators can monitor the performance and availability of all the components and
services that make up WebCenter Portal, and the application as a whole. These
detailed metrics will help diagnose performance issues and, if monitored regularly, you
will learn to recognize trends as they develop and prevent performance problems in
the future.
Some key performance metrics display on the WebCenter Portal home page
(Figure 21-29).
21-79
Chapter 21
Viewing Performance Metrics Using Fusion Middleware Control
Figure 21-29
WebCenter Portal Home Page
The charts at the top of the page enable you to see at a glance whether the
WebCenter Portal application is performing as expected or running slowly. You can
drill down to more detailed metrics to troubleshoot problem areas and take corrective
action. For guidance on what to look out for, see Using Key Performance Metric Data
to Analyze and Diagnose System Health .
This section describes how to navigate around WebCenter Portal metric pages and
includes the following topics:
•
Monitoring Recent Performance Metrics for WebCenter Portal
•
Monitoring Portal Metrics
•
Monitoring Page Metrics for WebCenter Portal
•
Monitoring Service Metrics for WebCenter Portal
•
Monitoring All Metrics Through the Metrics Palette
21.2.1 Monitoring Recent Performance Metrics for WebCenter Portal
To see how well WebCenter Portal or a particular portal is currently performing:
1. In Fusion Middleware Control Console, navigate to the home page for WebCenter
Portal.
See Navigating to the Home Page for WebCenter Portal.
21-80
Chapter 21
Viewing Performance Metrics Using Fusion Middleware Control
2. Check the home page to see whether or not WebCenter Portal is operating as
expected.
For guidance on what to look out for, see Using Key Performance Metric Data to
Analyze and Diagnose System Health .
3. Drill down to more detailed metrics by clicking links on the home page, such as
Page Performance, Portlet Availability, Health, and so on.
Alternatively, access detailed recent metrics through the following menu options:
•
WebCenter Portal > Monitoring >Recent Page Metrics
•
WebCenter Portal > Monitoring >Recent Portlet Metrics
•
WebCenter Portal > Monitoring >Recent WebLogic Server Metrics
For more information about the metrics on the these pages, see Understanding
Page Request Metrics, Understanding Portlet Producer Metrics, and Understanding
WebLogic Server Metrics.
21.2.2 Monitoring Portal Metrics
To access performance metrics for portals created in WebCenter Portal:
1. In Fusion Middleware Control Console, navigate to the home page for WebCenter
Portal:
See Navigating to the Home Page for WebCenter Portal.
2. From the WebCenter Portal menu, select Monitoring > Overall Portal Metrics.
To learn more about the metrics displayed, see Understanding Portal Metrics. See
Understanding Some Common Performance Issues and Actions.
3. Drill down to detailed page metrics for a particular portal or compare a specific set
of portals:
•
To see detailed performance information for a specific portal (previously
referred to as spaces):
In the Portal Name Filter field, enter the name of a portal, then press [Enter].
For information about portal filtering options, see Understanding Portal Metrics.
OR
In the Name column, click the portal name (link) for which you want to display
performance metrics.
In both cases, page metrics for the selected portal display.
•
To compare the performance of one or more portals, select one or more rows
in the table, and select Display in Chart.
21.2.3 Monitoring Page Metrics for WebCenter Portal
To access page metrics:
1. In Fusion Middleware Control Console, navigate to the home page for WebCenter
Portal.
See Navigating to the Home Page for WebCenter Portal.
21-81
Chapter 21
Viewing Performance Metrics Using Fusion Middleware Control
2. Review page availability/performance charts on the home page to see whether
page requests are currently responding as expected.
To drill down to more detailed information, click Page Availability, Page
Performance, or select Monitoring > Recent Page Metrics. For more information
about the metrics displayed, see Recent Page Metrics.
3. To monitor page performance since start up, select Monitoring > Overall Page
Metrics.
You can view metrics for a particular page, all pages, or a specific set of pages. For
more information about the metrics displayed and page filtering options, see
Overall Page Metrics.
4. To monitor the performance of page editing operations, select Monitoring >
Overall Service Metrics and then click Pages in the table.
For information about the metrics displayed, see Page Operation Metrics.
21.2.4 Monitoring Service Metrics for WebCenter Portal
To access service metrics for the WebCenter Portal application:
1. In Fusion Middleware Control Console, navigate to the home page for WebCenter
Portal.
See Navigating to the Home Page for WebCenter Portal.
2. From the WebCenter Portal menu, select Monitoring > Overall Service Metrics.
Use Services Summary at the top of the WebCenter Portal Service Metrics
page to quickly see which services are up and running, and to review individual and
relative performances of those services used by WebCenter Portal.
Metrics become available when a tool, service, application, or portlet is accessed
for the first time. If a service is not configured or has never been used it will not
appear in the Summary table.
3. Click the name of a service to drill down to more detailed metrics.
To learn more about individual metrics, see Metrics Specific to a Particular Tool or
Service. See also, Troubleshooting Common Issues with Tools and Services.
21.2.5 Monitoring All Metrics Through the Metrics Palette
To access and chart any performance metric collected for WebCenter Portal:
1. In Fusion Middleware Control Console, navigate to the home page for WebCenter
Portal.
See Navigating to the Home Page for WebCenter Portal.
2. From the WebCenter Portal menu, select Monitoring > Performance Summary.
Use the Show Metric Palette button at the top of the Performance Summary
page to display the Metric Palette. This palette enables you to select and monitor
individual metrics.
3. In the Metric Palette, expand the folders under WebCenter Portal and then select
the metric check boxes to monitor the metric in graphical or tabular format.
21-82
Chapter 21
Customizing Key Performance Metric Thresholds and Collection
Figure 21-30 shows the Performance Summary page and Metric Palette. In
addition to WebCenter Portal performance metrics, the Metric Palette also
displays general performance metrics associated with any J2EE application, for
example, ADF Application Module Pool metrics.
To display online help for any metric, right-click the required directory or any metric
in the directory and select Help.
Figure 21-30
WebCenter Portal - Performance Summary and Metric Palette
21.3 Customizing Key Performance Metric Thresholds and
Collection
This section includes the following topics:
•
Understanding Customization Options for Key Performance Metrics
•
Understanding Default Metric Collection and Threshold Settings
•
Configuring Thresholds for Key Metrics
•
Configuring the Frequency of WebLogic Server Health Checks
•
Configuring the Number of Samples Used to Calculate Key Performance Metrics
•
Editing Thresholds and Collection Options for WebCenter Portal
21.3.1 Understanding Customization Options for Key Performance
Metrics
You can fine-tune how Oracle WebCenter Portal collects and reports key performance
metrics to best suit your installation in several ways:
•
Customize warning thresholds for key performance metrics
For example, you can specify that in your installation, page response times greater
then 15 seconds must trigger a warning message and report an "out-of-bounds"
21-83
Chapter 21
Customizing Key Performance Metric Thresholds and Collection
condition in DMS. Out-of-bound conditions also display "red" in performance
charts to notify you that there is an issue.
For more information, see: Configuring Thresholds for Key Metrics.
•
Customize how many samples to collect for key performance metrics
If the default sample size (100) is too large or too small for your installation you
can configure a more suitable value.
For more informations, see Configuring the Number of Samples Used to Calculate
Key Performance Metrics.
•
Customize health check frequency
If your installation demands a more aggressive schedule you can check the
system health more often. The default health check frequency is 5 minutes.
For details, see Configuring the Frequency of WebLogic Server Health Checks.
See also, Editing Thresholds and Collection Options for WebCenter Portal.
21.3.2 Understanding Default Metric Collection and Threshold Settings
You can configure metric collection options and metric threshold settings for
WebCenter Portal through the metric_properties.xml file. The default settings are
shown in Example 21-1 and highlighted bold.
Note:
All time thresholds are specified in milliseconds. Memory sizes are specified in
bytes and CPU usage is specified as a percentage.
Example 21-1
Default Metric Collection and Threshold Settings (metric_properties.xml)
<registry>
<global_setting>
<thread_config>
<thread component_type="oracle_webcenter" interval="5"/>
</thread_config>
<health_check_config>
<health_check name="wlsHealthCheck" enabled="true" collect="1"/>
</health_check_config>
<metric_config>
<metric name="pageResponseTime" type="time" threshold="10000" comparator="gt"/>
<metric name="portletResponseTime" type="time" threshold="10000" comparator="gt"/>
<metric name="wlsCpuUsage" type="number" threshold="80" comparator="gt"/>
<metric name="wlsGcTime" type="number" threshold="undef" comparator="gt"/>
<metric name="wlsGcInvPerMin" type="number" threshold="undef" comparator="gt"/>
<metric name="wlsActiveSessions" type="number" threshold="undef" comparator="gt"/>
<metric name="wlsExecuteIdleThreadCount" type="number" threshold="undef" comparator="gt"/>
<metric name="wlsActiveExecuteThreads" type="number" threshold="undef" comparator="gt"/>
<metric name="wlsHoggingThreadCount" type="number" threshold="0" comparator="gt"/>
<metric name="wlsOpenJdbcConn" type="number" threshold="undef" comparator="gt"/>
<metric name="wlsHeapSizeCurrent" type="number" threshold="undef" comparator="gt"/>
/metric_config>
<custom_param_config>
<custom_param name="downloadTimeThreshold" value="500"/>
<custom_param name="downloadThroughputThreshold" value="1024"/>
21-84
Chapter 21
Customizing Key Performance Metric Thresholds and Collection
<custom_param name="uploadTimeThreshold" value="3000"/>
<custom_param name="uploadThroughputThreshold" value="180"/>
</custom_param_config>
/global_setting>
</registry>
For descriptions of all the settings in this file, refer to the following tables:
•
Table 21-35
•
Table 21-36
For information on how to modify the default settings, see Customizing Key
Performance Metric Thresholds and Collection.
21.3.3 Configuring Thresholds for Key Metrics
You can customize the default warning thresholds for some key performance metrics
to make them more suitable for your Oracle WebCenter Portal installation. Table 21-34
lists key performance metrics you can configure and their default thresholds (if any).
Out-of-the-box, thresholds are only pre-configured for page response (more than 10
seconds), portlet response (more than 10 seconds), and CPU usage (over 80%).
Note:
The value undef means that a threshold is not defined.
You can change for threshold for any of the metrics listed in Table 21-34. For example,
by default, pages that take longer than 10 seconds to display trigger a warning
message, report an "out-of-bounds" condition in DMS, and show "red" in performance
charts to immediately notify you when page responses are too slow. Some portal
applications might consider 5 seconds to be an acceptable response time, in which
case you can change the threshold to 5, 000 (ms) so that your performance charts
only show "red" if there really is a problem for you.
Table 21-34
Configurable Metric Thresholds
Metric Name
Description
Default
Thresh
old
Value
Comparat
or
pageResponseTime
Number of milliseconds to render a page.
10,000
ms
gt
portletResponseTime
Number of milliseconds to render a
portlet.
10,000
ms
gt
wlsCpuUsage
Percentage CPU usage of the WebLogic
Server's JVM.
80%
gt
21-85
Chapter 21
Customizing Key Performance Metric Thresholds and Collection
Table 21-34
(Cont.) Configurable Metric Thresholds
Metric Name
Description
Default
Thresh
old
Value
Comparat
or
wlsGcTime
Average length of time (ms) the JVM
spent in each run of garbage collection.
The average shown is for the last five
minutes.
undef
gt
wlsGcInvPerMin
Rate (per minute) at which the JVM is
invoking its garbage-collection routine.
The rate shown is for the last five
minutes.
undef
gt
wlsActiveSessions
Number of active sessions on WebLogic
Server.
undef
gt
wlsExecuteIdleThreadCou
nt
Number of execute idle threads on
WebLogic Server
undef
gt
wlsActiveExecuteThreads
Number of active execute threads on
WebLogic Server.
undef
gt
wlsHoggingThreadCount
Number of hogging threads on WebLogic
Server.
undef
gt
wlsOpenJdbcConn
Number of open JDBC connections on
WebLogic Server.
undef
gt
wlsHeapSizeCurrent
JVM's current heap size on WebLogic
Server.
undef
gt
Metric thresholds are configured in metrics_properties.xml using the format:
<metric_config>
<metric name="<metric_name>" type="<number/time/string>" threshold="<value>"
comparator="gt/lt/eq>"/>
...
</metric_config>
Table 21-34 describes each parameter.
Table 21-35
Key Performance Metric Threshold Configuration
<Metric>
Parameter
Configurable Description
name
No
Name of the metric.
The metric name must exactly match the DMS sensor name
as listed in Table 21-34.
type
Yes
Specifies whether the metric is a number, time, or string.
21-86
Chapter 21
Customizing Key Performance Metric Thresholds and Collection
Table 21-35
(Cont.) Key Performance Metric Threshold Configuration
<Metric>
Parameter
Configurable Description
threshold
Yes
(Only applies when type is set to number or time).
Specifies a numeric threshold value. If specified, you must
also specify a comparator.
For example, if portlet response times greater than 5 seconds
are considered out-of-bounds:
metric name="portletResponseTime" type="time"
threshold="5000" comparator="gt"
Note: Time must be specified in milliseconds.
Yes
comparator
Specify one of gt, lt, or eq. Where:
gt - greater than
lt - less than
eq - equal to
To edit one or more metric thresholds, follow the steps in Editing Thresholds and
Collection Options for WebCenter Portal.
21.3.4 Configuring the Frequency of WebLogic Server Health Checks
Out-of-the-box, the general health of the WebLogic Server on which WebCenter Portal
is deployed is checked every 5 minutes and the results are reported on the
Understanding WebLogic Server Metrics page.
If your installation demands a more aggressive schedule you can check the system
health more often.
Health check frequency is configured in metrics_properties.xml using the format:
<thread_config>
<thread component_type="oracle_webcenter" interval="<value>"/>
</thread_config>
Table 21-36 describes each parameter.
Table 21-36
Health Check Frequency Configuration
<thread>
Parameter
Default Value
Configurable Description
component_type
oracle_webcenter
No
For Oracle WebCenter Portal, the
component_type is always
oracle_webcenter.
21-87
Chapter 21
Customizing Key Performance Metric Thresholds and Collection
Table 21-36
(Cont.) Health Check Frequency Configuration
<thread>
Parameter
Default Value
Configurable Description
interval
5 minutes
Yes
Specifies the interval between
health checks, in minutes.
For example:
<thread
component_type="oracle_webcen
ter" interval="10"/>
To change the frequency, follow the steps in Editing Thresholds and Collection
Options for WebCenter Portal.
21.3.5 Configuring the Number of Samples Used to Calculate Key
Performance Metrics
Oracle WebCenter Portal collects and reports recent performance for several key
performance metrics (page, portlet, and WebLogic Server) based on a fixed number of
data samples. Out-of-the-box, the last 100 samples of each metric type are used to
calculate these key performance metrics, that is, 100 samples for page metrics, 100
samples for portlet metrics, and so on.
You can increase or decrease the sample set to suit your installation. If you decide to
increase the number of samples you must consider the additional memory cost of
doing so, since all the key performance metrics samples are maintained in memory.
Oracle recommends that you specify a few hundred at most. See Understanding
Oracle WebCenter Portal Metric Collection.
Note:
Since all "out-of-bounds" metrics are recorded in the managed server's
diagnostic log, you can always scan the logs at a later date or time to see what
happened in the past, that is, beyond the 'N' metric samples that are
temporarily held in memory.
The server startup property WC_HEALTH_MAX_COLLECTIONS determines the number of
metric samples collected by Oracle WebCenter Portal. If the property is not specified,
100 samples are collected.
To customize the number of samples collected for key performance metrics:
1. Log in to WebLogic Server Administration Console.
2. Navigate to the managed server on which WebCenter Portal is deployed. Select
Environment then, Servers, and then select the WebCenter Portal instance
(WC_Portal).
3. Click the Server Start tab.
21-88
Chapter 21
Customizing Key Performance Metric Thresholds and Collection
4. In the Arguments text area, enter the server startup argument
WC_HEALTH_MAX_COLLECTIONS and specify the number of samples you want to collect.
For example:
-DWC_HEALTH_MAX_COLLECTIONS=200
Separate multiple arguments with a space. For example:
-DWC_HEALTH_MAX_COLLECTIONS=200
-DWEBCENTER_METRIC_PROPERTIES=/scratch/mythresholds/metric_properties.xml
5. Restart the managed server.
21.3.6 Editing Thresholds and Collection Options for WebCenter
Portal
To change metric thresholds and collection criteria for WebCenter Portal:
1.
Copy the XML snippet in Example 21-1 and save it to a text file named
metric_properties.xml.
2.
Edit metric collection parameters and/or metric thresholds in
metric_properties.xml, as required.
Note:
You must consider your machine resources, as well as the system topology
and configuration when choosing suitable thresholds for your Oracle
WebCenter Portal installation. As each installation is different, most metrics do
not have default or recommended threshold settings.
A description of all the settings and their defaults (if any) are described in the
following tables:
3.
4.
•
Table 21-35
•
Table 21-36
Copy the updated metric_properties.xml file to:
•
Your DOMAIN_HOME.
•
Another suitable directory.
Configure the server startup argument WEBCENTER_METRIC_PROPERTIES to point to the
full path of the properties file:
a.
Log in to WebLogic Server Administration Console.
b.
Navigate to the managed server on which your application is deployed.
For WebCenter Portal, navigate to Environment, then Servers, and then
WC_Portal.
c.
Click the Server Start tab.
d.
In the Arguments text area, enter the WEBCENTER_METRIC_PROPERTIES argument
and specify the full path of the properties file.
21-89
Chapter 21
Diagnosing and Resolving Performance Issues with Oracle WebCenter Portal
For example:
-DWEBCENTER_METRIC_PROPERTIES=/scratch/mythresholds/metric_properties.xml
Note:
If you only specify the file name, Oracle WebCenter Portal looks for this file in
your DOMAIN_HOME.
Separate multiple arguments with a space. For example:
-DWC_HEALTH_MAX_COLLECTIONS=200 -DWEBCENTER_METRIC_PROPERTIES=/scratch/
mythresholds/metric_properties.xml
e.
Restart the managed server.
21.4 Diagnosing and Resolving Performance Issues with
Oracle WebCenter Portal
The performance metrics described in this chapter enable you to quickly assess the
current status and performance of WebCenter Portal from Fusion Middleware Control.
When performance is slow, further investigations may be required for you to fully
diagnose and fix the issue. For guidance, see Using Key Performance Metric Data to
Analyze and Diagnose System Health .
Some common performance issues and actions are described in this chapter:
•
Understanding Some Common Performance Issues and Actions
•
Troubleshooting Common Issues with Tools and Services
For more detailed troubleshooting tips relating to performance, see Troubleshooting
WebCenter Portal.
21.5 Tuning Oracle WebCenter Portal Performance
See Oracle WebCenter Portal Performance Tuning in Tuning Performance for
information on tuning WebCenter Portal. For example, how to tune the system limit
(open-files-limit), JDBC data sources, JVM arguments, session timeouts, page
timeouts, connection timeouts, concurrency timeouts, caching, and more.
21.6 Monitoring Performance Using WebCenter Portal
Performance Pack
WebCenter Portal Performance Pack is a performance diagnostics tool that can be
integrated seamlessly into the development phase to get the most out of your
deployment. It is available as an add-on as part of Oracle WebCenter Portal. Using
WebCenter Portal Performance Pack you can quickly identify and address critical
performance bottlenecks in your application. For information, see About WebCenter
Portal Performance Pack in Using Oracle WebCenter Portal Performance Pack.
21-90
Chapter 21
Improving Data Caching Performance
21.7 Improving Data Caching Performance
To enhance performance and scalability, WebCenter Portal uses Coherence by
default for its data caching solution. However, the Oracle Coherence license included
in WebCenter Portal is restricted, which means that by default a Local caching scheme
without any distributed data caching is supported. In a High-Availability (HA)
environment deployment, the cached entries are not shared across JVMs/machines.
You can however, use the distributed mode for better performance in a clustered
environment if you have Coherence or WebLogic Suite licensing. This section guides
you on how to set up distributed cache and override WebCenter Portal's default
caching configuration to improve performance, provided you have the appropriate
license.
This section contains the following topics:
•
Summary of Coherence Cache Types
•
Default Coherence Caches in WebCenter Portal
•
Overriding the Default Configuration
Note:
For more information about configuring coherence, see Configuring and
Managing Coherence Clusters in Administering Clusters for Oracle WebLogic
Server.
21.7.1 Summary of Coherence Cache Types
The basic types of cache modes provided by Coherence are outlined in Table 21-37.
Table 21-37
Basic Cache Types
Cache Name
Description
Distributed
Data is partitioned among all the machines of the cluster. For faulttolerance, partitioned caches can be configured to keep each piece of
data on one or more unique machines within a cluster. Distributed caches
are the most commonly used caches in Coherence.
Replicated
Data is fully replicated to every member in the cluster. This cache offers
the fastest "read" performance with linear performance scalability for
"reads," but poor scalability for "writes" (because "writes" must be
processed by every member in the cluster). Because data is replicated to
all machines, adding servers does not increase aggregate cache
capacity.
21-91
Chapter 21
Improving Data Caching Performance
Table 21-37
(Cont.) Basic Cache Types
Cache Name
Description
Optimistic
Similar to the replicated cache, but without any concurrency control. This
implementation offers higher write throughput than a replicated cache. It
also allows using an alternative underlying store for the cached data (for
example, a MRU/MFU-based cache). However, if two cluster members
are independently pruning or purging the underlying local stores, it is
possible that a cluster member may have different store content than that
held by another cluster member.
Near
A near cache is a hybrid cache; typically fronts a distributed cache or a
remote cache with a local cache. Near cache backed by a partitioned
cache offers zero-millisecond local access for repeat data access, while
enabling concurrency and ensuring coherency and fail-over, effectively
combining the best attributes of replicated and partitioned caches.
Local
A local cache is a cache that is local to (completely contained within) a
particular cluster node. While it is not a clustered service, the Coherence
local cache implementation is often used in combination with various
clustered cache services.
For more information about the types of caches provided by Coherence, see
Introduction to Coherence Caches in Developing Applications with Oracle Coherence
guide.
21.7.2 Default Coherence Caches in WebCenter Portal
The default user-configurable Coherence cache entries for WebCenter Portal are
shown in Table 21-38.
Table 21-38
Default Coherence Caches in WebCenter Portal
Cache Name
Purpose
Default Coherence
Configuration
oracle.webcenter.spaces.model.ApplicationS
paceObjects
Cache for Application
Space
WebCenter_12HourCache
oracle.webcenter.spaces.model.SpacePropert
ies
Cache for Space Properties
WebCenter_12HourCache
oracle.webcenter.genericsiteresources
Cache for Generic Site
Resources
WebCenter_12HourCache
oracle.webcenter.profile
Cache for People Profile
WebCenter_12HourCache
oracle.webcenter.doclib.provisioned
Doc lib caches (Provisioned
and configured)
WebCenter_12HourCache
oracle.webcenter.page
Cache for Page definitions
WebCenter_12HourCache
The properties of the default Coherence configuration shown in Table 21-38 are
described as follows:
21-92
Chapter 21
Improving Data Caching Performance
Default Configuration
Eviction Policy
High Units
Expiration Delay
WebCenter_12HourCache
Hybrid
1000
12 hours
WebCenter_60MinuteCache
Hybrid
1000
1 hour
Where:
•
High Units is the maximum number of units that can be placed in the cache before
pruning occurs
•
Hybrid Eviction Policy chooses which entries to evict based on the combination
(weighted score) of how often and how recently they were accessed. Those
entries that are accessed least frequently and those that were not accessed for the
longest period are evicted first.
•
Expiration Delay specifies the amount of time from the last update that entries will
be kept by the cache before being marked as expired. Any attempt to read an
expired entry will result in a reloading of the entry from the configured cache store.
Expired values are periodically discarded from the cache.
Coherence can be deployed with a standalone application, as an application server
library or part of a Java EE module within an EAR or WAR file or also within the WebLogic
Server context.
21.7.3 Overriding the Default Configuration
By default, WebCenter Portal uses the local data caching mode. To use the distributed
mode for better performance in a clustered environment, you can override the default
configuration.
To override the default configuration:
1. Configure WebLogic Clusters (as needed by High Availability configuration) and
Coherence clusters.
For more information, see Configuring and Managing Coherence Clusters in
Administering Clusters for Oracle WebLogic Server.
2. Define a cache configuration file to override the default configuration.
For more information, see Configuring Caches and Cache Configuration by
Example in Developing Applications with Oracle Coherence.
Note:
To override a cache configuration file at runtime, the cache configuration file
must be bound to a JNDI name. The JNDI name that is defined for using the
override-property in WebCenter Portal in the GAR file is ExamplesGar. Be sure to
use the same name when you override.
By default, local caching is used. Make sure to use the exact names of the
available caches provided in Table 21-38 in your cache configuration file.
21-93
Chapter 21
Improving Data Caching Performance
For example, the people profile cache is uniquely identified by the name
oracle.webcenter.profile and maps to the local scheme WebCenter_60MinuteCache
by default. If you have a large number of users working on the portal, you might
want to cache the users' profiles as recreating this object is expensive. By
increasing the size for this cache, you can retain the user profile objects in the
cache and achieve better performance in the Activity Stream.
To override this cache to use a distributed scheme, make sure to specify the cache
name correctly.
<cache-mapping>
<cache-name>oracle.webcenter.profile</cache-name>
<scheme-name>my_distributed_scheme</scheme-name>
</cache-mapping>
where, my_distributed_scheme refers to your newly defined distributed caching
scheme.
3. After the configuration file is defined, override the default cache configuration file
using WLST on the cluster.
For more information, see Overriding a Cache Configuration File in Administering
Clusters for Oracle WebLogic Server.
You can also override the default cache configuration from the WebLogic Server
Administration Console. For more information, see Create cluster cache
configurations in WebLogic Server Administration Console Online Help.
Any configuration changes persist on the Admin server by default, and will remain
even after an upgrade of WebCenter Portal.
21-94
22
Managing WebCenter Portal Logs
Configure diagnostic logging and error messages in WebCenter Portal.
Note:
Beginning with 12c (12.2.1.3.0), Oracle WebCenter Portal has deprecated
support for Jive features (announcements and discussions). If you are
upgrading from a prior release, these features remain available in your existing
installations that are being upgraded.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin, Operator, or Monitor role through the Oracle WebLogic Server
Administration Console.
See also Understanding Administrative Operations, Roles, and Tools.
Topics:
•
Introduction to Diagnostic Logging
•
Viewing and Configuring Log Information
22.1 Introduction to Diagnostic Logging
All diagnostic information relating to startup and shutdown information, errors, warning
messages, access information on HTTP requests, and other additional information is
stored in log files.
For general information about managing and analyzing logs using Fusion Middleware
Control and WLST, see Managing Log Files and Diagnostic Dat in Administering
Oracle Fusion Middleware.
See also, Understanding the Diagnostic Frameworka in Administering Oracle Fusion
Middleware.
This section includes the following topics:
•
WebCenter Portal Diagnostics Log
•
Oracle WebCenter Portal Message IDs
•
Out-Of-Bound Conditions for Oracle WebCenter Portal Performance Metrics
22-1
Chapter 22
Introduction to Diagnostic Logging
22.1.1 WebCenter Portal Diagnostics Log
The diagnostics log file for WebCenter Portal is WC_Portal-diagnostic.log.
This log is available under the DOMAIN_HOME/servers/WC_Portal/logs directory.
22.1.2 Oracle WebCenter Portal Message IDs
Oracle WebCenter Portal log messages fall into these categories:
Table 22-1
Oracle WebCenter Portal Message Categories
Message ID Range
Message Category
BI Integration
WCS-01001 ~ WCS-02000
Blogs
WCS-02001 ~ WCS-03000
Calendar Tasks
WCS-03001 ~ WCS-04000
Collaboration Integration
WCS-04001 ~ WCS-05000
Portal Builder
WCS-05001 ~ WCS-06000
VCR
WCS-06001 ~ WCS-07000
Document Library
WCS-07001 ~ WCS-08000
Discussions
WCS-08001 ~ WCS-09000
Mail
WCS-09001 ~ WCS-10000
Explorer Toolbar
WCS-10001 ~ WCS-11000
Desktop Integration
WCS-11001 ~ WCS-12000
Lifecycle
WCS-12001 ~ WCS-13000
Links
WCS-13001 ~ WCS-14000
Lists
WCS-14001 ~ WCS-15000
Navigation
WCS-15001 ~ WCS-16000
Page Editor
WCS-16001 ~ WCS-17000
Page Templates
WCS-17001 ~ WCS-18000
People
WCS-18001 ~ WCS-19000
Personal WebCenter
WCS-19001 ~ WCS-20000
Provisioned Apps
WCS-20001 ~ WCS-21000
Ratings / Comments
WCS-21001 ~ WCS-22000
Region
WCS-22001 ~ WCS-23000
22-2
Chapter 22
Introduction to Diagnostic Logging
Table 22-1
(Cont.) Oracle WebCenter Portal Message Categories
Message ID Range
Message Category
Resource Catalog
WCS-23001 ~ WCS-24000
Rich Text Editor
WCS-24001 ~ WCS-25000
Roles
WCS-25001 ~ WCS-26000
Search
WCS-26001 ~ WCS-27000
Skins
WCS-27001 ~ WCS-28000
Smart Tags
WCS-28001 ~ WCS-29000
Subscription
WCS-29001 ~ WCS-30000
Wiki
WCS-30001 ~ WCS-31000
WebCenter Portal Editor
WCS-31001 ~ WCS-32000
Worklist
WCS-32001 ~ WCS-33000
Content Adapters
WCS-34001 ~ WCS-35000
VCR ADF Integration
WCS-35001 ~ WCS-36000
Pages
WCS-36001 ~ WCS-37000
Notes
WCS-37001 ~ WCS-38000
RSS
WCS-38001 ~ WCS-39000
Portlet Binding
WCS-39001 ~ WCS-40000
Portlet Runtime
WCS-40001 ~ WCS-41000
DesignTime@Runtime
WCS-41001 ~ WCS-42000
External Application
WCS-42001 ~ WCS-43000
Service Framework
WCS-43001 ~ WCS-44000
Security Framework
WCS-44001 ~ WCS-45000
Portlet Design-Time
WCS-45001 ~ WCS-46000
Resource Catalog Viewer
WCS-46001 ~ WCS-47000
People Connections
WCS-47001 ~ WCS-48000
Preferences
WCS-48001 ~ WCS-49000
REST
WCS-49001 ~ WCS-50000
Notifications
WCS-50001 ~ WCS-51000
Office integration
WCS-51001 ~ WCS-52000
22-3
Chapter 22
Introduction to Diagnostic Logging
Table 22-1
(Cont.) Oracle WebCenter Portal Message Categories
Message ID Range
Message Category
Blogs
WCS-52001 ~ WCS-53000
Activity Graph
WCS-53001 ~ WCS-54000
VCR (from WLP
WCS-54001 ~ WCS-55000
WebCenter Content SPI
WCS-55001 ~ WCS-56000
RESTClient
WCS-61001 ~ WCS-62000
Translations
WCS-62001 ~ WCS-63000
Analytics
WCS-63001 ~ WCS-64000
JAX-RS Framework
WCS-64001 ~ WCS-65000
Data Presenter
WCS-65001 ~ WCS-66000
Knowledge Directory
WCS-66001 ~ WCS-67000
Concurrency Package
WCS-67001 ~ WCS-68000
PortalApps Integration
WCS-68001 ~ WCS-69000
System Management
WCS-69001 ~ WCS-70000
Performance Out-ofbounds
WCS-69201 ~ WCS-70000
Nitrous
WCS-70001 ~ WCS-71000
22.1.3 Out-Of-Bound Conditions for Oracle WebCenter Portal
Performance Metrics
Out-of-bound conditions are also logged in managed server diagnostic logs so you can
examine historical events at any time. Performance related messages are logged with
the message ID prefix WCS-692<nn>and include the metric name, the value, and a
message describing the metric that is out-of-bounds.
Here are some examples of messages that you might see in diagnostic logs for
WebCenter Portal:
[WC_Portal] [WARNING] [WCS-69251] [oracle.webcenter.system-management] [tid:
[ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)']
[userId: weblogic] [ecid:
6356ef0164cbad47:3fe105c5:13b4e847973:-8000-0000000000000031,0] [APP:
webcenter#11.1.1.4.0] [DSID: 0000JhEYRT^EgKG_Ix8Dyf1Ghz32000005]
pageResponseTime: 22223 ms of PersonalSpace/Activities is out-of-bounds
[WC_Portal] [WARNING] [WCS-69252] [oracle.webcenter.system-management] [tid:
oracle.webcenter.DefaultTimer] [ecid: 0000JhEX92mEgKG_Ix8Dyf1Ghz32000002,0] [APP:
webcenter#11.1.1.4.0]
wlsCpuUsage: 21.92100394175851 % of WebLogicServer is out-of-bounds
22-4
Chapter 22
Viewing and Configuring Log Information
[WC_Portal] [WARNING] [WCS-69255] [oracle.webcenter.system-management] [tid:
[ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)']
[userId: weblogic] [ecid:
6356ef0164cbad47:3fe105c5:13b4e847973:-8000-0000000000000060,0] [APP:
webcenter#11.1.1.4.0] [DSID: 0000JhEYRT^EgKG_Ix8Dyf1Ghz32000005]
downloadThroughput: 11.63793103448276 KB/sec of 3209 is out-of-bound
[WC_Portal] [WARNING] [WCS-69253] [oracle.webcenter.system-management] [tid:
pool-3-daemon-thread-1] [userId: weblogic] [ecid:
6356ef0164cbad47:3fe105c5:13b4e847973:-8000-0000000000000088,0:16] [APP:
webcenter#11.1.1.4.0] portletResponseTime: 20523 ms of Portlet:
slowRenderingPortlet from Web Producer myPortlets is out-of-bounds
22.2 Viewing and Configuring Log Information
This section includes the following topics:
•
Viewing and Configuring WebCenter Portal Logs
•
Viewing and Configuring Error Messages in WebCenter Portal
22.2.1 Viewing and Configuring WebCenter Portal Logs
To view log messages for a WebCenter Portal application:
1.
In Fusion Middleware Control, navigate to the home page for WebCenter Portal.
See Navigating to the Home Page for WebCenter Portal.
2.
From the WebCenter Portal menu, select Logs > View Log Messages.
3.
In the Log Messages page, search for warnings, errors, notifications, and so on.
To configure log files for WebCenter Portal:
1. In Fusion Middleware Control, navigate to the home page for WebCenter Portal.
See Navigating to the Home Page for WebCenter Portal.
2. From the WebCenter Portal menu, select Logs > Log Configuration.
3. In the Log Configuration page, in the Log Files tab, configure log settings.
For more information, see Viewing and Searching Log Files in Administering Oracle
Fusion Middleware.
22.2.2 Viewing and Configuring Error Messages in WebCenter Portal
To help developers debug WebCenter Portal assets, administrators can enable error
messages with the calling stack to be displayed in the WebCenter Portal error page.
Caution:
For security reasons, error messages should not be enabled in a production
environment. Oracle recommends that you restrict error messages to
development and staging environments.
22-5
Chapter 22
Viewing and Configuring Log Information
To enable error messages:
1.
Connect to the WebCenter domain's Administration server using WLST.
2.
Create a new folder (/tmp/WCconfig) on your local file system.
3.
Export the webcenter-config.xml configuration file to the /tmp/WCconfig folder you
created by running:
exportMetadata(application='webcenter', server='WC_Portal', toLocation='/tmp/
WCconfig', docs='/oracle/webcenter/webcenterapp/metadata/webcenter-config.xml')
4.
Open the webcenter-config.xml file (in the /tmp/WCconfig/oracle/webcenter/
webcenterapp/metadata) folder and change the showError-enable property to true to
enable error messages:
<webcenter:showError-enabled>true</webcenter:showError-enabled>
or false to disable it:
<webcenter:showError-enabled>false</webcenter:showError-enabled>
5.
Save the file and import it back to the Administration server using the following
WLST command:
importMetadata(application='webcenter', server='WC_Portal',fromLocation='/tmp/
WCconfig', docs='/oracle/webcenter/webcenterapp/metadata/webcenter-config.xml')
Note that you do not need to restart the Administration server for the change to
take effect.
22-6
23
Managing WebCenter Portal Audit Logs
Configure, manage, and interpret audit logging for WebCenter Portal.
Note:
Beginning with 12c (12.2.1.3.0), Oracle WebCenter Portal has deprecated
support for Jive features (announcements and discussions). If you are
upgrading from a prior release, these features remain available in your existing
installations that are being upgraded.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration
Console. Users with the Monitor or Operator roles can view security
information but cannot make changes.
See also Understanding Administrative Operations, Roles, and Tools.
Topics:
•
Introduction to Managing Audit Logs
•
Configuring Audit Logging
•
Viewing WebCenter Portal Audit Events
23.1 Introduction to Managing Audit Logs
When enabled, audit logging tracks portal-related events as part of the Fusion
Middleware Audit Service. Audit log events are stored in a file (the Audit Bus-stop) by
default, but can also be uploaded to a database for persistency (for more information,
see Configuring the Audit Store Database). The Audit Bus-stop file has a limited
capacity so storing log information in a database where events can be queried long
after their occurrence is recommended.
Note:
If you enable WebCenter Portal Impersonation, it is highly recommended that
you also enable audit logging. When Impersonation is enabled, audit logging
tracks the impersonator, impersonatee, and the context surrounding an event.
23-1
Chapter 23
Configuring Audit Logging
Audit logging provides the following key benefits:
•
Events that alter the security settings of portal, portal server, and major portal
server artifacts are traceable
•
Definable logging levels
•
Events logged are available in perpetuity when uploaded to a database
•
Reports on audit events are available through the Audit Service
For more information about the Audit Service and configuring the Audit Service, see
Introduction to Oracle Fusion Middleware Audit Framework in Securing Applications
with Oracle Platform Security Services. For information about configuring the Audit
Service to use a database, see Configuring and Managing Auditing in Securing
Applications with Oracle Platform Security Services.
23.2 Configuring Audit Logging
This section describes how to turn logging on and off for WebCenter Portal, how to set
the log level, and how to set up the Audit Store Database.
This section includes the following topics:
•
Setting the Logging Level
•
Configuring the Audit Store Database
23.2.1 Setting the Logging Level
By default, audit logging for WebCenter Portal is turned off (that is, set to None). To turn
it on, set the logging level to a value other than None (for example, Low) as shown in the
examples below. For the details of which logging categories are included for each
logging level, see Using WebCenter Portal Audit Logs.
Use the following WLST commands to modify the audit logging level for WebCenter
Portal audit events:
To set the logging level to Low:
setAuditPolicy(componentType="webcenter",filterPreset="Low")
Set the logging level to Medium:
setAuditPolicy(componentType="webcenter",filterPreset="Medium")
To turn logging off for WebCenter Portal:
setAuditPolicy(componentType="webcenter",filterPreset="None")
Successful execution does not throw any error and completes silently. Restart the
WC_Portal server to complete the logging level change.
For information about additional WLST commands you can use to manage and
configure audit logging, see WLST Commands for Auditing in Securing Applications
with Oracle Platform Security Services.
23-2
Chapter 23
Viewing WebCenter Portal Audit Events
23.2.2 Configuring the Audit Store Database
The audit store is a database that contains a pre-defined Oracle Fusion Middleware
Audit Framework schema created by the Repository Creation Utility (RCU). By default,
audit logs are stored as files in the auditlogs directory as shown in the following
example:
DOMAIN_HOME/servers/WC_Portal/logs/auditlogs/webcenter#11.1.1.4.0/audit_1_0.log
Once database persistence has been configured, the Audit loader picks up data from
this file and puts it in the Audit Framework schema. For information about configuring
the Audit Service to use a database, see Configuring and Managing Auditing in
Securing Applications with Oracle Platform Security Services.
You will need to know the name of the audit schema (the suffix is always IAU). You will
also need to set the audit repository to the database as shown below:
setAuditRepository(switchToDB='true',dataSourceName='jdbc/AuditDB',interval='15')
Note:
The audit data in the store is expected to be cumulative and will grow over
time. Ideally, the database should not be an operational database used by any
other applications, and should be a standalone RDBMS used for audit
purposes only.
23.3 Viewing WebCenter Portal Audit Events
This section describes the WebCenter Portal audit events that are available in the
audit log, and shows a simple SQL statement that you can use to query the audit
schema for impersonation events.
This section includes the following subsections:
•
Using WebCenter Portal Audit Logs
•
Querying the Audit Schema
23.3.1 Using WebCenter Portal Audit Logs
Table 23-1 lists the WebCenter Portal audit events that appear in the audit log
depending on the log level that is set. The various WebCenter Portal tools (such as
documents, announcements, discussions, wikis and blogs, forum, forum message,
forum topic, forum category) are identified in the log by their corresponding
ToolArtifactID and ToolType.
When the log level is set to Low, events in the following categories are logged:
•
PortalLifeCycle
•
PortalRoleManagement
•
PortalRoleMemberManagement
23-3
Chapter 23
Viewing WebCenter Portal Audit Events
•
PortalToolAccessManagement
•
ImpersonationSessionMgmt
When the log level is set to Medium, events in the following additional categories are
logged:
Table 23-1
•
PortalToolsManagement
•
PortalPagesManagement
WebCenter Portal Audit Events
Event Category
Event Name
Event Payload
PortalLifeCycle
LoginPortalServer,
CreatePortal, DeletePortal,
ImportPortal, ExportPortal,
DeployPortal,
PropagatePortal
InitiatorUID, InitiatorMail,
InitiatorDisplayName, ImpersonatorUID,
PortalID, PortalName, PotalDisplayName,
PortalURL, PortalTemplate, PortalOldState,
PortalNewState, TargetPortalConnection
PortalRoleManagement
CreateRole DeleteRole
PermissionUpdate
InitiatorUID, InitiatorMail,
InitiatorDisplayName, ImpersonatorUID,
PortalID, PortalName, RoleName,
RoleTemplate, PermissionClass,
PermissionName,
PermissionActionsGranted,
PermissionActionsRevoked
PortalRoleMemberManagement
AddMemberToRole
RemoveMemberFromRole
InitiatorUID, InitiatorMail,
InitiatorDisplayName, ImpersonatorUID,
PortalID, PortalName, RoleName,
MemberType, MemberUID, ServiceID
ImpersonationSessionMgmt
GrantImpersonationAccess
RevokeImpersonationAccess
BeginImpersonation
EndImpersonation
InitiatorUID, InitiatorMail,
InitiatorDisplayName, ImpersonatorUID,
ImpersonateeUID, PortalID, PortalName,
ImpersonationStartTime,
ImpersonationEndTime,
ImpersonationGrantStartTime,
ImpersonationEndTime,
ImpersonationRightRevokeTime
PortalToolsManagement
CreateTool, DeleteTool
ModifyTool
InitiatorUID, InitiatorMail,
InitiatorDisplayName, ImpersonatorUID,
PortalID, PortalName, ToolArtifactID,
ToolName, ToolType
PortalToolAccessManagement
ToolAccessPermissionUpdat
e GrantToolAccess
RevokeToolAccess
InitiatorUID, InitiatorMail,
InitiatorDisplayName, ImpersonatorUID,
PortalID, PortalName, ToolName, ToolType,
ToolArtifactID, MemberUID, MemberType,
PermissionActionsGranted,
PermissionActionsRevoked,
PermissionClass, PermissionName
PortalPagesManagement
CreatePage DeletePage
InitiatorUID, InitiatorMail,
InitiatorDisplayName, ImpersonatorUID,
PortalID, PortalName, PageID, PageName
23-4
Chapter 23
Viewing WebCenter Portal Audit Events
23.3.2 Querying the Audit Schema
Once you've configured the audit schema and the audit repository is set to database,
you can create reports based on this generated audit data. Follow the steps below to
create a report:
1. Generate a view based on audit tables by running the following command to
generate a SQL file that can then be used to create a view for the WebCenter
Portal component-specific data from audit DB tables:
createAuditDBView(fileName="/tmp/WCPortalAuditView.sql",
componentType="webcenter")
The IAU schema owner (for example, TEST_IAU) will need to have 'create view'
privileges. To create the view, run the WCPortalAuditView.sql file or run the following
SQL command as a system DBA:
grant create view to TEST_IAU
The created view will have name like 'webcenter_AUDITVIEW'.
2. Use the view to query the audit database using WebCenter Portal tool audit
attribute names as table column name as shown in the following examples. Open
the WCPortalAuditView.sql file to see the mapping of table column names with
WebCenter Portal attributes.
•
The following SQL statement returns all the attributes of WebCenter Portal
tools that are logged with the event types BeginImpersonation and
EndImpersonation:
select * from webcenter_AUDITVIEW where EventType like '%Impersonation';
•
The following SQL statement lists all users who have deleted any portal along
with the deleted portal information:
select InitiatorUID,InitiatorMail,PortalID,PortalName,PortalURL from
webcenter_AUDITVIEW where EventType = 'DeletePortal';
•
The following SQL statement returns all audit data for WebCenter Portal:
select * from webcenter_AUDITVIEW;
If you want to regularly monitor WebCenter Portal activities you can create a SQL data
source using SQL queries and drop the data source as a table or other visualization
onto a portal page. For more information about SQL data sources, see Working with
Data Sources in Building Portals with Oracle WebCenter Portal.
23-5
Chapter 23
Viewing WebCenter Portal Audit Events
23-6
Part V
Administering Security
This part of Administering Oracle WebCenter Portal provides information about the
security administration topics for Oracle WebCenter Portal:
•
Managing WebCenter Portal Security
•
Configuring the Identity Store
•
Configuring the Policy and Credential Store
•
Configuring Single Sign-On
•
Configuring SSL
•
Configuring Web Services Security
•
Configuring Security for Portlet Producers
•
Managing Impersonation
24
Managing WebCenter Portal Security
Understand how WebCenter Portal is secured and learn how to configure and manage
security.
Note:
Beginning with 12c (12.2.1.3.0), Oracle WebCenter Portal has deprecated
support for Jive features (announcements and discussions). If you are
upgrading from a prior release, these features remain available in your existing
installations that are being upgraded.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration
Console. Users with the Monitor or Operator roles can view security
information but cannot make changes.
See also, Understanding Administrative Operations, Roles, and Tools.
Topics:
•
Introduction to Application Security
•
Default Security Configuration
For information about specific aspects of configuring security for WebCenter Portal,
see:
•
Configuring the Identity Store
•
Configuring the Policy and Credential Store
•
Configuring Single Sign-On
•
Configuring SSL
•
Configuring Web Services Security
•
Configuring Security for Portlet Producers
24.1 Introduction to Application Security
The recommended security model for WebCenter Portal is based on Oracle ADF
Security, which implements the Java Authentication and Authorization Service (JAAS)
model. For more information about Oracle ADF Security, see Introduction to Oracle
24-1
Chapter 24
Introduction to Application Security
ADF in Developing Fusion Web Applications with Oracle Application Development
Framework.
Figure 24-1 shows the relationship between a WebCenter Portal application
deployment and its services, servers, portlets, portlet producers, its identity, credential
and policy stores, and Oracle Enterprise Manager.
Figure 24-1
Basic WebCenter Portal Application Architecture
The diagram in Figure 24-2 shows a basic WebCenter Portal application after
deployment with its back-end server connections.
Figure 24-2 WebCenter Portal Application Architecture with Back-End Server
Connections
The diagram in Figure 24-3 shows the security layers for a WebCenter Portal
application.
24-2
Chapter 24
Introduction to Application Security
Figure 24-3
WebCenter Portal Security Layers
WebCenter Portal applications share the same four bottom security layers (WebCenter
Security Framework, ADF Security, OPSS, and WebLogic Server Security). The
application layer will, of course, depend on the implementation.
WebCenter Portal Application Security
WebCenter Portal provides support for:
•
Application role management and privilege mapping
•
Self-registration
•
Portal-level security management
•
External application credential management
WebCenter Portal Security Framework
The WebCenter Portal Security Framework provides support for:
•
Service Security Extension Framework (a common permission-based and rolemapping based model for specifying the security model for services)
•
Permission-based authorization
•
Role-mapping based authorization
•
External applications and credential mapping
ADF Security
ADF Security provides support for:
•
Page authorization
•
Task flow authorization
•
Secure connection management
•
Credential mapping APIs
•
Logout invocation, including logout from SSO-enabled configurations with Oracle
Access Manager and Oracle SSO
•
Secured login URL for ADF Security-based applications (the adfAuthentication
servlet)
Oracle Platform Security Services (OPSS)
OPSS provides support for:
•
Anonymous-role
•
Authenticated-role
24-3
Chapter 24
Default Security Configuration
•
Identity store, policy store, and credential store
•
Identity Management Services
•
Oracle Web Service Manager Security
•
Authorization
•
Policy and Credential Lifecycle
WebLogic Server Security
WebLogic Server Security provides support for:
•
WebLogic authenticators
•
Identity asserters
•
J2EE container security
•
SSL
24.2 Default Security Configuration
This section describes the security configuration that is in place when a WebCenter
Portal application is deployed, and the configuration tasks that should be carried out
after deployment:
•
Administrator Accounts
•
Application Roles and Enterprise Roles
•
Default Identity and Policy Stores
•
Default Policy Store Permissions and Grants
•
Post-deployment Security Configuration Tasks
24.2.1 Administrator Accounts
Although the WebCenter Portal application does not contribute any pre-seeded
accounts, there are certain pre-seeded grants that are given to the default system
administrator account (weblogic) for the WebCenter Portal application. If your
installation does not use weblogic as the account name for the system administrator
role, you must configure one or more other users for this role as described in
Managing Users and Application Roles.
Note:
The weblogic account is a system administrator account and should not be
used to create user-level artifacts. The weblogic account should only be used
to create new user accounts in Fusion Middleware Control.
24.2.2 Application Roles and Enterprise Roles
Application roles differ from roles that appear in the identity store portion of the
embedded LDAP server or in roles defined by the enterprise LDAP provider.
24-4
Chapter 24
Default Security Configuration
Application roles are specific to an application and defined in an application-specific
stripe of the policy store.
Enterprise roles, which are stored in the enterprise identity store, apply at the
enterprise level. That is, the roles and permissions that you or a system administrator
define within the enterprise identity store do not imply permissions within an
application.
Within WebCenter Portal you can assign application roles and permissions to users in
the corporate identity store. You can also assign application roles and permissions to
enterprise roles defined in the enterprise identity store.
24.2.3 Default Identity and Policy Stores
By default, WebCenter Portal is configured to use a file-based embedded LDAP
identity store to store application-level user IDs, and an Oracle RDBMS (releases
10.2.0.4 or later; releases 11.1.0.7 or later; and releases 11.2.0.1 or later) policy store
to store policy grants.
Although secure, the embedded LDAP identity store is not a "production-class" store
and should be replaced with an external LDAP-based identity store such as Oracle
Internet Directory for enterprise production environments. For list of supported
versions of identity store types, see Oracle Fusion Middleware 12c Certifications.
Caution:
The default file-based policy store should only be used for development, and
only for single-node WebCenter Portal configurations. For enterprise
deployments you must reassociate the policy and credential store with a
database, or with an external LDAP-based store as described in Configuring
the Identity Store.
The policy and credential stores can use either the default database store or Oracle
Internet Directory 11gR1 or 10.1.4.3. Note that when using an external LDAP-based
store, the policy and credential stores must use the same LDAP server. Similarly,
when using a database, the policy and credential stores must use the same database.
For more information about the supported identity store and policy and credential store
configurations, see Supported LDAP-, DB-, and File-Based Services in Securing
Applications with Oracle Platform Security Services. For more information on
reconfiguring the identity store and the policy and credential stores, see Configuring
the Identity Store and Configuring the Policy and Credential Store.
24-5
Chapter 24
Default Security Configuration
Note:
By default, discussions are configured to use the embedded LDAP identity
store: All users in the embedded LDAP store can log onto the discussions
server, and all users in the Administrators group have administrative privileges
on the discussions server.
If you reassociate the identity store with an external LDAP server, you must
either move the system administrator account to the external LDAP (as
described in Moving the Administrator Account to an External LDAP Server),
or if you choose not to move the administrator account, you must perform
some additional steps to identify the new administrator account for the
discussions server as described in Migrating the Discussions Server to Use an
External LDAP.
Both WebCenter Portal and Content Server must share the same LDAP
server. For more information, see Configuring Oracle WebCenter Content to
Share the WebCenter Portal Identity Store LDAP Server.
24.2.4 Default Policy Store Permissions and Grants
The ADF Security permissions model supports both permission-based and role-based
authorization. These two types of authorization, and the default Policy Store
permissions and code based grants are discussed in the following topics:
•
Permission-based Authorization
•
Role-mapping Based Authorization
•
Default Policy Store Permissions for WebCenter Portal
•
Default Code-based Grants
24.2.4.1 Permission-based Authorization
Permission-based authorization is used for tools, such as lists, where access control is
implemented within the WebCenter Portal application using Oracle Platform Security
Services (OPSS). WebCenter Portal provides extensive user and role management
tools with which you can create application roles, and define what permissions should
be granted to those roles. For information on managing users and roles in WebCenter
Portal, see Managing Security Across Portals.
24.2.4.2 Role-mapping Based Authorization
Tools and services that need to access "remote" (back-end) resources require rolemapping based authorization. For example, for discussions, role mapping is required
when WebCenter Portal users (mapping to one or more application roles) must be
mapped to another set of roles on the discussions server.
For example, in the WebCenter Portal application:
•
WebCenter Portal roles are mapped to corresponding roles on the back-end
discussions server.
24-6
Chapter 24
Default Security Configuration
•
When a user is granted a new WebCenter Portal role, a similar grant (privilege) is
granted in the back-end discussions server. For example, when user Pat is
granted Discussions-Create/Edit/Delete permissions in WebCenter Portal, Pat is
granted corresponding permissions in the back-end discussions server.
For more information, see Understanding Discussion Server Role Mapping.
24.2.4.3 Default Policy Store Permissions for WebCenter Portal
Out-of-the box, WebCenter Portal provides the following default roles:
Default application roles:
•
Administrator
•
Application Specialist
•
Portal Creator
•
Authenticated-User
•
Public-User
For more information about the default application roles, see Managing Security
Across Portals.
Default role in a portal:
•
Portal Manager
Note:
The portal-level roles of Participant and Viewer are no longer created by
default. In order to create portals faster and eliminate unneeded roles, there
are fewer default portal-level roles created by default.
24.2.4.4 Default Code-based Grants
WebCenter Portal makes internal calls to APIs on the security platform that are
secured with permission checks. Consequently, the application must be granted
appropriate permissions to invoke the OPSS APIs (for example, the permission to
access the policy store and grant or revoke permissions (PolicyStoreAccessPermission,
or grant basic permissions to application roles).
Similarly, WebCenter Portal must pre-authorize access to various operations that it
wants to expose using the WebCenter Portal permissions, and then invoke the OPSS
APIs as privileged actions.
24.2.5 Post-deployment Security Configuration Tasks
After deploying WebCenter Portal, you should consider the following security-related
configuration tasks for your site:
•
Reassociating the identity store to use an external LDAP
By default, WebCenter Portal uses an embedded LDAP for the identity store.
Although secure, the out-of-the-box embedded LDAP may not scale appropriately
24-7
Chapter 24
Default Security Configuration
for large enterprise production environments. For instructions on how to configure
the identity store to use an external LDAP such as Oracle Internet Directory (OID),
see Configuring the Identity Store.
Note:
By default, WebCenter Portal's discussions server is configured to use the
embedded LDAP identity store. All users in the embedded LDAP store can log
on to the discussions server, and all users in the Administrators group have
administrative privileges on the discussions server.
If you reassociate the identity store with an external LDAP server, you must
either move the system administrator account to the external LDAP (as
described in Moving the Administrator Account to an External LDAP Server),
or if you choose not to move the administrator account, you must perform
some additional steps to identify the new administrator account for the
discussions server as described in Migrating the Discussions Server to Use an
External LDAP.
For WebCenter Portal, both the WebCenter Portal application and Content
Server must share the same LDAP server. For more information, see
Configuring Oracle WebCenter Content to Share the WebCenter Portal
Identity Store LDAP Server.
•
Configuring SSO
Single Sign-On (SSO) lets users log in once across WebCenter Portal and
components rather than having to log in for each sub-application (for example, to
accessing a wiki page). Users do not have to maintain a separate user ID and
password for each application or component that they access. However, you can
still configure a variety of authentication methods, so that more sensitive
applications can be protected using more stringent methods. WebCenter Portal
supports four single sign-on solutions: Oracle Access Manager (OAM), Oracle
Single Sign-on (OSSO), a SAML-based single sign-on solution, and an SSO
solution for Microsoft clients, using Windows authentication based on the Simple
and Protected Negotiate (SPNEGO) mechanism and the Kerberos protocol. For a
discussion of these solutions and an overview of single sign-on, see Configuring
Single Sign-On.
•
Configuring SSL
Secure Sockets Layer (SSL) provides additional security for connections between
WebCenter Portal and components by providing an additional authentication layer,
and by encrypting the data exchanged. For connections between applications or
components where the data exchanged is sensitive, consider securing the
connection with SSL. For a list of the connections that can and should be
protected with SSL in a production environment, see Configuring SSL .
Note:
Using SSL is computationally intensive and adds overhead to a connection.
SSL should therefore not be used where it is not required, and is best
reserved for production environments.
24-8
25
Configuring the Identity Store
Associate the identity store with an external LDAP instead of the default embedded
LDAP identity store, configure an LDAP server for Oracle WebCenter Content Server,
and use Oracle Identity Cloud Service as the identity store for WebCenter Portal.
Note:
Beginning with 12c (12.2.1.3.0), Oracle WebCenter Portal has deprecated
support for Jive features (announcements and discussions). If you are
upgrading from a prior release, these features remain available in your existing
installations that are being upgraded.
Caution:
Before reassociating the identity store, be sure to back up the relevant
configuration files:
•
config.xml
•
jps-config.xml
As a precaution, you should also back up the boot.properties file for the
Administration Server for the domain.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration
Console. Users with the Monitor or Operator roles can view security
information but cannot make changes.
See also Understanding Administrative Operations, Roles, and Tools.
Topics:
•
Reassociating the Identity Store with an External LDAP Server
•
Configuring the GUID Attribute for External LDAP Identity Stores
•
Adding Users to the Embedded LDAP Identity Store
•
Moving the Administrator Account to an External LDAP Server
•
Configuring Oracle WebCenter Content to Share the WebCenter Portal Identity
Store LDAP Server
25-1
Chapter 25
Reassociating the Identity Store with an External LDAP Server
•
Aggregating Multiple Identity Store LDAP Servers Using libOVD
•
Configuring Dynamic Groups for WebCenter Portal
•
Configuring the REST Service Identity Asserter
25.1 Reassociating the Identity Store with an External LDAP
Server
In almost all cases, you should reassociate the identity store with an external LDAP
server rather than using the default embedded LDAP. Although you can use many
different types of LDAP servers, this section focuses on how to configure the identity
store to use Oracle Internet Directory (OID).
Note:
Reassociating the identity store with an external LDAP server is mandatory
only if you're using the documents or discussions tools, in which case the
WC_Portal server, Content Server, and Collaboration server must all be
configured to use the same external LDAP server.
It is recommended that you set a strong password policy on the LDAP server for the
identity store. Oracle recommends that user passwords meet the following
requirements:
•
Passwords should not contain the user's account name or parts of the user's full
name that exceed two consecutive characters.
•
Passwords must be at least six characters in length or the number of characters
specified in the minimum password length policy setting.
•
Enforce password history policy setting, which determines the number of unique
new passwords that have to be associated with a user account before an old
password can be reused. The setting for this value can be between 0–24 (if this
value is set to 0, Enforce password history is disabled; a higher value, such as 24,
is preferable to prevent security vulnerability through password reuse).
•
Passwords must contain characters from at least three of the following four
categories: English uppercase alphabet characters (A to Z), English lowercase
alphabet characters (a to z), base 10 digits (0 to 9), non-alphanumeric characters
(for example, !$#,%) .
For the GUID attribute for other supported LDAPs, see Configuring the GUID Attribute
for External LDAP Identity Stores. For other user attribute mappings for supported
LDAP servers, see the User and Role API Reference in Securing Applications with
Oracle Platform Security Services.
25-2
Chapter 25
Reassociating the Identity Store with an External LDAP Server
Note:
To use an existing database (i.e., not a default database store created when
WebCenter Portal is installed in its default configuration) for the identity store,
you must either use OVD or write a custom provider based on the User and
Role API. Note that LibOVD should not be used in conjunction with a database
identity store.
Caution:
Reassociating an external LDAP identity store (such as OID) in a production
environment with another external LDAP store is not supported. If you have a
business need to carry out such a reassociation, please contact Oracle
support before going ahead as user information and artifacts may be lost in
the process.
To reassociate the identity store with OID:
1. Log in to the WebLogic Server Administration Console.
For information on logging into the WebLogic Server Administration Console, see
Oracle WebLogic Server Administration Console.
2. In the Domain Structure pane click Security Realms.
The Summary of Security Realms pane displays.
3. In the Name column, click the realm for which you want to reassociate the identity
store.
The Realm Settings pane displays.
4. Open the Providers tab.
The Providers Settings pane displays.
5. Click New to add a new provider.
The Create a New Authentication Provider pane displays.
6. Enter a name for the provider (for example OIDAuthenticator for a provider that
authenticates the user for the Oracle Internet Directory).
7. Select the authenticator appropriate for your LDAP directory from the list of
authenticators.
Be sure to select the authenticator associated with the LDAP you are configuring
rather than choosing the generic DefaultAuthenticator. For example, for OID select
OracleInternetDirectoryAuthenticator, or for iPlanet select IPlanetAuthenticator.
25-3
Chapter 25
Reassociating the Identity Store with an External LDAP Server
Note:
If using iPlanet, set the virtualize property to true in ./user_projects/domains/
soainfra/config/fmwconfig/jps-config.xml.
<serviceInstance name="idstore.ldap" provider="idstore.ldap.provider">
<property name="idstore.config.provider"
value="oracle.security.jps.wls.internal.idstore.WlsLdapIdStoreConfigProvider"
/>
<property name="CONNECTION_POOL_CLASS"
value="oracle.security.idm.providers.stdldap.JNDIPool"/>
<property name="virtualize" value="true"/>
<property name="OPTIMIZE_SEARCH" value="true"/>
</serviceInstance>
8. Click OK to save your settings.
The Settings pane displays with the new authentication provider.
9. In the list of Authentication Providers, click the newly created provider.
The Settings Pane for the new authentication provider displays.
10. Set the Control Flag to SUFFICIENT.
Setting the Control Flag to SUFFICIENT indicates that if a user can be authenticated
successfully by this authenticator, then the authentication provider should accept
that authentication and should not invoke any additional authenticators.
Note:
If the authentication fails, it falls through to the next authenticator in the chain.
Therefore, be sure all subsequent authenticators also have their control flag
set to SUFFICIENT.
11. Click Save to save this setting.
12. Open the Provider Specific tab to enter the details for the LDAP server.
13. Enter the details specific to your LDAP server.
Note:
The table below shows values appropriate for OID. For the permissible values
for other LDAPs, such as Active Directory, see OPSS System and
Configuration Properties appendix in Securing Applications with Oracle
Platform Security Services.
Parameter
Host:
Value
Description
The LDAP server's server ID (for example,
<ldap_host>example.com)
25-4
Chapter 25
Reassociating the Identity Store with an External LDAP Server
Parameter
Value
Description
Port:
The LDAP server's port number (for example,
3060)
Principal:
The LDAP user DN used to connect to the
LDAP server (for example, cn=orcladmin)
Credential:
The password used to connect to the LDAP
server
User Base DN:
Specify the DN under which your Users start
(for example, cn=users,dc=example,dc=com)
Group Base DN:
Specify the DN that points to your Groups
node (for example,
cn=groups,dc=example,dc=com)
Use Retrieved User
Name as Principal
Checked
Must be turned on
All Users Filter:
(&(uid=*)
(objectclass=pers
on))
Search to find all users under the User Base
DN
User From Name
Filter:
(&(uid=%u)
(objectclass=pers
on))
User Name
Attribute:
uid
14. Click Save.
15. Return to the Providers tab and reorder the providers so that the new
authentication provider is on top, followed by any other authenticators with the
DefaultAuthenticator placed at the end of the list.
All should have their control flags set to SUFFICIENT so that subsequent
authenticators can authenticate identities that fall through from the new provider all
the way through to the DefaultAuthenticator (which is used only for the default filebased embedded LDAP). For example, logins such as the default administrator
account are not typically created in the LDAP directory, but still need to be
authenticated to start up the server. Unless identities are allowed to fall through to
the DefaultAuthenticator, the default administrator account will not be
authenticated. For more information about the DefaultAuthenticator and the default
administrator account, see Moving the Administrator Account to an External LDAP
Server.
Note:
Do not use the REQUIRED control flag if you are using multiple
authenticators. If a REQUIRED control flag is found in the list of
authenticators, regardless of its position, no further authenticators will be
examined.
25-5
Chapter 25
Configuring the GUID Attribute for External LDAP Identity Stores
16. Restart the Administration Server and the managed server for the changes to take
effect.
25.2 Configuring the GUID Attribute for External LDAP
Identity Stores
This section describes the different GUID attributes used by non-Oracle LDAP
implementations. For other user attribute mappings for other supported LDAP servers,
see the User and Role API Reference section in Securing Applications with Oracle
Platform Security Services. See also Mapping User Attributes to LDAP Directories in
Securing Applications with Oracle Platform Security Services. Note that as shown in
the table in Mapping User Attributes to LDAP Directories, not all attributes are
available across all LDAP servers, including the embedded LDAP server that comes
with WebLogic Server (WLS).
Note:
If you are using an LDAP identity store that does not use the orclGuid
attribute, such as IBM Tivoli, you can map the GUID attribute in the WLS
authenticator and it will be used automatically.
IBM Tivoli® Directory Server:
ibm-entryUUID
Microsoft® Active Directory:
objectGUID
If you are using Active Directory, remember that the samAccountName attribute has a 20character limit; other IDs used by Lotus Connections have a 256-character limit.
Microsoft Active Directory Application Mode (ADAM):
objectGUID
To use objectSID as the default for ADAM, add the following line to the
<config:attributeConfiguration> section of the wimconfig.xml file:
<config:externalIdAttributes name="objectSID" syntax="octetString"/>
BM Domino® Enterprise Server:
dominoUNID
Note that if the bind ID for the Domino LDAP does not have sufficient manager access
to the Domino directory the Virtual Member Manager (VMM) does not return the
correct attribute type for the Domino schema query; DN is returned as the VMM ID. To
override VMM's default ID setting, add the following line to the
<config:attributeConfiguration> section of the wimconfig.xml file:
<config:externalIdAttributes name="dominoUNID"/>
Sun Java™ System Directory Server:
25-6
Chapter 25
Adding Users to the Embedded LDAP Identity Store
nsuniqueid
eNovell Directory Server:
GUID
25.3 Adding Users to the Embedded LDAP Identity Store
For development or testing purposes, you can add users to the embedded LDAP using
the WebLogic Server Administration Console, or using an LDIF file and LDAP
commands. Using an LDIF file lets you add additional attributes not available through
the WebLogic Server Administration Console.
Note:
The embedded LDAP server should only be used for testing or "proof of
concept." For production use, Oracle recommends using external identity
stores, such as Oracle Internet Directory or Microsoft Active Directory, that are
supported by the OPSS user and role APIs. For information about the user
and role attributes, see the Mapping User Attributes to LDAP Directories
section in Securing Applications with Oracle Platform Security Services.
For Oracle Internet Directory, users are typically managed using ODSM (described in
Managing Directory Entries in Administering Oracle Internet Directory).
Note:
If you are planning to reassociate your identity store with an external LDAP,
perform that step first (as described in Reassociating the Identity Store with an
External LDAP Server) as when you reassociate the embedded LDAP with
OID or other external LDAP implementation users and user artifacts may not
be carried forward. Consequently, do not add users to the embedded LDAP
with the expectation of moving them to a production environment. The
embedded LDAP is intended to be used only as a test environment, and is not
intended as a staging environment that can be moved to production.
WebCenter Portal supports self-registration. New users who self-register with
WebCenter Portal are added directly to the identity store. For more information about
self-registration, see Enabling Self-Registration.
Note:
Adding users to the identity store is typically a system administrator task and
may not be a task for which application-level administrators have the required
permissions.
This section includes the following subsections:
25-7
Chapter 25
Adding Users to the Embedded LDAP Identity Store
•
Adding Users to the Identity Store Using the WLS Administration Console
•
Adding Users to the Identity Store Using an LDIF File
25.3.1 Adding Users to the Identity Store Using the WLS
Administration Console
To add users to the embedded LDAP identity store from the WebLogic Server
Administration Console:
1. Log in to the WebLogic Server Administration Console.
For information on logging into the WebLogic Server Administration Console, see
Oracle WebLogic Server Administration Console.
2. In the Domain Structure pane, click Security Realms.
The Summary of Security Realms pane displays.
3. In the Name column, click the realm to which you want to add users.
The Realm Settings pane displays.
4. Click the Users and Groups tab to display the list of current users.
5. Click New to add a new user.
6. On the Create a New User page, enter the new user login name in the Name field.
User names are case sensitive and must be unique. Do not use commas, tabs or
any of the other characters in the following comma-separated list:
< >, #, |, &, ?, ( ), { }
7. In the Description field, enter a description for the user (for example, the user's full
name).
8. From the Provider drop-down menu, select DefaultAuthenticator.
9. In the Password field, enter a password for the user.
The minimum password length for a user defined in the WebLogic Authentication
provider is 8 characters (note that other LDAP providers may have different
requirements for the password length). Do not use user name/password
combinations such as weblogic/weblogic in a production environment.
10. Reenter the password in the Confirm Password field.
11. Click OK to save your changes and add the user.
The user should now appear in the list of users.
25.3.2 Adding Users to the Identity Store Using an LDIF File
You can add users directly to the embedded LDAP identity store using an LDIF file.
Using an LDIF file enables you to specify additional user attributes that are not
available through the WebLogic Server Administration Console. As the embedded
LDAP server is a conformant LDAP server, you can use LDAP commands to add or
modify users. You can also search the directory, which is useful when exporting and
importing user accounts.
25-8
Chapter 25
Adding Users to the Embedded LDAP Identity Store
To add users to the embedded LDAP using an LDIF file you must perform the
following tasks:
•
Enable External LDAP Access
•
Create an LDIF File
•
Add the Users
25.3.2.1 Enable External LDAP Access
When WebLogic Server is installed, the LDAP access credential is set as a
randomized value and encrypted in the config.xml file. To enable external LDAP
access, you must reset the access credential for the embedded LDAP.
To reset the access credential for the embedded LDAP:
1. Log in to the WebLogic Server Administration Console.
2. In the Domain Structure pane, click WC_Domain.
3. In the Settings pane for WC_Domain, click the Security tab, and then click the
Embedded LDAP tab.
The Settings Pane for WC_Domain displays the embedded LDAP settings.
4. Enter a new password in the Credential field, and reenter it in the Confirm
Credential field.
5. Click Save to save your settings.
6. Restart the WebLogic server.
After this, you are ready to access the LDAP server with the following values:
•
the DN value for admin access is "cn=Admin"
•
the password is the value you entered in the Credential field
•
the port is the same as the admin port, which by default is 7001
25.3.2.2 Create an LDIF File
You can create an LDIF file with any text editor, and can include any attributes
appropriate for the embedded LDAP directory. The objectclasses that are supported
by default in the embedded LDAP server for WebLogic Server are the following:
•
person
•
inetOrgPerson
•
organizationalPerson
•
wlsUser
In order to interact successfully with the embedded LDAP server, you should
understand the default layout of the directory information tree (DIT). The default layout
in the embedded LDAP directory is shown in Figure 25-1.
25-9
Chapter 25
Adding Users to the Embedded LDAP Identity Store
Figure 25-1
Embedded LDAP Directory Information Tree
Note:
The naming attribute for the user entry in the embedded LDAP directory tree is
"uid". This is different from the default configuration for Oracle Internet
Directory (OID), where the naming attribute is "cn". Also, the location of the
users in this tree is "ou=people,ou=myrealm,dc=WC_Domain".
The following example shows an LDIF file with the attributes that are displayed in the
WebCenter Portal user profile screens:
dn: uid=john.doe,ou=people,ou=myrealm,dc=WC_Domain
description: John Doe
cn: john.doe
uid: john.doe
sn: Doe
objectclass: wlsUser
objectclass: organizationalperson
objectclass: inetOrgPerson
objectclass: person
objectclass: top
userpassword: MyPassword
displayName: John Doe
employeeNumber: 12345
employeeType: Regular
givenName: John
homePhone: 650-555-1212
mail: john.doe@example.com
title: Manager
manager: uid=mary.jones,ou=people,ou=myrealm,dc=WC_Domain
preferredLanguage: en
departmentNumber: tools
facsimiletelephonenumber: 650-555-1200
mobile: 650-500-1200
pager: 650-400-1200
telephoneNumber: 650-506-1212
postaladdress: 200 Oracle Parkway
l: Redwood Shores
homepostaladdress: 123 Main St., Anytown 12345
To create a file with multiple user entries, just replicate the above lines as many times
as required, with a blank line between entries.
25-10
Chapter 25
Adding Users to the Embedded LDAP Identity Store
Note:
WebCenter Portal user profiles include some attributes that are only available
in Oracle Internet Directory. These include the following attributes from the
orclUserV2 objectclass:
•
orclTimeZone
•
orclDateOfBirth
•
maidenName
You cannot add these attributes to an embedded LDAP identity store.
25.3.2.3 Add the Users
The example below uses the ldappadd command, a part of the LDAP command line
utilities provided with the Oracle Internet Directory server. For more information about
using the ldappadd command, see Oracle Internet Directory Data Management Tools in
Reference for Oracle Identity Management. For a complete list of user attribute
mappings for LDAP servers supported by WebCenter Portal, see Mapping User
Attributes to LDAP Services in the Securing Applications with Oracle Platform Security
Services.
ldapadd -h weblogichost.example.com -p 7001 -D cn=Admin -w password -v -f
newuser.ldif
add description:
John Doe
add cn:
john.doe
add uid:
john.doe
add sn:
Doe
add objectclass:
wlsUser
organizationalperson
inetOrgPerson
person
top
add userpassword:
password
add displayname:
John Doe
add employeenumber:
12345
add employeetype:
Regular
add givenname:
John
add homephone:
650-555-1212
add mail:
john.doe@example.com
add title:
Manager
add manager:
25-11
Chapter 25
Moving the Administrator Account to an External LDAP Server
uid=mary.jones,ou=people,ou=myrealm,dc=WC_Domain
add preferredlanguage:
en
add departmentnumber:
tools
add facsimiletelephonenumber:
650-555-1200
add mobile:
650-500-1200
add pager:
650-400-1200
add telephonenumber:
650-506-1212
add postaladdress:
200 Oracle Parkway
add l:
Redwood Shores
add homepostaladdress:
123 Main St., Anytown 12345
adding new entry uid=john.doe,ou=people,ou=myrealm,dc=WC_Domain
modify complete
25.4 Moving the Administrator Account to an External LDAP
Server
When configuring the domain to use an external LDAP server, you can also optionally
move the system administrator account (weblogic by default) to the LDAP server.
If the system administrator account, or any other appropriate user in LDAP, is in an
LDAP group called "Administrators", then this account should be sufficient to manage
the server, and the DefaultAuthenticator provider can be removed from the list of
authentication providers. In this case, all users, including the administrator account,
are authenticated against the external LDAP.
Note:
WebCenter Portal only recognizes users in the identity store that is mapped by
the first authenticator. Since the WebCenter Portal Administrator account is
initially created only in the embedded LDAP server, if an external LDAP such
as Oracle Internet Directory is configured as the primary authenticator for
WebCenter Portal, you must also create a user in that LDAP and grant that
user the WebCenter Portal Administrator role. For more information about
granting the WebCenter Portal Administrator role to a user, see Granting the
WebCenter Portal Administrator Role.
If you cannot create the weblogic (default) user in the external LDAP directory, there
are two options. You can:
•
Keep the DefaultAuthenticator provider and use the weblogic account with the
local embedded LDAP server in WebLogic Server to start and stop servers and do
other administrator operations from the WebLogic Server Administration Console.
If you keep the DefaultAuthenticator, make sure that the control flag for the
DefaultAuthentication provider is set to SUFFICIENT. If you choose this option, you
25-12
Chapter 25
Moving the Administrator Account to an External LDAP Server
must also perform the additional steps described in Migrating the Discussions
Server to Use an External LDAP.
Note:
If the weblogic user account is used from the DefaultAuthenticator, this
account should not be used to access WebCenter Portal as the application
code will not be able to find the user in the external LDAP store.
•
Remove the DefaultAuthenticator and make sure that any valid user account used
for administrator operations, such as starting and stopping servers, is included in
an "Administrators" group or other named group that contains the list of users that
are allowed to manage your domain in OID or other external LDAP. If a name
other than "Administrators" is used, then you must update the group name in the
definition of the WebLogic Server Global Administrator role. By default, this is
defined as membership in the enterprise group called "Administrators". For
information about changing the administrator group name, see Changing the
Administrator Group Name.
Note:
Since OWSM is dependent on the OracleSystemUser and
OracleSystemGroup entities, which are provided by the DefaultAuthenticator,
to get OWSM working after the embedded LDAP is removed you’ll need to
modify the default user. For more information, see Modifying the Default User
in Securing Web Services and Managing Policies with Oracle Web Services
Manager.
This section includes the following topics:
•
Migrating the Discussions Server to Use an External LDAP
•
Changing the Administrator Group Name
25.4.1 Migrating the Discussions Server to Use an External LDAP
If you've installed the discussions server and choose not to move the administrator
account to an external LDAP (as described in Moving the Administrator Account to an
External LDAP Server), you must perform some additional steps to identify the new
administrator account for the discussions server prior to reordering the authenticators
on the WebLogic server:
1. Select a user account from the external LDAP to be the administrator for the
discussions server.
2. Create an administrator account in the DefaultAuthenticator (that is, the embedded
LDAP) that matches the one you selected from the external LDAP. The account
names in the embedded LDAP and the external LDAP server must be the same.
For information about adding users to the embedded LDAP, see Adding Users to
the Embedded LDAP Identity Store.
25-13
Chapter 25
Moving the Administrator Account to an External LDAP Server
3. Log in to the discussions server Admin Console with the boot-identity account (that
is, weblogic) at:
http://host:port/owc_discussions/admin
Where host and port are the host ID and port number of the WLS_Services managed
server.
4. Click Settings > Admins/Moderators.
The Admins & Moderators page displays (see Figure 25-2).
Figure 25-2
Admins & Moderators Page
5. Click Grant New Permissions.
The Grant New Permissions pane displays (see Figure 25-3).
25-14
Chapter 25
Moving the Administrator Account to an External LDAP Server
Figure 25-3
Grant New Permissions Pane
6. Grant System Admin privileges to the user you created, as shown in Figure 25-4.
Figure 25-4
Grant New Permissions Pane with New User
7. Click System > System Properties.
The Jive Properties page displays (see Figure 25-5).
25-15
Chapter 25
Moving the Administrator Account to an External LDAP Server
Figure 25-5
Jive Properties Page
8. Check that the properties marked in red have been added and are set as shown in
Figure 25-5.
9. Log in to the WebLogic Server Administration Console.
For information on logging in to the WebLogic Server Administration Console, see
Oracle WebLogic Server Administration Console.
10. In the Domain Structure pane, click Security Realms.
The Summary of Security Realms pane displays.
11. In the Name column, click the realm for which you want to change the administrator
group name.
The Realm Settings pane displays.
12. Select the Providers tab and the Authentication subtab, and reorder the
authentication providers so that the authenticator for the external LDAP appears at
the top of the list as shown in the example in Figure 25-6:
25-16
Chapter 25
Moving the Administrator Account to an External LDAP Server
Figure 25-6
Providers Tab with Reordered Authentication Providers
13. Restart the domain Administration server and discussions server.
14. If you have not done so already, create a user in the external LDAP and grant that
user the WebCenter Portal Administrator role (see Granting the WebCenter Portal
Administrator Role).
25.4.2 Changing the Administrator Group Name
You can change the group name to any other valid enterprise role in your LDAP server
that contains users authorized to manage the domain. This lets you delegate the
administration of specific domains in your enterprise. You can create various
administration groups in the directory and have the corresponding domains be
configured to use the appropriate group for defining its administrators.
The following example LDIF file creates an administrative group in Oracle Internet
Directory:
dn: cn=WC_Domain_Admin,cn=groups,dc=example,dc=com
cn: WC_Domain_Admin
uniquemember: cn=joe.admin,cn=users,dc=example,dc=com
owner: cn=orcladmin
displayname: WebLogic Administrators Group
description: WebLogic Administrators Group
objectclass: orclgroup
objectclass: groupofuniquenames
Once this group is created, you must update the role definition for the WebLogic
Server global Admin role using the WebLogic Server Administration Console.
To update the role definition for the WebLogic Server global Admin role:
1. Log in to the WebLogic Server Administration Console.
For information on logging into the WebLogic Server Administration Console, see
Oracle WebLogic Server Administration Console.
2. In the Domain Structure pane, click Security Realms.
The Summary of Security Realms pane displays.
25-17
Chapter 25
Configuring Oracle WebCenter Content to Share the WebCenter Portal Identity Store LDAP Server
3. In the Name column, click the realm for which you want to change the administrator
group name.
The Realm Settings pane displays.
4. Open the Roles and Policies tab, and then the Realm Roles subtab.
The Realm Roles settings pane displays.
5. Expand the Global Roles node, and then the Roles node.
6. Click View Role Conditions for the Admin role.
The Edit Global Role page displays.
By default, the Administrators group in Oracle Internet Directory (or other
configured identity store) defines who has the administrator role in WebLogic
Server.
7. Click Add Conditions to add a different group name.
The Edit Global Role - Predicate List page displays.
8. Select Group from the Predicate List list and click Next.
The Edit Global Role - Arguments page displays.
9. Enter the name for the new administrator group and click Add.
10. Select the pre-existing administrator group and click Remove to delete it leaving
the new one you've selected in its place.
11. Click Finish to save your changes.
After making this change, any members of the new group specified are authorized
to administer WebLogic Server.
25.5 Configuring Oracle WebCenter Content to Share the
WebCenter Portal Identity Store LDAP Server
The WebCenter Content server must be configured to use the same identity store
LDAP server as WebCenter Portal. For more information on configuring WebCenter
Content, see Managing Connections to Oracle WebCenter Content Server and also
see Configuring the LDAP Identity Store Service in Securing Applications with Oracle
Platform Security Services.
25.6 Aggregating Multiple Identity Store LDAP Servers
Using libOVD
Sites with multiple identity stores can use libOVD to aggregate their user profile
information. Two scenarios are covered in the step-by-step configuration instructions
below:
•
Users are available in distinct identity stores with complete user profile information
available in the respective identity store.
•
The same user is available in both identity stores with some attributes in one store
and other attributes in the other store.
25-18
Chapter 25
Aggregating Multiple Identity Store LDAP Servers Using libOVD
Note:
If you are supporting self-registration with Active Directory, be sure to see the
troubleshooting note in Users Cannot Self-Register when WebCenter Portal
Configured with Active Directory.
This section contains the following topics:
•
Configuring libOVD for Identity Stores with Complete User Profiles
•
Configuring libOVD for Identity Stores with Partial User Profiles
•
Restoring the Single Authenticator
25.6.1 Configuring libOVD for Identity Stores with Complete User
Profiles
To configure libOVD where each identity store contains complete user profiles:
1. Create the required authenticators in the WLS Admin Console for the identity stores
being configured and restart the Weblogic Admin and managed servers for the
domain. Alternatively, you can also configure the identity store information in jpsconfig.xml by hand.
2. Update the identity store service instance in jps-config.xml and add a property
virtualize with the value true. You can do this either by editing the jps-config.xml
file by hand, or using Fusion Middleware Control.
3. WebCenter Portal lets users self-register, which creates a new user or group in the
identity store. Since multiple identity stores are being used, you also need to
explicitly specify the user create bases and group create bases in jps-config.xml.
This step must be done by directly editing jps-config.xml.
The jps-config.xml file should look like the example below after the configuration.
<serviceInstance provider="idstore.ldap.provider" name="idstore.ldap">
<property
value="oracle.security.jps.wls.internal.idstore.WlsLdapIdStoreConfigProvider"
name="idstore.config.provider"/>
<property value="oracle.security.idm.providers.stdldap.JNDIPool"
name="CONNECTION_POOL_CLASS"/>
<property value="true" name="virtualize"/>
<extendedProperty>
<name>user.create.bases</name>
<values>
<value>ou=people,ou=myrealm,dc=wc_domain</value>
</values>
</extendedProperty>
<extendedProperty>
<name>group.create.bases</name>
<values>
<value>ou=groups,ou=myrealm,dc=wc_domain</value>
</values>
</extendedProperty>
</serviceInstance>
25-19
Chapter 25
Aggregating Multiple Identity Store LDAP Servers Using libOVD
Be sure to replace the actual values for the user create base in
"ou=people,ou=myrealm,dc=wc_domain" and group create base
"ou=groups,ou=myrealm,dc=wc_domain."
25.6.2 Configuring libOVD for Identity Stores with Partial User Profiles
To configure libOVD where each identity store contains only partial user profiles:
1. Create the required authenticators in the WLS Admin Console for the identity stores
being configured and restart the Weblogic Admin and managed servers for the
domain. Alternatively, you can also configure the identity store information in jpsconfig.xml by hand.
2. Update the identity store service instance in jps-config.xml and add a property
virtualize with the value true. You can do this either by editing the jps-config.xml
file by hand, or using Fusion Middleware Control.
3. WebCenter Portal lets users self-register, which creates a new user or group in the
identity store. Since multiple identity stores are being used, you also need to
explicitly specify the user create bases and group create bases in jps-config.xml.
This step must be done by directly editing jps-config.xml.
The jps-config.xml file should look like the example below after the configuration.
<serviceInstance provider="idstore.ldap.provider" name="idstore.ldap">
<property
value="oracle.security.jps.wls.internal.idstore.WlsLdapIdStoreConfigProvider"
name="idstore.config.provider"/>
<property value="oracle.security.idm.providers.stdldap.JNDIPool"
name="CONNECTION_POOL_CLASS"/>
<property value="true" name="virtualize"/>
<extendedProperty>
<name>user.create.bases</name>
<values>
<value>ou=people,ou=myrealm,dc=wc_domain</value>
</values>
</extendedProperty>
<extendedProperty>
<name>group.create.bases</name>
<values>
<value>ou=groups,ou=myrealm,dc=wc_domain</value>
</values>
</extendedProperty>
</serviceInstance>
In the above example "ou=people,ou=myrealm,dc=wc_domain" and
"ou=groups,ou=myrealm,dc=wc_domain" are the user and group create bases
respectively. The actual values should be substituted while doing the configuration.
4. Run the following OVD WLST commands to configure the Join Adapter for the
identity stores. Go to MW_HOME/oracle_common/common/bin and invoke wlst.sh
(wlst.cmd in windows) and bring up the WLST prompt. Connect to the Weblogic
Administration Server and run the following WLST commands.
createJoinAdapter(adapterName="<Join Adapter Name>", root="<Namespace>",
primaryAdapter="<Primary adapter Name>")
addJoinRule(adapterName="<Join Adapter Name>", secondary="<Secondary Adapter
Name>", condition="<Join Condition>")
25-20
Chapter 25
Aggregating Multiple Identity Store LDAP Servers Using libOVD
If there are more secondary identity stores, then run the addJoinRule command for
each secondary identity store.
modifyLDAPAdapter(adapterName="<AuthenticatorName>", attribute="Visible",
value="Internal")
Run the above modifyLDAPAdapter command for each identity store that is
configured.
Example
Authenticator 1:
In this example, the same user is available in both identity stores with some attributes
in one store and some in the other. For this example, AD is the primary store and OID
is the secondary store.
Authenticator Name: AD
User Base: cn=users,dc=acme,dc=com
Authenticator 2:
Authenticator Name: OID
User Base: cn=users,dc=oid,dc=com
Perform steps 1 - 3 above, specifying the user.create.bases and group.create.bases
corresponding to the primary adapter's namespace.
Perform the following WLST commands:
createJoinAdapter(adapterName="JoinAdapter1", root="dc=acme,dc=com",
primaryAdapter="AD")
addJoinRule(adapterName="JoinAdapter1", secondary="OID", condition="uid=cn")
"uid=cn" is the join condition in the above example, which indicates that if the uid value
of a user in the secondary identity store (OID) matches with the cn value of the user in
the primary identity store (AD), then the attributes will be combined.
modifyLDAPAdapter(adapterName="OID", attribute="Visible", value="Internal")
modifyLDAPAdapter(adapterName="AD", attribute="Visible", value="Internal")
Restart the WebLogic Administration server and managed servers.
25.6.3 Restoring the Single Authenticator
You can restore the single authenticator by removing the Join Adapter rule, thereby
backing out the configuration done in Configuring libOVD for Identity Stores with
Partial User Profiles.
To remove the Join Adapter rule, connect to the Weblogic Administration Server and
run the following WLST commands:
deleteAdapter(adapterName="JoinAdapter1")
modifyLDAPAdapter(adapterName="oid auth", attribute="Visible", value="Yes")
modifyLDAPAdapter(adapterName="AD", attribute="Visible", value="Yes")
Restart the WebLogic Administration server and managed servers and make sure that
users from both identity stores are able to log in.
25-21
Chapter 25
Configuring Dynamic Groups for WebCenter Portal
25.7 Configuring Dynamic Groups for WebCenter Portal
A dynamic group is a static group that is dynamically populated. Dynamic groups can
be assigned to roles and used within WebCenter Portal in the same way as static
groups.
Within the application, WebCenter Portal does not distinguish between static and
dynamic groups. Dynamic groups are configured entirely in the identity store (and their
configuration is specific to the LDAP implementation being used), and exposed in the
same manner as static groups (in fact a dynamic group can be a composite of a static
member list and a dynamically determined membership).
The dynamic membership of the group is defined by setting the group's labeledURI
attribute with an appropriate LDAP query filter. The query filter defines the set of users
that will define the membership of the group.
For Oracle Internet Directory, you can create a dynamic group with an LDIF file and
using the ldapadd command, or using the Oracle Directory Services Manager (ODSM).
These two options are described in the following topics:
•
Creating a Dynamic Group Using an LDIF File
•
Creating a Dynamic Group Using the Oracle Directory Services Manager
Note:
Dynamic groups is not supported for LDAPs other than OID unless OVD is
used.
25.7.1 Creating a Dynamic Group Using an LDIF File
To create the dynamic group using an LDIF file:
1. Create an LDIF file with a text editor. The following example shows how a dynamic
group can be defined that represents all users under the default user search base,
with the title of "Manager":
Example: Defining a Dynamic Group Using an LDIF File
dn: cn=managers,cn=portal.070720.104824.056918000,cn=groups,dc=us,dc=oracle,dc=com
labeleduri: ldap://myserver.example.com:12061/cn=users,dc=us,dc=mybiz,dc=com
??sub?(title=Manager)
description: Dynamic Group of Managers
cn: Managers
orclisvisible: true
objectclass: orclDynamicGroup
objectclass: orclGroup
objectclass: top
objectclass: groupOfUniqueNames
displayname: Managers
owner: cn=fmwadmin,cn=users,dc=us,dc=mybiz,dc=com
25-22
Chapter 25
Configuring Dynamic Groups for WebCenter Portal
Note:
The labledURI syntax for an LDAP URL is defined in RFC 2255 (http://
www.faqs.org/rfcs/rfc2255.html). In the example above, it is representing a
search for any entry under the DN cn=users,dc=us,dc=mybiz,dc=com with the
attribute title=Manager. This is to be done on the server myserver.example.com
at LDAP port 12061 and using a subtree ("sub") search.
A dynamic group can be defined on any attribute or condition that can be
represented as an LDAP URL and defined in the labeledURI attribute. Dynamic
groups can also be defined using the ConnectBy assertion, which is included in
the orclDynamicGroup objectClass. Refer to theAdministering Oracle Internet
Directory for more information for this alternate approach.
2. Save the file, and then update the OID server by issuing the ldapadd command. For
example:
Example: Updating OID Using the ldapadd Command
ldapadd -h myserver -p 12061 -D cn=fmwadmin -w mybiz1 –f managers.ldif –v
add labeleduri: ldap://myserver.example.com:12061/cn=users,dc=us,dc=mybiz,dc=com??
sub?(title=Manager)
add description:
Dynamic Group of Managers
add cn:
Managers
add orclisvisible:
true
add objectclass:
orclDynamicGroup
orclGroup
top
groupOfUniqueNames
add displayname:
Managers
add owner:
cn=fmwadmin,cn=users,dc=us,dc=mybiz,dc=com
adding new entry cn=managers,cn=portal.
070720.104824.056918000,cn=groups,dc=us,dc=mybiz,dc=com
modify complete
25.7.2 Creating a Dynamic Group Using the Oracle Directory Services
Manager
To create a dynamic group using ODSM:
1. Invoke Oracle Directory Services Manager (ODSM) and connect to the Oracle
Internet Directory server.
Refer to Using Oracle Directory Services Manager in Administering Oracle Internet
Directory for information on invoking and using the Oracle Directory Services
Manager.
2. From the Go to list, select Data Browser.
3. Click the New Entry icon in the data browser.
25-23
Chapter 25
Configuring the REST Service Identity Asserter
4. Provide the DN and add the objectclasses orclDynamicGroup and
groupOfUniqueNames.
5. On the Mandatory Properties tab, provide the CN attribute.
6. On the Optional Properties tab, provide the attributes for labeleduri.
7. Click OK to complete the definition of the dynamic group.
When you refresh the tree view you'll see the new group that you created. Note that
group members will not be shown in ODSM.
25.8 Configuring the REST Service Identity Asserter
This section describes how to configure an identity asserter for the REST service. For
the REST service, including REST service APIs, to be used with WebCenter Portal
applications requires that an identity asserter be configured for it in the WebCenter
domain identity store. The following topics show how to configure OPSS Trust Service
instances and identity asserters for Oracle WebLogic Server.
This section contains the following topics:
•
Understanding the REST Service Instance and Identity Asserter
•
Setting up the Client Application
•
Configuring the WLS Trust Service Asserter
25.8.1 Understanding the REST Service Instance and Identity Asserter
Although WebCenter Portal and other Oracle WebLogic applications can use REST
APIs to display information the way they need to, since such calls originate from the
mid-tier, users will be prompted again to provide login credentials. To overcome this,
we use perimeter authentication where the user identity is propagated in the HTTP
header and asserted using the OPSS Trust Service Asserter.
In order to successfully propagate user identity from one application to another
application, these applications must be using correctly configured Trust Service
instances. Figure 25-7 shows the different components involved in the identity
propagation and assertion.
25-24
Chapter 25
Configuring the REST Service Identity Asserter
Figure 25-7
REST Identity Propagation and Assertion
The following depicts the sequence of events involved in REST identity propagation
and assertion:
1.
End clients (browsers, smart phone applications) connect to a WebCenter Portal
application.
2.
The application page queries data from REST APIs and builds its own UI on top
and therefore needs to call the REST end point.
3.
The application calls WebCenter Security API
(WCSecurityUtility.issueTrustServiceSecurityToken) to issue the token used for
securely propagating the user identity. The token is generated using the Trust
Service Embedded Provider. Generated tokens are compressed to optimize token
size and then BASE64-encoded to ensure that the token can be safely transported
using an HTTP header.
4.
The application takes the issued token and adds it against the "Authorization"
security header. The client then dispatches the token as part of its call to the
REST URI.
5.
WebLogic Server checks if the identity asserter exists for the given token type.
6.
The identity asserter parses and verifies that the token is using OPSS Trust
Service APIs.
7.
The asserter maps the username to a WLS username, a user Subject is
established, and the call ends up on the REST application.
8.
The REST application recognizes that the user is already an authenticated user
and sends a response. The WebCenter Portal uses the response and shows the
page to the end user.
25.8.2 Setting up the Client Application
This section describes how to configure the client for a REST service identity asserter.
25-25
Chapter 25
Configuring the REST Service Identity Asserter
To configure the client for a REST service identity asserter:
1.
Using JDeveloper, create the client application.
The client application could be a JSE or a servlet application. The following
example shows the skeleton of a sample client application.
// The authenticated username
// String user = "weblogic";
// URL of the target application
URL url = "http://host:port/destinationApp";
//----------------------------------------String b64EncodedToken = WCSecurityUtility.issueTrustServiceSecurityToken()
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("GET");
connection.setDoOutput(true);
connection.setReadTimeout(10000);
connection.setRequestProperty("Authorization", AUTH_TYPE_NAME + " " +
b64EncodedToken);
connection.connect();
BufferedReader rd = new BufferedReader(new InputStreamReader(
connection.getInputStream()));
StringBuilder sb = new StringBuilder();
String line = null;
while ((line = rd.readLine()) != null) {
sb.append(line);
}
connection.disconnect();
System.out.println(sb.toString());
2.
Create and configure the keystore as shown in Creating the WebCenter Portal
Domain Keystore, and then configure WebLogic Server for the identity asserter.
The keystore is first provisioned for a client certificate and private key. The client
certificate is then exported and imported into a trust key store..
3.
Edit the jps-config.xml configuration file.
a.
Navigate to your DOMAIN_HOME/config/fmwconfig directory and open the jpsconfig.xml file in a text editor.
b.
Make sure you have the following in the jps-config.xml file:
<serviceInstance name="keystore" provider="keystore.provider" location="./
default-keystore.jks">
c.
Modify the trust.provider.embedded propertySet node as below:
<propertySets>
<propertySet name="trust.provider.embedded">
... existing entries
<property value="orakey" name="trust.aliasName"/>
<property value="orakey" name="trust.issuerName"/>
</propertySet>
</propertySets>
Where:
trust.aliasName is the alias looked up by the identity asserter in the configured
keystore for a certificate with which the asserter verifies the issued trust token.
25-26
Chapter 25
Configuring the REST Service Identity Asserter
trust.issuerName is the alias looked up by the token issuer to look up the
private key with which the trust token is issued/signed.
4.
If the client and REST applications are in different domains, repeat these steps for
both domains.
5.
Restart all servers.
25.8.3 Configuring the WLS Trust Service Asserter
This section describes how to configure the WebLogic Server Trust Service asserter.
To configure the WebLogic Server Trust Service asserter:
1. Log into the WebLogic Administration Console as an administrator.
2. Navigate to Security Realms -> myrealm.
3. Open the Providers tab, and then the Authentication subtab.
The Create a New Authentication Provider page displays.
4. Enter the Name of the new asserter (for example, TrustServiceIdAsserter).
5. Select TrustServiceIdentityAsserter as the asserter Type.
This asserter calls the Trust Service APIs to decode and validate the token from the
incoming request, and pass the username to the WebLogic for establishing the
asserted subject.
6. Click OK to save your changes.
7. Restart all managed servers.
25-27
Chapter 25
Configuring the REST Service Identity Asserter
25-28
26
Configuring the Policy and Credential Store
Configure the policy and credential store to use an external LDAP server such as
Oracle Internet Directory (OID).
Initially, the policy and credential store for WebCenter Portal is configured to use a
database. For production environments, your policy and credential store must be
configured to use the default database or an external LDAP (either Oracle Internet
Directory 11gR1 or 10.1.4.3). You should not attempt to use a file-based LDAP for HA
or production environments.
Reassociating the policy and credential store with OID consists of creating a root node
in the LDAP directory, and then reassociating the policy and credential store with the
OID server using Fusion Middleware Control, or from the command line using WLST.
Note that if you reassociate the policy and credential store to use an external LDAPbased store, the credential store and policy store must be configured to use the same
LDAP server. The identity store can, however, use any of the other supported LDAP
servers; it does not need to use the same LDAP server as the policy and credential
stores. For troubleshooting information, see Reassociation Failure in Securing
Applications with Oracle Platform Security Services.
Caution:
Before reassociating the policy store, be sure to back up the relevant
configuration files:
•
jps-config.xml
•
system-jazn-data.xml
As a precaution, you should also back up the boot.properties file for the
Administration Server for the domain.
Permissions:
To perform the tasks in this chapter, you must be granted the WebLogic
Server Admin role through the Oracle WebLogic Server Administration
Console. Users with the Monitor or Operator roles can view security
information but cannot make changes.
See also Understanding Administrative Operations, Roles, and Tools.
Topics:
•
Creating a root Node
•
Reassociating the Credential and Policy Store Using Fusion Middleware Control
•
Reassociating the Credential and Policy Store Using WLST
26-1
Chapter 26
Creating a root Node
•
Managing Credentials
•
Managing Users and Application Roles
•
Configuring Self-Registration By Invitation in WebCenter Portal
•
Setting the Policy Store Refresh Interval and Other Cache Settings
26.1 Creating a root Node
The first step in reassociating the policy and credential store with OID, is to create an
LDIF file in the LDAP directory and add a root node under which all data is added. To
create the root node, follow the steps in Prerequisites to Using an LDAP-Based
Security Store in Securing Applications with Oracle Platform Security Services. After
creating the file and adding the node, continue by reassociating the store using either
Fusion Middleware Control or WLST.
26.2 Reassociating the Credential and Policy Store Using
Fusion Middleware Control
Before reassociating the policy and credential store with Oracle Internet Directory, you
must first have created the root node as described in Prerequisites to Using an LDAPBased Security Store in Securing Applications with Oracle Platform Security Services.
After creating the root node, follow the steps in Reassociating with Fusion Middleware
Control in Securing Applications with Oracle Platform Security Services. If the
reassociation fails, see Reassociation Failure in Securing Applications with Oracle
Platform Security Services.
26.3 Reassociating the Credential and Policy Store Using
WLST
Before reassociating the policy and credential store with Oracle Internet Directory, you
must first have created the root node as described in Prerequisites to Using the LDAP
Policy Store in Securing Applications with Oracle Platform Security Services. If the
reassociation fails, see Reassociation Failure in Securing Applications with Oracle
Platform Security Services.
To reassociate the Credential and Policy Store using WLST:
1. Start WLST as described in Running Oracle WebLogic Scripting Tool (WLST)
Commands.
2. Connect to the Administration Server for the target domain with the following
command:
connect('username>,'password', 'host_id:port')
where:
•
username is the administrator account name used to access the Administration
Server (for example, weblogic)
•
password is the administrator password used to access the Administration
Server (for example, weblogic)
26-2
Chapter 26
Managing Credentials
•
host_id is the server ID of the Administration Server (for example, example.com)
•
port is the port number of the Administration Server (for example, 7001).
3. Reassociate the policy and credential store using the reassociateSecurityStore
command:
reassociateSecurityStore(domain="domain_name", admin="admin_name",
password="password",
ldapurl="ldap_uri", servertype="ldap_srvr_type", jpsroot="root_webcenter_xxxx")
Where:
•
domain_name specifies the domain name where reassociation takes place.
•
admin_name specifies the administrator's user name on the LDAP server. The
format is cn=usrName.
•
password specifies the password associated with the user specified for the
argument admin.
•
ldap_uri specifies the URI of the LDAP server. The format is ldap://host:port,
if you are using a default port, or ldaps://host:port, if you are using a secure
LDAP port. The secure port must have been configured to handle an
anonymous SSL connection, and it is distinct from the default (non-secure)
port.
•
ldap_srvr_type specifies the kind of the target LDAP server. Specify OID for
Oracle Internet Directory.
•
root_webcenter_xxxx specifies the root node in the target LDAP repository under
which all data is migrated. Be sure to include the cn=. The format is cn=nodeName.
All arguments are required. For example:
reassociateSecurityStore(domain="myDomain", admin="cn=adminName",
password="myPass", ldapurl="ldaps://myhost.example.com:3060", servertype="OID",
jpsroot="cn=testNode")
26.4 Managing Credentials
Administrators can manage credentials for the WebCenter Portal domain credential
store using Fusion Middleware Control. For more information, see Managing
Credentials with Fusion Middleware Control in Securing Applications with Oracle
Platform Security Services.
26.5 Managing Users and Application Roles
This section describes how you can use Fusion Middleware Control, WLST, and the
runtime administration pages in WebCenter Portal to manage users and application
roles.
This section contains the following subsections:
•
Granting the WebCenter Portal Administrator Role
•
Granting Application Roles
•
Using the Runtime Administration Pages
26-3
Chapter 26
Managing Users and Application Roles
26.5.1 Granting the WebCenter Portal Administrator Role
WebCenter Portal only recognizes users in the identity store that is mapped by the first
authenticator. Since the WebCenter Portal Administrator account is initially created
only in the embedded LDAP server, if an external LDAP such as Oracle Internet
Directory is configured as the primary authenticator for WebCenter Portal, you must
also create a user in that LDAP and grant that user the WebCenter Portal
Administrator role.
You can grant a user the WebCenter Portal Administrator role using Fusion
Middleware Control or WLST as shown below in the sections on:
•
Granting the WebCenter Portal Administrator Role Using Fusion Middleware
Control
•
Granting the WebCenter Portal Administrator Role Using WLST
26.5.1.1 Granting the WebCenter Portal Administrator Role Using Fusion
Middleware Control
This section describes how to grant the WebCenter Portal administrator role to a user
account other than the default "weblogic" account.
To grant the WebCenter Portal Administrator role using Fusion Middleware Control:
1.
Log into Fusion Middleware Control and navigate to the WebCenter Portal home
page.
See Navigating to the Home Page for WebCenter Portal.
2.
From the WebCenter Portal menu, select Security and then Application Roles.
The Application Roles page opens (see Figure 26-1).
Figure 26-1
3.
Application Roles Page
Search for the WebCenter Portal Administrator role:
•
In the Role Name field, enter the following internal identifier for the
Administrator role, and then click the Search (arrow) icon:
s8bba98ff_4cbb_40b8_beee_296c916a23ed#-#Administrator
The search should return s8bba98ff_4cbb_40b8_beee_296c916a23ed#-#Administrator,
which is the administrator role identifier.
4.
Click the administrator role identifier from the search results and click Edit.
The Edit Application Role page opens (see Figure 26-2).
26-4
Chapter 26
Managing Users and Application Roles
Figure 26-2
5.
Edit Application Role Page
Click Add from the Members section.
The Add Principal dialog opens (see Figure 26-3).
Figure 26-3
6.
Add Principal Dialog
Search for the user to assign the Administrator role to.
a.
From the Type drop-down, select User.
b.
Enter search criteria in the Principal Name and/or Display Name fields to
either include part of the user name and/or the initial characters of the user
name.
c.
Optionally, when you select User, select the Check to enter principal name
here option from the Advanced Option section, enter your search criteria in
the Principal Name and/or Display Name fields.
d.
Click OK.
The Add Principal dialog closes and the user name is added to the list of
members.
7.
To remove the weblogic role from the Edit Application Role page, select the role
and click Delete, then click Yes on the confirmation dialog.
8.
On the Edit Application Role page, click OK.
26.5.1.2 Granting the WebCenter Portal Administrator Role Using WLST
To grant the WebCenter Portal Administrator role to another user using WLST:
1. Start WLST as described in Running Oracle WebLogic Scripting Tool (WLST)
Commands.
26-5
Chapter 26
Managing Users and Application Roles
2. Connect to the WebCenter Portal Administration Server for the target domain with
the following command:
connect('user_name','password, 'host_id:port')
Where:
•
user_name is the name of the user account with which to access the
Administration Server (for example, weblogic)
•
password is the password with which to access the Administration Server
•
host_id is the host ID of the Administration Server
•
port is the port number of the Administration Server (for example, 7001).
3. Grant the WebCenter Portal administrator application role to the user in Oracle
Internet Directory using the grantAppRole command as shown below:
grantAppRole(appStripe="webcenter",
appRoleName="s8bba98ff_4cbb_40b8_beee_296c916a23ed#-#Administrator",
principalClass="weblogic.security.principal.WLSUserImpl",
principalName="wc_admin")
Where wc_admin is the name of the administrator account to create.
4. To test the new account, log into WebCenter Portal using the new account name.
The Administration link should appear, and you should be able to perform all
administrator operations.
5. After granting the WebCenter Portal Administrator role to new accounts, remove
this role from accounts that no longer need or require it using the WLST
revokeAppRole command. For example, if WebCenter Portal was installed with a
different administrator user name than weblogic, the administrator role should be
given to that user and should be revoked from the default weblogic.
revokeAppRole(appStripe="webcenter",
appRoleName="s8bba98ff_4cbb_40b8_beee_296c916a23ed#-#Administrator",
principalClass="weblogic.security.principal.WLSUserImpl",
principalName="weblogic")
26.5.2 Granting Application Roles
This section describes how to add users to application roles using Fusion Middleware
Control and WLST commands.
This section contains the following topics:
•
Granting Application Roles Using Fusion Middleware Control
•
Granting Application Roles Using WLST
26.5.2.1 Granting Application Roles Using Fusion Middleware Control
This section describes how to grant an application role to users using Fusion
Middleware Control.
1.
Log in to Fusion Middleware Control and navigate to the home page for
WebCenter Portal.
2.
From the WebCenter Portal menu, select Security and then Application Roles.
26-6
Chapter 26
Managing Users and Application Roles
The Application Roles page opens.
Figure 26-4
3.
Application Roles Page
In the Role Name field, enter webcenter to search for all application roles in
WebCenter Portal, or enter the name of the role (for example,
appConnectionManager), and then click the Search (arrow) icon: .
If you are not sure of the name, enter a partial search term or leave the field blank
to display all the application roles.
The Application Roles page opens.
Figure 26-5
4.
Application Roles Page
Select the role you want to add the user to, then click Edit.
For example, to add a user to the Public Role, select the row Public Role.
Figure 26-6
5.
Role Name Search Results
In the Edit Application page that opens for the selected role, click Add .
26-7
Chapter 26
Managing Users and Application Roles
Figure 26-7
6.
Edit Application Role Page
In the Add Principal dialog that opens, search for the user.
a.
From the Type drop-down, select User.
b.
Enter search criteria in the Principal Name and/or Display Name fields to
either include part of the user name and/or the initial characters of the user
name.
c.
Select the user name from the Searched Principals table, then click OK.
The Add Principal dialog closes and the user name is added to the list of
members for the application role on the Edit Application Role page.
Figure 26-8
User Added t