Skip Headers
Oracle® Fusion Middleware Administrator's Guide for Oracle WebCenter
11g Release 1 (11.1.1)
Part Number E12405-11
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Master Index
Master Index		 Go to Feedback page
Contact Us
Go to previous page
Previous		 Go to next page
Next
View PDF

11 Managing Content Repositories

Oracle WebCenter enables content integration through:

This chapter describes how to configure and manage content repositories used by WebCenter applications. For more information about managing and including content in WebCenter applications, see:

Note:

Content repository configuration changes that you make through Fusion Middleware Control or using WLST are not dynamic; you need to restart the managed server on which the WebCenter application is deployed for your changes to take effect. See Section 8.2, "Starting and Stopping Managed Servers for WebCenter Application Deployments".

This chapter contains the following sections:

Audience

The content of this chapter is intended for Fusion Middleware administrators (users granted the Admin or Operator role through the Oracle WebLogic Server Administration Console). See Section 1.8, "Understanding Administrative Operations, Roles, and Tools".

11.1 What You Should Know About Content Repository Connections

Oracle WebCenter's support of the JCR 1.0 open document standard enables integration with multiple back-end content stores. Oracle WebCenter supports the following content repositories: Oracle Content Server, Oracle Portal, and the file system.

Prerequisites for each content repository are described in the following sections:

WebCenter users need to store, publish, and share files. The Documents service provides content management and storage capabilities for WebCenter applications, including content upload, file and folder creation and management, file check out, versioning, and so on. To do this, the Documents service requires at least one content repository connection (WebCenter applications can support multiple content repository connections) to be made active (default):

When Oracle Content Server is the content repository (required for WebCenter Spaces), the Documents service and Oracle Content Server must be connected to the same identity store that is used by WebCenter Spaces.

Just like other service connections, post-deployment content repository connections are registered and managed through Fusion Middleware Control or using the WLST command-line tool. Connection information is stored in configuration files and in the MDS repository. For more information, see Section 1.3.5, "Oracle WebCenter Configuration Considerations."

Always use Fusion Middleware Control or the WLST command-line tool to review and configure back-end services for WebCenter applications. Any changes that you make to WebCenter applications, post-deployment, are stored in the Oracle Metadata Service (MDS) repository as customizations.

Once connection details are defined, WebCenter users can expose the content of the connected content repositories through several ADF Faces components, such as <af:image>, <af:inlineFrame>, and <af:goLink>, and built-in Documents service task flows (Document Manager, Folder Viewer, and Recent Documents). For more information, see "Working with Page Content" and "Working with the Documents Service" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

11.2 Oracle Content Server Prerequisites

This section discusses the prerequisites for an Oracle Content Server content repository in the following subsections:

11.2.1 Oracle Content Server 11g - Installation

Oracle Content Server 11g is installed as a part of Oracle Universal Content Management (Oracle UCM). Oracle UCM is a product of Oracle Enterprise Content Management Suite, which is an Oracle Fusion Middleware component. For information about upgrading Oracle Content 10g release 3 to Oracle Content Server 11g, see the Oracle Fusion Middleware Upgrade Guide for Oracle Enterprise Content Management Suite at http://download.oracle.com/docs/cd/E14571_01/doc.1111/e16451/upgrade_ecm.htm.

While installing Oracle Content Server, you may also install Oracle Inbound Refinery (Oracle IBR). Oracle IBR is a conversion server that manages file conversions for electronic assets such as documents, digital images, and motion videos. It also provides thumbnail functionality for documents and images and storyboarding for videos. You can use Oracle IBR to convert content items stored in Oracle Content Server.

For information about installing Oracle Content Server, see the section "Oracle Content Server - Installation" in Oracle Fusion Middleware Installation Guide for Oracle WebCenter.

11.2.2 Oracle Content Server 11g - Configuration

This section includes the following subsections:

11.2.2.1 Configuring Oracle Content Server 11g for All WebCenter Applications

After installing Oracle Content Server 11g, perform the configuration tasks listed in Table 11-1. These tasks are common for both WebCenter Portal applications and WebCenter Spaces. This section also includes the following sections to which the tasks in Table 11-1 refer:

Table 11-1 Oracle WebCenter-Specific Postinstallation Configuration Tasks for Oracle Content Server

Task Description Documentation

Enable the Folders_g component

This component provides hierarchical folder interface to content in Oracle Content Server.

This task is mandatory.

For information, see the section "Enabling and Disabling a Component" in the Oracle Fusion Middleware System Administrator's Guide for Universal Content Management.

Enable the DynamicConverter component

This component enables HTML renditions. Slide Previewer is available in WebCenter when both DynamicConverter and the WebCenterConfigure components are installed. (This component must be installed before installing the WebCenterConfigure component.)

This task is optional but recommended.

For information, see the section "Enabling and Disabling a Component" in the Oracle Fusion Middleware System Administrator's Guide for Universal Content Management.

Enable the WebCenterConfigure component

This component configures an instance of Oracle Content Server for WebCenter applications. It sets configuration settings and adds services among other things. (This component must be installed after installing the DynamicConverter component.)

This task is mandatory.

For information about the tasks this component performs, see Section 11.2.2.1.3, "What You Should Know About the WebCenterConfigure Component."

For information, see the section "Enabling and Disabling a Component" in the Oracle Fusion Middleware System Administrator's Guide for Universal Content Management.

Configure Oracle Inbound Refinery (IBR)

This is a conversion server that manages file conversions for electronic assets such as documents, digital images, and motion videos. It also provides thumbnail functionality for documents and images and storyboarding for videos. You can use Oracle IBR to convert content items stored in Oracle Content Server.

This task is optional. However, thumbnails or renditions in WebCenter applications do not display if Oracle IBR is not configured.

For information, see the chapter "Configuring Oracle Inbound Refinery" in the Oracle Fusion Middleware Installation Guide for Oracle Enterprise Content Management Suite.

Configure FileStore Provider

This is required to store content files in the database.

This task is optional.

For information, see the section "FileStore Provider Information Page" in the appendix "System Properties and Settings Interface" in the Oracle Fusion Middleware System Administrator's Guide for Universal Content Management.

Configure Oracle Content Server to use an LDAP-based identity store

Oracle Content Server must be configured to use the same identity store LDAP server as Oracle WebCenter Spaces.

In a production environment, Oracle Content Server must use an external LDAP based identity store.

For information, see Section 11.2.2.3, "Configuring Security Between Oracle Content Server 11g and WebCenter Portal Applications" and "Configuring the LDAP Identity Store Service" in the Oracle Fusion Middleware Security Guide.

Configure Secure Sockets Layer (SSL)

SSL is required only when the type of Oracle Content Server connection is socketssl.

This task is optional.

For information, see Section 31.7, "Securing the WebCenter Spaces Connection to Oracle Content Server with SSL."

Configure Oracle HTTP Server (OHS)

Configure OHS for Single-Sign On to function properly between Site Studio and Oracle Content Server UI.

This task is optional. However if OHS is not configured, certain functionality will not be available, such as Document Manager document rendition support, advanced metadata edit, the IFRAME functionality, and so on.

For information, see Appendix B, "Oracle HTTP Server Configuration for WebCenter" and the section "Configuring the mod_wl_ohs Module" in Oracle Fusion Middleware Administrator's Guide for Oracle HTTP Server.

Configure SES Crawler

You can override the default search adapters and use Oracle SES to get unified ranking results for WebCenter resources such as, documents, pages, people, and so on.

This task is optional.

For information, see Section 21.5.3, "Setting Up Oracle Content Server for Oracle SES Search."

Enable Site Studio components (SiteStudio, SiteStudioExternalApplications)

Enabling the Site Studio components allows the use of Site Studio to create and use SiteStudio assets (region definitions and display templates) in Content Presenter.

This task is optional.

For information, see the section "Enabling and Disabling a Component" in Oracle Fusion Middleware System Administrator's Guide for Universal Content Management. See also Oracle Fusion Middleware Administrator and Manager's Guide for Site Studio.

Enable OracleTextSearch

By default, the database used by Oracle Content Server is set up to provide metadata-only searching and indexing capabilities. However, you can modify the default configuration of the database to additionally support full-text searching and indexing. Configuring full-text searching and indexing capabilities is optional, but advisable. For full-text search, it is recommended that you use the OracleTextSearch option.

OracleTextSearch index must always be in an Oracle database, regardless of the database type used for the main schema.

This task is optional but recommended.

For information, see the section "Configuring Oracle Text Search for Oracle Content Server" in Oracle Fusion Middleware Installation Guide for Oracle Enterprise Content Management Suite and the section "Site Studio Integration" in Oracle Fusion Middleware Application Administrator's Guide for Content Server.

Enable the WebCenterConversions component

This component lets users convert wikis and blogs into PDFs. It requires OpenOffice's integration with IBR.

See Section 11.2.2.1.1, "Enabling the Conversion of Wikis and Blogs into PDFs."

For information about setting up OpenOffice with IBR, see chapters "Managing Conversions" and "Working with PDF Conversions" in Oracle Fusion Middleware Administrator's Guide for Conversion.

Configure Item Level Security

The Documents service has the ability to use item level security to override the default Spaces document security model or to expose Oracle Content Server document security in a WebCenter Portal application. Using item level security allows Oracle Content Server folders (and their children) or individual documents to have unique security permissions. To enable the Documents service to support item level security, some parameters are set in Oracle Content Server. For example, RoleEntityACL. For information about how to set their values, see Section 11.2.2.2, "Configuring Oracle Content Server 11g to Support Item Level Security in All WebCenter Applications." See also, "Setting Security Options on a Folder or File" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

This task is optional.

For information, see Section 11.2.2.2.1, "What You Should Know About Item Level Security" and Section 11.2.2.2, "Configuring Oracle Content Server 11g to Support Item Level Security in All WebCenter Applications."

Create Content Profiles

WebCenter enables Oracle Content Server profiles to be used in a number of places within WebCenter applications:

  • When uploading content, a profile can be selected to check in the document through the Oracle Content Server UI that is launched by IFRAME.

  • During content uploads, a content profile can be selected to associate with a new document.

  • During a document manager search, a content profile can be used as part of an advanced search criteria.

  • During a document advanced properties edit, the associated metadata fields for a given content profile can be exposed for edit /update through the Document Manager task flow.

  • In the Content Presenter task flow, a content profile can be used as part of query search to select the content to display.

  • When creating a custom Content Presenter template, the metadata fields associated with a content profile can be used for rendering by the template.

This task is optional.

For important considerations, see Section 11.2.2.1.4, "What You Should Know About Creating Content Profiles in Oracle Content Server."

For information about creating content profiles, see the chapter "Managing Metadata" in the Oracle Fusion Middleware Application Administrator's Guide for Content Server.

For information about mandatory fields for check-in, see the chapter "Checking In Files" in the Oracle Fusion Middleware User's Guide for Content Server.

11.2.2.1.1 Enabling the Conversion of Wikis and Blogs into PDFs

Before You Begin Before you can enable the conversion of wikis and blogs into PDFs in WebCenter applications, you must first set up the OpenOffice integration with IBR. For information, see "Setting PDF Files as the Primary Web-Viewable Rendition" in Oracle Fusion Middleware Administrator's Guide for Conversion.

How to Enable Conversion through OpenOffice As described in this section, enabling the conversion of wikis and blogs into PDFs requires you to first install the WebCenterConversions component, then configure OpenOffice, which converts HTMLs to PDFs, in the Inbound Refinery server and Oracle Content Server respectively.

Tip:

See also, "File Formats Converted to PDF by Open Office" at Oracle Fusion Middleware Administrator's Guide for Conversion.

To install the WebCenterConversion component:

  1. Log in to the Inbound Refinery server.

  2. Expand the Administration node, then select Admin Server.

    This displays the Oracle Content Admin Server page.

  3. In the Component Manager, click the advanced component manager link.

    This displays the Advanced Component Manager page.

  4. In the Install New Component section, select WebCenterConversions.zip from ORACLE_HOME/oracle.webcenter.ucm/install/, then click Install.

    The OpenOfficeConversion displays in the Disabled Components box.

  5. Select OpenOfficeConversion and click Enable.

  6. Restart the Inbound Refinery server.

To configure OpenOffice in Inbound Refinery:

  1. In the Inbound Refinery server, under Conversion Settings, click the Conversion Listing link.

    This displays the Conversion Listing page.

  2. In the Conversions table, select the Accept checkbox for HtmToPDFOpenOffice, as shown in Figure 11-1, and click Update.

    Figure 11-1 HtmToPDFOpenOffice Selected in Inbound Refinery Server

    Description of Figure 11-1 follows
    Description of "Figure 11-1 HtmToPDFOpenOffice Selected in Inbound Refinery Server"

The HtmToPDFOpenOffice option that you just enabled in IBR will now display in the associated Oracle Content Server instance.

To enable OpenOffice in Oracle Content Server:

  1. Log in to Oracle Content Server.

  2. Expand the Administration node, then Refinery Administration, and then click File Formats Wizard.

  3. Under Select File Types, select the checkbox for Convert HTM to PDF with OpenOffice (HtmToPDFOpenOffice), as shown in Figure 11-2, and click Update.

    Figure 11-2 HtmToPDFOpenOffice Option Selected in Oracle Content Server

    Description of Figure 11-2 follows
    Description of "Figure 11-2 HtmToPDFOpenOffice Option Selected in Oracle Content Server"

11.2.2.1.2 Disabling Undesirable Site Asset Categories in Oracle Site Studio

You can disable or hide Site Asset categories that the Site Studio users may not require when designing region display templates. The following are the Site Asset categories that are not needed for typical Content Presenter implementations, and therefore, can be removed:

  • Placeholder Definitions

  • Page Templates

  • Subtemplates

  • Native Documents

  • Other Media

  • Manager Configuration Settings

  • Conversion Definitions

To remove Site Asset categories for each site:

  1. Run the Site Studio Designer and log into the site for which you want to disable these categories.

  2. Click Edit Site Asset Categories, as shown in Figure 11-3.

    Figure 11-3 Edit Site Asset Categories Button in Site Studio Designer

    Description of Figure 11-3 follows
    Description of "Figure 11-3 Edit Site Asset Categories Button in Site Studio Designer"

  3. In the Site Asset Categories dialog, select a category that is not required by the users, and click X, as shown in Figure 11-4.

    Figure 11-4 Site Asset Categories Dialog

    Description of Figure 11-4 follows
    Description of "Figure 11-4 Site Asset Categories Dialog"

11.2.2.1.3 What You Should Know About the WebCenterConfigure Component

Consider the following when working with the WebCenterConfigure component (Table 11-1) of Oracle Content Server:

  • When a WebCenter application starts up, if the active connection is to an Oracle Content Server 11.1.1.4.0, or higher, and the WebCenterConfigure component is enabled, the following Workflows are seeded:

    applicationNameWCAllApprover 
applicationNameWCAllReviewer 
applicationNameWCSingleApprover

    where applicationName is the application name specified in the Document Properties. For example, the following workflows will be seeded for an application named myOCSapp:

    myOCSappWCAllApprover
 myOCSappWCAllReviewer
 myOCSappWCSingleApprover

    Note:

    If the application name is longer than 14 characters, it is truncated to 14 characters (losing the characters off the end) before adding to the workflow names. For example if the application name is WebCenterApplicationName, the workflow names will be: WebCenterAppliWCAllApprover, WebCenterAppliWCAllReviewer, and WebCenterAppliWCSingleApprover.

  • Enabling the WebCenterConfigure component allows for the following tasks (Table 11-2) in the Oracle Content Server:

    Table 11-2 Tasks Associated with the WebCenterConfigure Component

    Tasks Pointers to Verify the Completion of Tasks

    Enables accounts

    Oracle Content Server > Administration > Admin Server > General Configuration > Enable Accounts checkbox

    or

    FMW_HOME/user_projects/domains/ucm_domain/ucm/cs/config/config.cfg file. The setting in this file is UseAccounts=1.

    Allows updates to documents that are yet to be released

    Oracle Content Server > Administration > Admin Server > General Configuration > Additional Configuration Variables

    or

    FMW_HOME/user_projects/domains/ucm_domain/ucm/cs/config/config.cfg

    The setting is AllowUpdateForGenwww=1

    Disables the cache for folders

    CollectionUseCache is set to false by the WebCenterConfigure component each time the server starts up. This setting is visible in Administration > System Audit Information > Configuration Entry Information > Click All Environment Keys > shows all environment settings.

    or

    See the FMW_HOME/user_projects/domains/ucm_domain/ucm/cs/config/config.cfg file.The setting is CollectionUseCache=1.

    Adds metadata fields:

    • xWCTags

    • xWCPageId

    • xWCWorkflowAssignment

    • xWCWorkflowApproverUserList

    You can view, edit, and add metadata fields here: Oracle Content Server > Administration > Admin Applets > Configuration Manager > Information Fields tab.

    Sets Folder settings

    • System Default Information Field Configuration: Doc Type = Document

    • Information Field Inherit Configuration


      xWCWorkflowAssignment
      xWCWorkflowApproverUserList

    Oracle Content Server > Administration > Folder Configuration > System Default Information Field Configuration

    Oracle Content Server > Administration > Folder Configuration > Information Field Inherit Configuration

    Adds the WCWorkflowApproverUserToken workflow token

    Oracle Content Server > Administration > Admin Applets > Workflow Admin > Options > Tokens menu

    Adds three DynamicConverter templates

    If the DynamicConverter component is enabled, the DynamicConverter service is called to create the three DynamicConverter templates.

    Overrides certain behavior of the Site Studio Switch Content wizard to make Site Studio work in the WebCenter environment

    This provides access to the Site Studio Switch Content wizard and the Site Studio Contributor editor from within Content Presenter to allow for adding and editing Site Studio documents from WebCenter.

    • The contentwizard.hcsp and contentwizard.js files are copied from the /WebCenterConfigure.zip/component/WebCenterConfigure/publish/contentwizard/ directory to the OCS_HOME/cs/weblayout/resources/wcm/custom/sitestudio/contentwizard/webcenter/ directory.

    • The wcm.sitestudio.form.js file is copied from the /WebCenterConfigure.zip/component/WebCenterConfigure/publish/contentwizard/directory to the OCS_HOME/cs/weblayout/resources/wcm/custom/sitestudio/ directory.

11.2.2.1.4 What You Should Know About Creating Content Profiles in Oracle Content Server

The fields described in the section "Content Check-In Form" (see the table) in the "User Interface" appendix in the Oracle Fusion Middleware User's Guide for Content Server are mandatory for Oracle Content Server. All content profiles must include them, otherwise the check-in will fail.

To ensure that upload using profiles is successful in all WebCenter applications, additional fields listed in Table 11-3 are mandatory for Oracle Content Server profiles. As indicated in this table, some fields can be added as hidden or information fields to the profile. They can also be added as a separate rule to be included in other profiles as needed.

Table 11-3 Required Fields for Profiles

Field Display Name Field Name Recommended Field Permissions Setting Comments

Title

dDocTitle

EDIT

User must enter a title.

Content ID

dDocName

INFO

Set to EDIT if you want to allow users to enter their own Content ID names.

Folder

xCollectionID

INFO

Set to EDIT if you want to allow users to override folder location.

Type

dDocType

EDIT

Recommend EDIT to allow for end user document type selection.

Profile

xIdcProfile

INFO

Used to store profile that is associated with the content file. Do not set this field to Edit.

Revision

dRevLabel

INFO

Recommend setting it to INFO. Oracle Content Server auto-assigns the edit revision number.

Security Group

dSecurityGroup

INFO

Recommend setting it to INFO. WebCenter Spaces auto-assigns this value.

Account

dDocAccount

EDIT

Although Spaces auto-assigns this value, it is recommended that this field is editable or hidden to avoid errors.

WorkflowAssignment

xWCWorkflowAssignement

INFO

Must be set to INFO. Spaces manages this value.

WorkflowApprover

xWCWorkflowApproverUserList

INFO

Must be set to INFO. Spaces manages this value.

Web Site Object Type

xWebsiteObjectType

INFO

Must be set to INFO, or it should be hidden. Used by Content Presenter during SiteStudio contributor data file creation.

Region Definition

xRegionDefinition

INFO

Must be set to INFO, or it should be hidden only. Used by Content Presenter during SiteStudio contributor data file creation.

Tags

xWCTags

INFO

Recommend setting it to INFO. Spaces manages this value.

Page ID

xWCPageID

INFO

Recommend setting it to INFO. Spaces manages this value.

11.2.2.2 Configuring Oracle Content Server 11g to Support Item Level Security in All WebCenter Applications

This section includes the following sections:

11.2.2.2.1 What You Should Know About Item Level Security

Oracle WebCenter allows custom permissions to be set on a file or a folder. This feature is referred to as Item level Security (ILS). Once configured, the feature can be accessed from the File menu > Security option when viewing a file or folder (See Section 34.6.1, "Managing Content").

Item level security is designed to replace the existing file or folder security with a custom set of permissions. When applied to a file, the custom permissions affect only that file. When applied to a folder, the updated security is propagated to all child files and folders recursively, stopping when a folder is encountered with its own custom permissions. The propagation does not affect a file with its own custom permissions.

Item Level Security cannot be applied to the root folder of a Space in the WebCenter Spaces application. This is so that the Space's security can be correctly restored on a file or folder when its item level security is removed.

Within the Oracle Content Server, item level security is implemented as a combination of ACL, account, and other metadata field settings. Oracle Content Server must be correctly configured to enable item level security. See, Section 11.2.2.2, "Configuring Oracle Content Server 11g to Support Item Level Security in All WebCenter Applications" and Section 11.2.2.3, "Configuring Security Between Oracle Content Server 11g and WebCenter Portal Applications."

What Happens in Oracle Content Server on Setting Custom Permissions

The following occurs in Oracle Content Server on setting custom permissions for a file or folder from the Item Level Security dialog:

  • The account is changed to account WCILS/original_account.

  • The ACL metadata fields, User Access List and Role Access List fields are updated with the custom permissions.

  • The Inhibit Propagation field is set to true, to prevent ILS from overwriting an item's own custom security with a parent folder's custom permissions.

What Happens in Oracle Content Server on Removing Custom Permissions

Removing custom permissions from a folder or file attempts to revert the security on that item to the security set on the item's parent folder. When you remove custom permissions, the following changes take place within Oracle Content Server:

  • The item's account is changed to be the account of its parent folder.

  • The item's User Access List and Role Access List fields are cleared.

  • The Inhibit Update field is set to false.

These changes are propagated in the same way as when the item level security was set.

Prerequisites for using Item Level Security in a WebCenter Portal Applications

The Item Level Security feature is compatible with an instance of Oracle Content Server that starts with a certain security configuration. This configuration is the WebCenter Spaces application's configuration of Oracle Content Server.

Note:

Oracle recommends using the Oracle Content Server standard security because it is efficient and scales easily for a large number of users and content objects compared with item level security. From an administrative perspective, Oracle Content Server's standard security is also easier to maintain. For information about configuring the standard security, see Section 11.2.2.3, "Configuring Security Between Oracle Content Server 11g and WebCenter Portal Applications."

Once the standard Oracle Content Server security model is implemented, you can also enable item level security. In most scenarios item level security is not required, and therefore, it should not be implemented unless explicitly needed. Typical reasons for using item level security are application situations when the Oracle Content Server standard security models need to be overridden or supplemented to handle exception cases to security policies. Please be aware that there are performance impacts and additional administrative overhead when using item level security.

Item Level Security should only be used in a WebCenter Portal application when the Content Server security model:

  • Uses accounts in which all users are granted RWD (read, write, delete) on the application's security group, as well as accounts that are used to control the content item security. This is required so that when the account is changed to WCILS, only the custom permissions determine the security on an item, and not the level of grant to the content item's security group.

  • Has ForceFolderSecurity set to true. This controls the propagation of folder security changes, as well as the setting of security on upload to a folder.

11.2.2.2.2 How to Configure Item Level Security

To configure item level security (ILS):

  1. Log on to your Oracle Content Server instance.

  2. From the Administration menu, choose Admin Server to open Component Manager.

  3. In the Component Manager section, click the advanced component manager link.

  4. In the Advanced Component Manager page, scroll down to the Disabled Components list, select RoleEntityACL, as shown in Figure 11-5, and then click Enable.

    See Also:

    "Setting Security Options for a File" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

    Figure 11-5 Advanced Component Manager - RoleEntityACL Component

    Description of Figure 11-5 follows
    Description of "Figure 11-5 Advanced Component Manager - RoleEntityACL Component"

  5. From the Options pane on left, select General Configuration.

  6. Under the General Configuration page, in the Additional Configuration Variables box, add the following parameters:

    UseEntitySecurity=1
SpecialAuthGroups=PersonalSpaces, applicationName

    where:

    SpecialAuthGroups is a comma separated list of security groups that contains the content on which ILS can be specified. If in a WebCenter Spaces application users are to be provided ILS support, then the security group in which all Spaces content is created must be one of the SpecialAuthGroups. For WebCenter Spaces, the security group is named the same as the Document Spaces Property's application name. (For WebCenter Portal applications, the applicationName is the name of the security group in which content is created.)

  7. Restart Oracle Content Server.

11.2.2.2.3 How to Configure Additional Settings for WebCenter Portal Applications

In addition to the steps described in Section 11.2.2.2.2, "How to Configure Item Level Security", ensure that all users by default are granted RWDA on the WCILS account. To do this, use the SET_DEFAULT_ATTRIBUTES service. For information about the SET_DEFAULT_ATTRIBUTES service, see the section "SET_DEFAULT_ATTRIBUTES" in Oracle Fusion Middleware Services Reference Guide for Universal Content Management.

To run the SET_DEFAULT_ATTRIBUTES service through a browser:

  1. From a browser, log into Oracle Content Server as an administrative user.

  2. View the source for the page, and find the value of the idcToken.

  3. While in the same browser window, enter the URL in the format:

    http://host:port/cs/idcplg?IdcService=SET_DEFAULT_ATTRIBUTES&dECPropSubKey=<Security Group>&dDefAttribs=account,WCILS,15&idcToken=<idcToken>&IsSoap=1

    For example:

    http://myhost.com:4444/cs/idcplg?IdcService=SET_DEFAULT_ATTRIBUTES&dECPropSubKey=Custom&dDefAttribs=account,WCILS,15&idcToken=1291297336399:6E324367FC9D2F8BE525F4CEBF4463FC&IsSoap=1

11.2.2.3 Configuring Security Between Oracle Content Server 11g and WebCenter Portal Applications

To configure Oracle Content Server 11g to work with a WebCenter Portal application, you must first set up content security and users in a development environment and then migrate them to a production environment. For detailed information about security, see also the chapter "Managing Security and User Access" in Oracle Fusion Middleware System Administrator's Guide for Universal Content Management.

This section describes the following mandatory steps:

The procedures described in this section apply to the Documents service (including wikis and blogs) and Content Presenter.

11.2.2.3.1 How to Create a Security Group using the Oracle Content Server Console

To create a security group:

  1. Log into the Oracle Content Server Console as an administrator.

  2. From the Administration menu, choose Admin Applets.

  3. On the Administration Applet page, click User Admin to display the User Admin dialog.

  4. From the Security menu, choose Permissions by Group.

  5. In the Permission By Group dialog, click Add Group.

  6. In the Add New Group dialog, enter a group name, for example, WikiBlog.

  7. Click OK.

This security group will be assigned to the Security folder that you will create in the next section.

11.2.2.3.2 How to Create a Folder using the Oracle Content Server Console

To create a folder:

  1. Log into the Oracle Content Server Console as an administrator.

  2. From the Browse Content menu, choose Contribution Folders to display the root directory in which you will create a folder.

  3. On the Contribution Folders page, from the New Item menu, choose New Folder to display the Hierarchy Folder Configuration page.

  4. In the Virtual Folder Name field, enter a meaningful name, for example WikiBlog.

  5. Under the Folder Information section, in the Title field, enter a meaningful title, for example, WikiBlog.

  6. From the Security Group dropdown, select WikiBlog that you created as described in Section 11.2.2.3.1, "How to Create a Security Group using the Oracle Content Server Console".

    All items in this folder will inherit the security from this security group.

    Figure 11-6 Folder and Security Group

    Description of Figure 11-6 follows
    Description of "Figure 11-6 Folder and Security Group"

  7. Click Save.

11.2.2.3.3 How to Create Roles using the Oracle Content Server Console

To create roles:

  1. Log into the Oracle Content Server Console as an administrator.

  2. From the Administration menu, choose Admin Applets.

  3. On the Administration Applet page, click User Admin to display the User Admin dialog.

  4. From the Security menu, choose Permissions by Role.

  5. In the Permission By Group dialog, click Add New Role.

  6. In the Add New Role dialog, enter a name, for example, WikiBlog.

  7. Click OK. This displays the Permission By Role dialog.

  8. In the Groups/Rights column, select the security group that you created earlier (for example, WikiBlog), as described in Section 11.2.2.3.1, "How to Create a Security Group using the Oracle Content Server Console."

  9. Click Edit Permissions.

  10. In the Edit Permissions dialog, select all checkboxes: Read, Write, Delete, and Admin, and click OK.

    The RWDA access is enabled, as shown in Figure 11-7.

    Figure 11-7 RWDA Permissions

    Description of Figure 11-7 follows
    Description of "Figure 11-7 RWDA Permissions"

  11. Create another role, for example WikiBlogRO, by performing steps 4 to 7.

  12. Enable the Read permission for this role by following steps 8 to 10 and selecting the Read checkbox in the Edit Permissions dialog.

11.2.2.3.4 How to Create Roles (Groups) using the Fusion Middleware Control Console

In this section you will create two roles: a role with read access and another role with full (read, write, delete, administer) access.

To create roles (groups):

  1. Log into the Fusion Middleware Control Console as an administrator.

  2. Under Domain Structure, click Security Realms.

  3. In the table under the Summary of Security Realms section, click myrealm, for example.

    IMPORTANT: myrealm uses the integrated LDAP that ships with Oracle WebCenter. For your enterprise implementation there may be a different LDAP, and therefore, you must use that instead of this integrated LDAP.

  4. Select the Users and Groups tab and then the Groups subtab.

  5. Under the Groups section, click New to display the Create a New Group section.

  6. In the Name field, enter the name of the role to which you granted full access in Oracle Content Server (for example, WikiBlog), as described in Section 11.2.2.3.3, "How to Create Roles using the Oracle Content Server Console", and click OK.

  7. Create a role or group with the read permission (for example, WikiBlogRO) by performing steps 5 and 6. The name of this role must match that you specified in Oracle Content Server, as described in Section 11.2.2.3.3, "How to Create Roles using the Oracle Content Server Console."

11.2.2.3.5 How to Create Users using the Fusion Middleware Control Console

In this section you will create two users: a user for the read role and another for the full access (read, write, delete, administer) role.

To create users:

  1. Log into the Fusion Middleware Control Console as an administrator.

  2. Under Domain Structure, click Security Realms.

  3. In the table under the Summary of Security Realms section, click myrealm, the built-in realm that works with the integrated LDAP.

  4. Select the Users and Groups tab and then the Users subtab.

  5. Under the Users section, click New to display the Create a New User section.

  6. In the Name field, specify a name, for example Joe.

  7. In the Password field, specify a password.

  8. In the Confirm Password field, enter the password again, and then click OK.

  9. Create another user by performing steps 4 to 8.

11.2.2.3.6 How to Grant a Role to a User using the Fusion Middleware Control Console

In this section you will grant the roles you created in Section 11.2.2.3.4, "How to Create Roles (Groups) using the Fusion Middleware Control Console" to the users you created in Section 11.2.2.3.5, "How to Create Users using the Fusion Middleware Control Console".

To grant a role to a user:

  1. Log into the Fusion Middleware Control Console as an administrator.

  2. Under Domain Structure, click Security Realms.

  3. In the table under the Summary of Security Realms section, click myrealm, the built-in realm that works with the integrated LDAP.

  4. Select the Users and Groups tab and then the Users subtab.

  5. In the table under the Users section, click the name of the user you created in Section 11.2.2.3.5, "How to Create Users using the Fusion Middleware Control Console", to display the settings section.

  6. Select the Groups tab.

  7. Under Parent Groups, in the Available column, select the role with the read permission (for example, WikiBlogRO) that you created in Section 11.2.2.3.4, "How to Create Roles (Groups) using the Fusion Middleware Control Console".

  8. Move this role to the Chosen column and click Save.

  9. Repeat steps 5 to 8 and grant the role with the full access permission to another user you created.

11.2.2.3.7 How to Migrate Security to a Production Environment

For information about migrating security from a development environment to a production environment, see Section 27.2.5, "Post-deployment Security Configuration Tasks."

11.2.3 Oracle Content Server - Security Considerations

Please consider the following while configuring security for Oracle Content Server:

11.2.4 Oracle Content Server - Limitations in WebCenter

None.

11.3 Oracle Portal Prerequisites

This section discusses the prerequisites for an Oracle Portal content repository in the following subsections:

11.3.1 Oracle Portal - Installation

For information on installing Oracle Portal, see Oracle Fusion Middleware Installation Guide for Oracle Portal, Forms, Reports and Discoverer.

11.3.2 Oracle Portal - Configuration

Oracle Portal must be up-to-date with all the latest patches. For additional information about patches, see the product release notes. See also Oracle Fusion Middleware Administrator's Guide for Oracle Portal.

11.3.3 Oracle Portal - Security Considerations

None.

11.3.4 Oracle Portal - Limitations in WebCenter

Oracle Portal integration with Oracle WebCenter is read-only. It is not possible to create content in the portal from Oracle WebCenter.

You can expose Oracle Portal pages in WebCenter through the Federated Portal Adapter by publishing them as portlets in Oracle Portal. The following are not returned by the Federated Portal Adapter, and thus are not visible in Oracle WebCenter:

  • Seeded page groups:

    • Oracle Portal repository.

    • Oracle Portal design-time pages.

  • Pages of the following types:

    • Mobile.

    • URL.

    • Navigation pages.

  • Items of the following types:

    • Navigation items.

    • PLSQL items.

    • Portlet.

    • Portlet instance.

    • URL items.

    • Mobile items.

    • Page links.

    • Item links.

  • Items defined as:

    • Expired.

    • Hidden.

11.4 File System Prerequisites

This section discusses the prerequisites for a file system content repository in the following subsections:

Caution:

File system connections must not be used in production or enterprise application deployments. This feature is provided for development purposes only. Connections created through the file system adapter can be used during the development of WebCenter Portal applications using Oracle JDeveloper.

WebCenter Spaces applications do not support file system connections.

11.4.1 File System - Security Considerations

All operations are executed as the system user under which the JVM is running and therefore inherit its permissions.

11.4.2 File System - Limitations in WebCenter

File system connections must not be used in production or enterprise application deployments, and search capabilities are limited and slow due to the absence of an index. This feature is provided for development purposes only.

11.5 Registering Content Repositories

This section contains the following subsections:

11.5.1 What You Should Know About Registering Content Repositories for WebCenter Spaces

Consider the following when registering Oracle Content Server repositories for WebCenter Spaces:

  • At start up, WebCenter Spaces creates seed data (if it does not already exist) in the primary/active/default repository for WebCenter Spaces.

  • A user name with administrative rights for the Oracle Content Server instance is required (Content Administrator). This user will be used to create and maintain folders for WebCenter Spaces content and manage content access rights. The default content administrator is sysadmin.

    Administrative privileges are required for this connection so that operations can be performed on behalf of WebCenter users.

  • Root Folder and Application Name values:

    • Oracle does not recommend changing the Root Folder and Application Name values. However, if you change the Root Folder value after configuring and running WebCenter Spaces, then you must also change the Application Name value, and vice versa. That is, you must change both values (Root Folder and Application Name) to unique values if the WebCenter Spaces application already contains the seed data.

      When you change these values, the existing seed data is not renamed in the Oracle Content Server repository. Instead, new seed data is created using the new values, when you start the application. Once the application is started, new WebCenter Spaces data is created under the new Root Folder and existing data under the old Root Folder is no longer available. This means that the Documents service will now be disabled in Spaces where the Documents service was previously enabled, prior to changing the Root Folder.

      Note:

      Although the Root Folder and Application Name values change, the old root content repository folder still appears in search results, like any other root folder in Oracle Content Server.

    • For the active connection in WebCenter Spaces, the Root Folder and Application Name values are used to create the seed data in the WebCenter Spaces repository, to enable storage of the Space-related data.

    • The Root Folder value is used as the name for the root folder within the content repository under which all Spaces content is stored. For the Root Folder value, you must specify a content repository folder that does not yet exist. Use the format: /foldername. For example: /MyWebCenterSpaces. The Root Folder cannot be /, the root itself, and it must be unique across different WebCenter applications. The folder specified is created for you when the WebCenter application starts up. Invalid entries include: /, /foldername/, /foldername/subfolder.

    • The WebCenter Spaces application within this content repository must have a unique name. For example: MyWCS. The name must begin with an alphabetical character, followed by any combination of alphanumeric characters or the underscore character. The name specified here is also used to name document-related workflows, as follows: <applicationName><WorkflowName> and <applicationName><WorkflowStepName>. When naming workflows, only the first 14 characters of the Application Name are used.

      The Application Name value is used for the following:

      • To separate data when multiple WebCenter Spaces applications share the same content repository and should be unique across applications.

      • As the prefix to the seeded workflow and workflow steps.

      • The Application Name is also used as the prefix to the seeded workflow and workflow steps.

      • As the name of the security group.

      • As the prefix for the role (the name format is applicationNameUser)

      • To stripe users permissions on accounts for the particular WebCenter Spaces application.

      • To stripe default attributes for the particular WebCenter Spaces application.

      For information about security groups and roles, see Managing Security and User Access for Content Server. For information about folders, see Folders and WebDav Administration Guide. These guides are available at http://download.oracle.com/docs/cd/E10316_01/owc.htm.

11.5.2 Registering Content Repositories Using Fusion Middleware Control

To register a content repository:

  1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application:

  2. Do one of the following:

    • For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.

    • For WebCenter Portal applications - From the Application Deployment menu, choose WebCenter > Service Configuration.

  3. From the list of services on the WebCenter Service Configuration page, select Content Repository.

  4. To connect to a new content repository, click Add (Figure 11-8).

    Figure 11-8 Configuring Content Repository Connections

    Configuring a Content Repository

  5. Enter a unique name for this connection, specify the content repository type, and indicate whether this connection is the active (or default) connection for the application. See Table 11-4.

    Table 11-4 Manage Content Repository Connections

    Field Description

    Connection Name

    Enter a unique name for this content repository connection. The name must be unique (across all connection types) within the WebCenter application.

    Repository Type

    Choose the type of repository you want to connect to. Select one of the following:

    (WebCenter Spaces) If you are setting up the back-end content repository for WebCenter Spaces, that is, the repository used by WebCenter Spaces to store Space-related documents, you must select Oracle Content Server.

    Active Connection

    Select to make this the default or primary content repository for your WebCenter application.

    You can connect your WebCenter application to multiple content repositories; all connections are used. One connection must be designated the default (or active) connection. Do one of the following:

    • For WebCenter Spaces:

      Select to make this the active connection, that is, the back-end repository that WebCenter Spaces uses to store Space-related documents. The active connection must be to an Oracle Content Server.

      If this is the active connection for WebCenter Spaces, some additional configuration is required -- see Section 11.5.1, "What You Should Know About Registering Content Repositories for WebCenter Spaces."

    • For WebCenter Portal applications:

      Select to make this the active connection; that is, the default connection for Content Presenter, Document Manager, Document List Viewer, and Recent Documents task flows. When no specific connection details are provided for these task flows, this default (also called primary, active) connection is used.

    Deselecting this option does not disable the content repository connection. If a content repository is no longer required, you must delete the connection.

  6. (For the active connection in WebCenter Spaces only.) Enter additional details for the WebCenter Spaces repository. For information, see Section 11.5.1, "What You Should Know About Registering Content Repositories for WebCenter Spaces."

  7. Enter connection details for the content repository. For detailed parameter information, see:

    Table 11-5 Oracle Content Server Connection Parameters

    Field Description

    RIDC Socket Type

    Specify whether Oracle Content Server connects on the content server listener port or the Web server filter, and whether the listener port is SSL enabled. Choose from:

    • Socket - Uses an intradoc socket connection to connect to the Oracle Content Server. The client IP address must be added to the list of authorized addresses in the Oracle Content Server. In this case, the client is the machine on which Oracle WebCenter is running.

    • Socket SSL - Uses an intradoc socket connection to connect to the Oracle Content Server that is secured using the SSL protocol. The client's certificates must be imported in the server's trust store for the connection to be allowed. This is the most secure option, and the recommended option whenever identity propagation is required (for example, in WebCenter Spaces).

    • Web - Uses an HTTP(S) connection to connect to the Oracle Content Server.

    • JAX-WS - Uses an HTTP(S) connection to connect to the Oracle Content Server.

    For WebCenter Spaces, the Web option is not suitable for the active connection, that is, the back-end Oracle Content Server repository that is being used to store Space-related documents because it does not allow identity propagation.

    Server Host

    Enter the host name of the machine where the Oracle Content Server is running.

    For example: mycontentserver.mycompany.com

    Server Host is required when the RIDC Socket Type is set to Socket or Socket SSL.

    Server Port

    Enter the port on which the Oracle Content Server listens:

    • Socket - Port specified for the incoming provider in the server.

    • Socket SSL - Port specified for the sslincoming provider in the server.

    This property corresponds to the IntradocServerPort setting in the Content Server configuration file, which defaults to port 4444.

    Server Port is required when the RIDC Socket Type is set to Socket or Socket SSL.

    Web URL

    Enter the Web server URL for the Oracle Content Server.

    Use the format: http://hostname:portnumber/web_root/plugin_root

    For example: http://mycontentserver/cms/idcplg

    Web URL is applicable when the RIDC Socket Type is set to Web.

    Web Service URL

    Enter the Web service URL required to connect to Oracle Content Server when using the JAX-WS protocol.

    Use the format: http://hostname:port/web_root

    For example: http://myhost.com:9044/idcnativews

    Web Service URL is applicable when RIDC Socket Type is set to JAX-WS.

    Connection Timeout (ms)

    Specify the length of time allowed to log in to Oracle Content Server (in milliseconds) before issuing a connection timeout message. If no timeout is set, there is no time limit for the login operation.

    Authentication Method

    Choose from:

    • Identity Propagation - Oracle Content Server and the WebCenter application use the same identity store to authenticate users.

      (WebCenter Spaces) Identity propagation is required on the active connection for WebCenter Spaces, that is, for the content repository being used to store Space-related documents.

    • External Application - An external application authenticates users against the Oracle Content Server. Select this option if you want to use public, shared, or mapped credentials. See also, "Setting Security for the Documents Service" in the Oracle Fusion Middleware Developer's Guide for Oracle WebCenter.

    If an external application is used for authentication, use the Associated External Application drop down list to identify the application. If the application you want is not listed, select Create New to define the external application now.

    Web Server Context Root

    Enter the Web server context root for Oracle Content Server. Use the format /<context_root>. For example, /cs.

    When specified, several Oracle Universal Content Management (UCM) features based on iFrame are available in the WebCenter application. This includes:

    • Associating a content profile with files when uploading new or updated files to Oracle Content Server.

      For more information, see "Uploading New Files" and "Uploading a New Version of an Existing File" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

    • Using the document review functionality available in Oracle AutoVue.

      For more information, see "Reviewing and Collaborating on Documents Using AutoVue" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

    • Editing advanced document properties.

      For more information, see "Working with File Properties" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

    • Viewing folder and file workflow details.

      For more information, see “Viewing Workflow Information" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

    • Previewing files in a slide viewer.

      For more information, see "Opening a File" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

    • Site Studio integration

      Without OHS (and WebContextRoot configuration), it is still possible to create or edit Site Studio content from within Content Presenter, but the create and edit actions launch new browser windows (or tabs) rather than opening within the Content Presenter task flow. For more information, see "Using Content Presenter to Create or Edit Oracle Site Studio Content" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

    The Web Server Context Root property is only applicable when the Authentication Method is set to Identity Propagation.

    Note: Specifying the Web Server Context Root is an indicator that the WebCenter application is front-ended by OHS. If you specify the Web Server Context Root and do not connect through OHS, a 404 error occurs while you attempt to edit the advanced metadata in the Document Viewer, upload using a profile, or click Details for a content item in a workflow in a Space. For information about setting up OHS to front-end WebCenter applications, see Appendix B, "Oracle HTTP Server Configuration for WebCenter".

    If your WebCenter application is connected to multiple UCM servers, Oracle recommends that each UCM server has a unique Web Server Context Root so that OHS re-direction works correctly.

    Associated External Application

    Select the external application used to authenticate users against the Oracle Content Server.

    Associated External Application is applicable when RIDC Socket Type is set to Web and also when the RIDC Socket Type is Socket or Socket SSL (with Authentication Method set to External Application).

    Client Security Policy

    Enter the client security policy to be used when the RIDC Socket Type is JAX-WS. For example: oracle/wss11_saml_token_with_message_protection_service_policy

    Leave this field blank if your environment supports Global Policy Attachments (GPA).

    Administrator User Name

    Enter a user name with administrative rights for this Oracle Content Server instance. This user will be used to fetch content type information based on profiles and track document changes for cache invalidation purpose.

    Defaults to sysadmin.

    Administrator Password

    Enter the password for the Oracle Content Server administrator.

    Key Store Location

    Specify the location of key store that contains the private key used to sign the security assertions. The key store location must be an absolute path.

    For example: D:\keys\keystore.xyz

    Key Store Location is required when the RIDC Socket Type is set to Socket SSL.

    Key Store Password

    Enter the password required to access the keystore.

    For example: T0PS3CR3T

    Key Store Password is required when the RIDC Socket Type is set to Socket SSL.

    Private Key Alias

    Enter the client private key alias in the keystore. The key is used to sign messages to the server. The public key corresponding to this private key must be imported in the server keystore.

    Ensure that the alias does not contain special characters or white space. For example: enigma

    Private Key Alias is required when the RIDC Socket Type is set to Socket SSL.

    Private Key Password

    Enter the password to be used with the private key alias in the key store.

    For example: c0d3bR3ak3R

    Private Key Password is required when the RIDC Socket Type is set to Socket SSL.

    Table 11-6 Connection Details - Oracle Content Server - Cache Details

    Element Description

    Cache Invalidation Interval (minutes)

    Specify the frequency between checks for external Oracle Content Server content changes (in minutes). WebCenter automatically clears items that have changed from the cache.

    The default is 0 which means that cache invalidation is disabled.

    The minimum interval is 2 minutes.

    Maximum Cached Document Size (bytes)

    Enter a maximum cacheable size (in bytes) for Oracle Content Server binary documents. Documents larger than this size are not cached by WebCenter.

    The default is 102400 bytes (100K).

    Tune this value based on your machine's memory configuration and the types of binary documents that you expect to cache.

    Table 11-7 Oracle Portal Connection Parameters

    Field Description

    Data Source Name

    Enter the JNDI DataSource location used to connect to the portal.

    For example: jdbc/MyPortalDS

    The datasource must be on the server where the WebCenter application is deployed.

    Connection Timeout (ms)

    Specify the length of time allowed to log in to Oracle Portal (in milliseconds) before issuing a connection timeout message. If no timeout is set, there is no time limit for the login operation.

    Authentication Method

    Specify how to authenticate users against Oracle Portal. Choose from:

    • Identity Propagation - Select this option when the WebCenter application and Oracle Portal both use the same user identity store.

    • External Application - Use an external application to authenticate users against Oracle Portal. Select this option if you want to use public, shared, or mapped credentials.

    If an external application is used for authentication, use the Associated External Application dropdown list to identify the application.

    Associated External Application

    Associate Oracle Portal with an external application. External application credential information is used to authenticate Oracle Portal users.You can select an existing external application from the dropdown list, or click Create New to configure a new external application now.

    Table 11-8 File System Connection Parameters

    Field Description

    Base Path

    Enter the full path to a folder on a local file system in which your content is placed. For example: C:\MyContent

    Caution: File system content must not be used in production or enterprise application deployments. This feature is provided for development purposes only.

  8. Click OK to save this connection.

  9. Click Test to verify if the connection you created works. For a successful connection, the Test Status message displays the advice that to start using the new (active) connection, you must restart the managed server on which the WebCenter application is deployed.

The registered connections are now available to Documents service and Content Presenter task flows, which you can add to pages in WebCenter Spaces or WebCenter Portal applications. See also, "Working with the Documents Service" in the Oracle Fusion Middleware User's Guide for Oracle WebCenter.

11.5.3 Registering Content Repositories Using WLST

Use the following WLST commands to register new content repository connections:

For command syntax and examples, see the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

To configure a particular connection as the default connection, set isPrimary='true'. See Section 11.6, "Changing the Active (or Default) Content Repository Connection".

For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands".

Note:

To start using the new (active) connection you must restart the managed server on which the WebCenter application is deployed. See "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.

11.6 Changing the Active (or Default) Content Repository Connection

WebCenter applications support multiple content repository connections but only one content repository connection can be designated the active (or default) connection.

In WebCenter Spaces, the active connection becomes the default back-end repository for Space and Home Space documents and the repository must be an Oracle Content Server. The active connection is also used as the default connection for the Documents service and Content Presenter task flows.

For other WebCenter applications, the active connection becomes the default connection for Content Presenter, Document Manager, Document List Viewer, and Recent Documents, and so on. When no specific connection details are provided for these task flows, the default (active) connection is used.

This section contains the following subsections:

11.6.1 Changing the Active (or Default) Content Repository Connection Using Fusion Middleware Control

To change the active (or default) content repository connection:

  1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application:

  2. Do one of the following:

    • For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.

    • For WebCenter Portal applications - From the Application Deployment menu, choose WebCenter > Service Configuration.

  3. From the list of services on the WebCenter Services Configuration page, select Content Repository.

    The Manage Content Repository Connections table indicates the current active connection (if any).

  4. Select the connection you want to become the active (or default) connection, and then click Edit.

  5. Select the Active Connection checkbox.

  6. Click OK to update the connection.

  7. Click Test to verify if the connection you activated works. For a successfully activated connection, the Test Status message displays the advice that to start using the updated connection you must restart the managed server on which the WebCenter application is deployed.

11.6.2 Changing the Active (or Default) Content Repository Connection Using WLST

Use the following WLST commands with isPrimary='true' to designate an existing content repository connection as the default connection:

For command syntax and examples, see the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

To subsequently disable a default content repository connection, run the same WLST command with isPrimary='false'. Connection details are retained but the connection is no longer named as the primary connection in adf-config.xml.

For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands".

Note:

To start using the new (active) connection you must restart the managed server on which the WebCenter application is deployed. See, "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.

11.7 Modifying Content Repository Connection Details

This section contains the following subsections:

11.7.1 Modifying Content Repository Connection Details Using Fusion Middleware Control

To update content repository connection details:

  1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application:

  2. Do one of the following:

    • For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.

    • For WebCenter Portal applications - From the Application Deployment menu, choose WebCenter > Service Configuration.

  3. From the list of services on the WebCenter Services Configuration page, choose Content Repository.

  4. Select the connection name, and click Edit.

  5. Edit connection details, as required. For detailed parameter information, see:

  6. Click OK to save your changes.

  7. Click Test to verify if the updated connection works. For a successfully updated connection, the Test Status message displays the advice that to start using the updated connection, you must restart the managed server on which the WebCenter application is deployed.

11.7.2 Modifying Content Repository Connection Details Using WLST

Use the following WLST commands to edit content repository connections:

For command syntax and examples, see the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

To configure a particular connection as the active (or default) connection, set isPrimary='true'. See Section 11.6, "Changing the Active (or Default) Content Repository Connection".

For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands".

Note:

To start using the updated (active) connection details, you must restart the managed server on which the WebCenter application is deployed. See "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.

11.7.3 Modifying Cache Settings for Content Presenter

The content management code for Content Presenter, the Content Management Interoperability Services (CMIS) REST APIs, and so on, are shipped out of the box with local (in-memory) caches. This code does not use Coherence. You can enable Coherence for caches in the content-coherence-cache-config.xml file. For WebCenter Spaces this file is stored in the ORACLE_HOME/user_projects/applications/wc_domain/custom.webcenter.spaces.fwk/APP-INF/classes/ directory. For WebCenter Portal applications, developers must create the content-coherence-cache-config.xml file in the application (EAR) classpath or server's system classpath.

A sample Coherence configuration file, as shown in Example 11-1, is provided within the content-app-lib.ear file. This EAR file is located at: ORACLE_HOME/as11gr1wc/webcenter/modules/oracle.webcenter.content.integration_11.1.1/content-app-lib.ear). The sample file location is: /content-app-lib.ear/APP-INF/classes/sample-content-coherence-cache-config.xml file. You can copy this file and rename it to content-coherence-cache-config.xml, and then set the values to meet customer's deployment needs. Table 11-9 describes the cache entries in this file.

Example 11-1 Sample Coherence Configuration File

<!DOCTYPE cache-config SYSTEM "cache-config.dtd">
<cache-config>
  <caching-scheme-mapping>
    <cache-mapping>
      <cache-name>repo.ucm.nodeUidCache.*</cache-name>
      <scheme-name>ContentNodeCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name>repo.ucm.nodePathToUidCache.*</cache-name>
      <scheme-name>ContentNodeCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name>repo.ucm.securityInfoCache.*</cache-name>
      <scheme-name>ContentNodeCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name>repo.ucm.typeNameCache.*</cache-name>
      <scheme-name>ContentTypeCaches</scheme-name>
    </cache-mapping>
   <cache-mapping>
      <cache-name>repo.ucm.typeNamesCache.*</cache-name>
      <scheme-name>ContentTypeCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name>binaryCache.*</cache-name>
      <scheme-name>ContentBinaryCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name>repo.ucm.searchCriteriaCache.*</cache-name>      <scheme-name>ContentSearchCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name> repo.ucm.indexedFieldsCache.*</cache-name>
      <scheme-name>ContentSearchCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name>repo.ucm.securityUserCache.*</cache-name>
      <scheme-name>ContentSecurityCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name>repo.ucm.profileTriggerValueCache.*</cache-name>
      <scheme-name>ContentProfileCaches</scheme-name>
    </cache-mapping>
  </caching-scheme-mapping>
  <caching-schemes>
<!--    The following schemes are all local.  For a clustered deployment,
    a distributed, replcated, or other clustered scheme is recommended.
    See Coherence documentation for more information.
    -->
    <local-scheme>
      <scheme-name>ContentNodeCaches</scheme-name>
      <expiry-delay>1m</expiry-delay>
      <high-units>100</high-units>
    </local-scheme>
    <local-scheme>
      <scheme-name>ContentTypeCaches</scheme-name>
      <expiry-delay>30m</expiry-delay>
      <high-units>50</high-units>
    </local-scheme>
    <local-scheme>
      <scheme-name>ContentBinaryCaches</scheme-name>
      <expiry-delay>1m</expiry-delay>
      <high-units>100000</high-units>
      <unit-calculator>
        <class-scheme>
          <class-name>com.tangosol.net.cache.SimpleMemoryCalculator</class-name>
        </class-scheme>
      </unit-calculator>
    </local-scheme>
    <local-scheme>
      <scheme-name>ContentSearchCaches</scheme-name>
      <expiry-delay>5m</expiry-delay>
      <high-units>50</high-units>
    </local-scheme>
   <local-scheme>
      <scheme-name>ContentSecurityCaches</scheme-name>
      <expiry-delay>10m</expiry-delay>
      <high-units>50</high-units>
    </local-scheme>
   <local-scheme>
      <scheme-name>ContentProfileCaches</scheme-name>
      <expiry-delay>1h</expiry-delay>
      <high-units>100</high-units>
    </local-scheme>
    <!--
    <class-scheme>
      <scheme-name>ContentDisabledCaches</scheme-name>
      <class-name>com.tangosol.util.NullImplementation$NullMap</class-name>
    </class-scheme>
    -->
  </caching-schemes>
</cache-config>

Table 11-9 Cache Entries in content-coherence-cache-config.xml

Cache Entry Name Description

repo.ucm.nodeUidCache.*

Stores a list of nodes for a repository based on an ID. The size of this cache entry depends upon the number of nodes in the active repository.This cache expires based on when the node data is refreshed and how many times the data is modified from another application. Key - Node UID - String

Value - A UCM Node object

repo.ucm.nodePathToUidCache.*

Stores a list of nodes for a repository based on a path. The size of this cache depends upon the number of nodes in the active repository.This cache entry expires based on when the node data is refreshed and how many times the data is modified from another application. The size and expiration time must be the same as that of nodeUidCache.

Key - Node path - String

Value - Node UID - String

repo.ucm.securityInfoCache.*

Stores cached security information for a node. The size of this cache depends upon the number of nodes in the repository. This cache expires based on the frequency of node security data updates.

Key - Node UID - String

Value - Security information for a node

repo.ucm.typeNameCache.*

Caches Content Type information. The size of this cache depends upon the number of types in the repository. This cache expires based on when the type information is refreshed and how many times the types are modified from another application.

Key - Content Type UID - String

Value - A ContentType object

repo.ucm.typeNamesCache.*

Caches all the type names known to UCM. All type names are cached together (one key), and thus all expire at the same time.

This cache expires based on the frequency of new types being created or removed.

Key - There is only one key to this cache: "typeNames"

Value - An ArrayList<String> of the type names

binaryCache.*

Caches binary property data. Only binaries that are smaller than the repository configuration property BinaryCacheMaxEntrySize are cached.

The size of this cache either depends on the number and frequency of the smaller binary properties (smaller than the BinaryCacheMaxEntrySize setting) usage, or it is based on the total amount of memory to be used for binary caches.

This cache expires based on when the binary data is refreshed and how many times this data is modified from another application.

Key - The Node UID and binary Property UID (nodeUid.propUid) - String

Value - The binary stream data - byte[]

repo.ucm.searchCriteriaCache.*

Caches a set of search query to parameters based on the UCM search grammar. The size of this cache depends upon the number of unique searches expected to be repeatedly performed.

The expiration must be set to eventually expire unused searches and save on the cache memory.

Key - A set of search query parameters.

Value - A set of search query parameters, in UCM terms.

repo.ucm.indexedFieldsCache.*

Holds the indexed (searchable) system properties for the repository. There are three keys in this cache:

  • "indexedFields" holds all UCM indexed fields.

  • "indexedFolderProps" holds indexed system properties for folders.

  • "indexedDocProps" holds indexed system properties for documents.

This cache expires based on the frequency of the indexed fields changes.

Key - String

Value - Map<String,Boolean> holds a key for each indexed property name, and a boolean indicating if that property is also sortable.

repo.ucm.securityUserCache.*

Caches the mapping between local user names (current application) and the name of the same user in UCM. The size of this cache depends upon the number of simultaneous and/or frequent users.

This cache expires based on the frequency of user identity mapping updates.

Key - Local user Id - String

Value - UCM user Id - String

repo.ucm.profileTriggerValueCache.*

Caches the profile trigger value for a given profile, so it is available when documents are created. The maximum number of entries in this cache is implicitly limited to the maximum number of profiles on the UCM server. The cache entry size is small. The primary entry to vary is the expiration, which depends upon how often the profile trigger field values are modified in UCM. These values change rarely once a profile is configured on the UCM system. Therefore, the expiration should be set appropriately.

Key - The UCM profile name - String

Value - The UCM profile trigger value - String

11.8 Deleting Content Repository Connections

This section contains the following subsections:

Caution:

Delete a content repository connection only if it is not in use. If a connection is marked as active, it should first be removed from the active list, and then deleted.

11.8.1 Deleting Content Repository Connections Using Fusion Middleware Control

To delete a content repository connection:

  1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application:

  2. Do one of the following:

    • For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.

    • For WebCenter Portal applications - From the Application Deployment menu, choose WebCenter > Service Configuration.

  3. From the list of services on the WebCenter Services Configuration page, choose Content Repository.

  4. Select the connection name, and click Delete.

  5. To effect this change you must restart the managed server on which the WebCenter application is deployed.

11.8.2 Deleting Content Repository Connections Using WLST

Use the WLST command deleteConnection to remove a content repository connection. For command syntax and examples, see "deleteConnection" in the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands".

Note:

To effect this change you must restart the managed server on which the WebCenter application is deployed. See, "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.

11.9 Setting Connection Properties for the WebCenter Spaces Content Repository

You can view, modify, and delete connection properties for the back-end Oracle Content Server repository that is being used by WebCenter Spaces to store Space and Home Space documents. Specifically, you can define the root folder under which Space content is stored, the name of the content repository administrator, and a unique application identifier for separating application data on the Oracle Content Server.

This section contains the following subsections:

11.9.1 Setting Connection Properties for the WebCenter Spaces Content Repository Using Fusion Middleware Control

To set content repository connection properties:

  1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application. See Section 6.2, "Navigating to the Home Page for WebCenter Spaces".

  2. From the WebCenter menu, choose Settings > Service Configuration.

  3. From the list of services on the WebCenter Services Configuration page, choose Content Repository.

  4. Select the connection name, and click Edit.

  5. (For the active connection in WebCenter Spaces only.) Set connection properties for the WebCenter Spaces repository. For information, see Section 11.5.1, "What You Should Know About Registering Content Repositories for WebCenter Spaces."

  6. Click OK to save your changes.

  7. To start using the updated (active) connection properties, you must restart the managed server on which the WebCenter application is deployed.

11.9.2 Setting Connection Properties for the WebCenter Spaces Content Repository Using WLST

The following commands are valid only for the WebCenter Spaces application to view, set, and delete properties for the Oracle Content Server repository that is being used by WebCenter Spaces to store Space and Home Space documents:

For command syntax and detailed examples, see the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands".

11.10 Testing Content Repository Connections

After setting up content repository connections, you can test them to make sure that you can access the content repository, as described in the following sections:

11.10.1 Testing Oracle Content Server Connections

To verify a connection of the socket type web, log in to the Web interface of Oracle Content Server as administrator. You can obtain the URL of a socket type connection through Fusion Middleware Control as follows:

  1. In Fusion Middleware Control, from the WebCenter menu, choose Settings and select Service Configuration (Figure 11-9).

    Figure 11-9 Fusion Middleware Control WebCenter Menu

    Fusion Middleware Control WebCenter Menu

  2. On the Manage Content Repository Connections page, select the connection and click Edit (Figure 11-10).

    Figure 11-10 Manage Content Repository Connections Page

    Manage Content Repository Connections Page

  3. On the Edit Content Repository Connection page, copy the Web URL (Figure 11-11).

    Note:

    Remove the /idcplg/ suffix from the URL before using it.

    The URL format is: http://host_name/web_root/ For example: http://mycontentserver/cms/

    Figure 11-11 Edit Content Repository Connection Page

    Edit Content Repository Connection Page

11.10.2 Testing Oracle Portal Connections

To verify the full state of an Oracle Portal connection:

  1. In the Oracle WebLogic Administration Console, under Domain Structure, expand Services > JDBC, then double-click Data Sources (Figure 11-12).

    Figure 11-12 Oracle WebLogic Administration Console

    Oracle WebLogic Administration Console

  2. On the Summary of JDBC Data Sources page, select the data source you intend to test (Figure 11-13).

    Figure 11-13 Summary of JDBC Data Sources Page

    Sumary of JDBC Data Sources Page

  3. In the Settings for datasource_name section, select the tabs Monitoring, then Testing. Select the data source target server, then click Test Data Source to test the connection (Figure 11-14).

    Figure 11-14 Data Source Settings Section

    Data Source Settings Section

11.11 Changing the Maximum File Upload Size

By default, the maximum upload size for files is:

The WebCenter application developer can customize the default file upload size at design time by setting the UPLOAD_MAX_MEMORY, UPLOAD_MAX_DISK_SPACE, and UPLOAD_TEMP_DIR parameters in the web.xml file. For information about editing web.xml, see Section A.1.2, "web.xml".

For more information, see "Setting Parameters to Upload Files to Content Repositories" in the Oracle Fusion Middleware Developer's Guide for Oracle WebCenter.

Go to previous page
Previous		 Go to next page
Next
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Master Index
Master Index		 Go to Feedback page
Contact Us