Oracle® Fusion Middleware Administrator's Guide for Oracle WebCenter 11g Release 1 (11.1.1) Part Number E12405-11 |
|
|
View PDF |
Oracle WebCenter enables content integration through:
Content Repository data controls, which enable read-only access to a content repository, and maintain tight control over the way the content displays in a WebCenter Portal application.
The Documents service, which enables users to view and manage documents and other types of content in your organization's content repositories.
Content Presenter enables end users to select content in a variety of ways and then display those items using available display templates. A Content Presenter task flow can be added during development of a WebCenter Portal application, or can be added to editable pages at runtime.
This chapter describes how to configure and manage content repositories used by WebCenter applications. For more information about managing and including content in WebCenter applications, see:
"Integrating Content" in Oracle Fusion Middleware Developer's Guide for Oracle WebCenter to configure content repository connections that provide access to decentralized content.
"Creating Custom Content Presenter Display Templates" in Oracle Fusion Middleware Developer's Guide for Oracle WebCenter to create custom display templates to integrate and publish decentralized content in your WebCenter application using Content Presenter.
"Configuring Content Repository Connections" in Oracle Fusion Middleware Developer's Guide for Oracle WebCenter to use Java Content Repository (JCR) controls to enable read-only access to a content repository.
"Integrating the Documents Service" in Oracle Fusion Middleware Developer's Guide for Oracle WebCenter to integrate the Documents service in WebCenter Portal applications to provide end users with a user-friendly interface to manage, display, and search documents at runtime.
Working with the Documents Service" in Oracle Fusion Middleware User's Guide for Oracle WebCenter to work with the Documents service and task flows at runtime in WebCenter applications.
Note:
Content repository configuration changes that you make through Fusion Middleware Control or using WLST are not dynamic; you need to restart the managed server on which the WebCenter application is deployed for your changes to take effect. See Section 8.2, "Starting and Stopping Managed Servers for WebCenter Application Deployments".This chapter contains the following sections:
Section 11.1, "What You Should Know About Content Repository Connections"
Section 11.6, "Changing the Active (or Default) Content Repository Connection"
Section 11.7, "Modifying Content Repository Connection Details"
Section 11.9, "Setting Connection Properties for the WebCenter Spaces Content Repository"
Audience
The content of this chapter is intended for Fusion Middleware administrators (users granted the Admin
or Operator
role through the Oracle WebLogic Server Administration Console). See Section 1.8, "Understanding Administrative Operations, Roles, and Tools".
Oracle WebCenter's support of the JCR 1.0 open document standard enables integration with multiple back-end content stores. Oracle WebCenter supports the following content repositories: Oracle Content Server, Oracle Portal, and the file system.
Prerequisites for each content repository are described in the following sections:
WebCenter users need to store, publish, and share files. The Documents service provides content management and storage capabilities for WebCenter applications, including content upload, file and folder creation and management, file check out, versioning, and so on. To do this, the Documents service requires at least one content repository connection (WebCenter applications can support multiple content repository connections) to be made active (default):
WebCenter Spaces - In WebCenter Spaces, every Home Space has its own document folder, unique to its parent space. Spaces that have the Documents service provisioned also have their own document folder. The back-end service providing this functionality is Oracle Content Server. When a content repository is made active (see Section 11.6, "Changing the Active (or Default) Content Repository Connection"), it becomes the default content repository and additional properties become available for configuration. WebCenter Spaces requires the default content repository to be Oracle Content Server. Additionally, administrators may connect WebCenter Spaces to other content repositories that WebCenter Spaces may use.
Other WebCenter applications - When a content repository is made active (see Section 11.6, "Changing the Active (or Default) Content Repository Connection"), Documents service task flows use that content repository in instances where no specific connection details are provided. There is no particular requirement on the default content repository used.
When Oracle Content Server is the content repository (required for WebCenter Spaces), the Documents service and Oracle Content Server must be connected to the same identity store that is used by WebCenter Spaces.
Just like other service connections, post-deployment content repository connections are registered and managed through Fusion Middleware Control or using the WLST command-line tool. Connection information is stored in configuration files and in the MDS repository. For more information, see Section 1.3.5, "Oracle WebCenter Configuration Considerations."
Always use Fusion Middleware Control or the WLST command-line tool to review and configure back-end services for WebCenter applications. Any changes that you make to WebCenter applications, post-deployment, are stored in the Oracle Metadata Service (MDS) repository as customizations.
Once connection details are defined, WebCenter users can expose the content of the connected content repositories through several ADF Faces components, such as <af:image>
, <af:inlineFrame>
, and <af:goLink>
, and built-in Documents service task flows (Document Manager, Folder Viewer, and Recent Documents). For more information, see "Working with Page Content" and "Working with the Documents Service" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.
This section discusses the prerequisites for an Oracle Content Server content repository in the following subsections:
Section 11.2.3, "Oracle Content Server - Security Considerations"
Section 11.2.4, "Oracle Content Server - Limitations in WebCenter"
Oracle Content Server 11g is installed as a part of Oracle Universal Content Management (Oracle UCM). Oracle UCM is a product of Oracle Enterprise Content Management Suite, which is an Oracle Fusion Middleware component. For information about upgrading Oracle Content 10g release 3 to Oracle Content Server 11g, see the Oracle Fusion Middleware Upgrade Guide for Oracle Enterprise Content Management Suite at http://download.oracle.com/docs/cd/E14571_01/doc.1111/e16451/upgrade_ecm.htm
.
While installing Oracle Content Server, you may also install Oracle Inbound Refinery (Oracle IBR). Oracle IBR is a conversion server that manages file conversions for electronic assets such as documents, digital images, and motion videos. It also provides thumbnail functionality for documents and images and storyboarding for videos. You can use Oracle IBR to convert content items stored in Oracle Content Server.
For information about installing Oracle Content Server, see the section "Oracle Content Server - Installation" in Oracle Fusion Middleware Installation Guide for Oracle WebCenter.
This section includes the following subsections:
After installing Oracle Content Server 11g, perform the configuration tasks listed in Table 11-1. These tasks are common for both WebCenter Portal applications and WebCenter Spaces. This section also includes the following sections to which the tasks in Table 11-1 refer:
Section 11.2.2.1.1, "Enabling the Conversion of Wikis and Blogs into PDFs"
Section 11.2.2.1.2, "Disabling Undesirable Site Asset Categories in Oracle Site Studio"
Section 11.2.2.1.3, "What You Should Know About the WebCenterConfigure Component"
Section 11.2.2.1.4, "What You Should Know About Creating Content Profiles in Oracle Content Server"
Table 11-1 Oracle WebCenter-Specific Postinstallation Configuration Tasks for Oracle Content Server
Task | Description | Documentation |
---|---|---|
This component provides hierarchical folder interface to content in Oracle Content Server. This task is mandatory. |
For information, see the section "Enabling and Disabling a Component" in the Oracle Fusion Middleware System Administrator's Guide for Universal Content Management. |
|
This component enables HTML renditions. Slide Previewer is available in WebCenter when both DynamicConverter and the WebCenterConfigure components are installed. (This component must be installed before installing the WebCenterConfigure component.) This task is optional but recommended. |
For information, see the section "Enabling and Disabling a Component" in the Oracle Fusion Middleware System Administrator's Guide for Universal Content Management. |
|
This component configures an instance of Oracle Content Server for WebCenter applications. It sets configuration settings and adds services among other things. (This component must be installed after installing the DynamicConverter component.) This task is mandatory. For information about the tasks this component performs, see Section 11.2.2.1.3, "What You Should Know About the WebCenterConfigure Component." |
For information, see the section "Enabling and Disabling a Component" in the Oracle Fusion Middleware System Administrator's Guide for Universal Content Management. |
|
This is a conversion server that manages file conversions for electronic assets such as documents, digital images, and motion videos. It also provides thumbnail functionality for documents and images and storyboarding for videos. You can use Oracle IBR to convert content items stored in Oracle Content Server. This task is optional. However, thumbnails or renditions in WebCenter applications do not display if Oracle IBR is not configured. |
For information, see the chapter "Configuring Oracle Inbound Refinery" in the Oracle Fusion Middleware Installation Guide for Oracle Enterprise Content Management Suite. |
|
Configure FileStore Provider |
This is required to store content files in the database. This task is optional. |
For information, see the section "FileStore Provider Information Page" in the appendix "System Properties and Settings Interface" in the Oracle Fusion Middleware System Administrator's Guide for Universal Content Management. |
Configure Oracle Content Server to use an LDAP-based identity store |
Oracle Content Server must be configured to use the same identity store LDAP server as Oracle WebCenter Spaces. In a production environment, Oracle Content Server must use an external LDAP based identity store. |
For information, see Section 11.2.2.3, "Configuring Security Between Oracle Content Server 11g and WebCenter Portal Applications" and "Configuring the LDAP Identity Store Service" in the Oracle Fusion Middleware Security Guide. |
Configure Secure Sockets Layer (SSL) |
SSL is required only when the type of Oracle Content Server connection is This task is optional. |
For information, see Section 31.7, "Securing the WebCenter Spaces Connection to Oracle Content Server with SSL." |
Configure Oracle HTTP Server (OHS) |
Configure OHS for Single-Sign On to function properly between Site Studio and Oracle Content Server UI. This task is optional. However if OHS is not configured, certain functionality will not be available, such as Document Manager document rendition support, advanced metadata edit, the IFRAME functionality, and so on. |
For information, see Appendix B, "Oracle HTTP Server Configuration for WebCenter" and the section "Configuring the mod_wl_ohs Module" in Oracle Fusion Middleware Administrator's Guide for Oracle HTTP Server. |
You can override the default search adapters and use Oracle SES to get unified ranking results for WebCenter resources such as, documents, pages, people, and so on. This task is optional. |
For information, see Section 21.5.3, "Setting Up Oracle Content Server for Oracle SES Search." |
|
Enable Site Studio components (SiteStudio, SiteStudioExternalApplications) |
Enabling the Site Studio components allows the use of Site Studio to create and use SiteStudio assets (region definitions and display templates) in Content Presenter. This task is optional. |
For information, see the section "Enabling and Disabling a Component" in Oracle Fusion Middleware System Administrator's Guide for Universal Content Management. See also Oracle Fusion Middleware Administrator and Manager's Guide for Site Studio. |
By default, the database used by Oracle Content Server is set up to provide metadata-only searching and indexing capabilities. However, you can modify the default configuration of the database to additionally support full-text searching and indexing. Configuring full-text searching and indexing capabilities is optional, but advisable. For full-text search, it is recommended that you use the OracleTextSearch option. OracleTextSearch index must always be in an Oracle database, regardless of the database type used for the main schema. This task is optional but recommended. |
For information, see the section "Configuring Oracle Text Search for Oracle Content Server" in Oracle Fusion Middleware Installation Guide for Oracle Enterprise Content Management Suite and the section "Site Studio Integration" in Oracle Fusion Middleware Application Administrator's Guide for Content Server. |
|
This component lets users convert wikis and blogs into PDFs. It requires OpenOffice's integration with IBR. |
See Section 11.2.2.1.1, "Enabling the Conversion of Wikis and Blogs into PDFs." For information about setting up OpenOffice with IBR, see chapters "Managing Conversions" and "Working with PDF Conversions" in Oracle Fusion Middleware Administrator's Guide for Conversion. |
|
The Documents service has the ability to use item level security to override the default Spaces document security model or to expose Oracle Content Server document security in a WebCenter Portal application. Using item level security allows Oracle Content Server folders (and their children) or individual documents to have unique security permissions. To enable the Documents service to support item level security, some parameters are set in Oracle Content Server. For example, This task is optional. |
For information, see Section 11.2.2.2.1, "What You Should Know About Item Level Security" and Section 11.2.2.2, "Configuring Oracle Content Server 11g to Support Item Level Security in All WebCenter Applications." |
|
Create Content Profiles |
WebCenter enables Oracle Content Server profiles to be used in a number of places within WebCenter applications:
This task is optional. |
For important considerations, see Section 11.2.2.1.4, "What You Should Know About Creating Content Profiles in Oracle Content Server." For information about creating content profiles, see the chapter "Managing Metadata" in the Oracle Fusion Middleware Application Administrator's Guide for Content Server. For information about mandatory fields for check-in, see the chapter "Checking In Files" in the Oracle Fusion Middleware User's Guide for Content Server. |
Before You Begin Before you can enable the conversion of wikis and blogs into PDFs in WebCenter applications, you must first set up the OpenOffice integration with IBR. For information, see "Setting PDF Files as the Primary Web-Viewable Rendition" in Oracle Fusion Middleware Administrator's Guide for Conversion.
How to Enable Conversion through OpenOffice As described in this section, enabling the conversion of wikis and blogs into PDFs requires you to first install the WebCenterConversions component, then configure OpenOffice, which converts HTMLs to PDFs, in the Inbound Refinery server and Oracle Content Server respectively.
Tip:
See also, "File Formats Converted to PDF by Open Office" at Oracle Fusion Middleware Administrator's Guide for Conversion.To install the WebCenterConversion component:
Log in to the Inbound Refinery server.
Expand the Administration node, then select Admin Server.
This displays the Oracle Content Admin Server page.
In the Component Manager, click the advanced component manager link.
This displays the Advanced Component Manager page.
In the Install New Component section, select WebCenterConversions.zip from ORACLE_HOME
/oracle.webcenter.ucm/install/
, then click Install.
The OpenOfficeConversion displays in the Disabled Components box.
Select OpenOfficeConversion and click Enable.
Restart the Inbound Refinery server.
To configure OpenOffice in Inbound Refinery:
In the Inbound Refinery server, under Conversion Settings, click the Conversion Listing link.
This displays the Conversion Listing page.
In the Conversions table, select the Accept checkbox for HtmToPDFOpenOffice
, as shown in Figure 11-1, and click Update.
Figure 11-1 HtmToPDFOpenOffice Selected in Inbound Refinery Server
The HtmToPDFOpenOffice
option that you just enabled in IBR will now display in the associated Oracle Content Server instance.
To enable OpenOffice in Oracle Content Server:
Log in to Oracle Content Server.
Expand the Administration node, then Refinery Administration, and then click File Formats Wizard.
Under Select File Types, select the checkbox for Convert HTM to PDF with OpenOffice (HtmToPDFOpenOffice), as shown in Figure 11-2, and click Update.
Figure 11-2 HtmToPDFOpenOffice Option Selected in Oracle Content Server
You can disable or hide Site Asset categories that the Site Studio users may not require when designing region display templates. The following are the Site Asset categories that are not needed for typical Content Presenter implementations, and therefore, can be removed:
Placeholder Definitions
Page Templates
Subtemplates
Native Documents
Other Media
Manager Configuration Settings
Conversion Definitions
To remove Site Asset categories for each site:
Run the Site Studio Designer and log into the site for which you want to disable these categories.
Click Edit Site Asset Categories, as shown in Figure 11-3.
Figure 11-3 Edit Site Asset Categories Button in Site Studio Designer
In the Site Asset Categories dialog, select a category that is not required by the users, and click X, as shown in Figure 11-4.
Consider the following when working with the WebCenterConfigure component (Table 11-1) of Oracle Content Server:
When a WebCenter application starts up, if the active connection is to an Oracle Content Server 11.1.1.4.0, or higher, and the WebCenterConfigure component is enabled, the following Workflows are seeded:
applicationNameWCAllApprover applicationNameWCAllReviewer applicationNameWCSingleApprover
where applicationName
is the application name specified in the Document Properties. For example, the following workflows will be seeded for an application named myOCSapp
:
myOCSappWCAllApprover myOCSappWCAllReviewer myOCSappWCSingleApprover
Note:
If the application name is longer than 14 characters, it is truncated to 14 characters (losing the characters off the end) before adding to the workflow names. For example if the application name isWebCenterApplicationName
, the workflow names will be: WebCenterAppliWCAllApprover
, WebCenterAppliWCAllReviewer
, and WebCenterAppliWCSingleApprover
.Enabling the WebCenterConfigure component allows for the following tasks (Table 11-2) in the Oracle Content Server:
Table 11-2 Tasks Associated with the WebCenterConfigure Component
Tasks | Pointers to Verify the Completion of Tasks |
---|---|
Enables accounts |
Oracle Content Server > Administration > Admin Server > General Configuration > Enable Accounts checkbox or
|
Allows updates to documents that are yet to be released |
Oracle Content Server > Administration > Admin Server > General Configuration > Additional Configuration Variables or
The setting is |
Disables the cache for folders |
or See the |
Adds metadata fields:
|
You can view, edit, and add metadata fields here: Oracle Content Server > Administration > Admin Applets > Configuration Manager > Information Fields tab. |
Sets Folder settings
|
Oracle Content Server > Administration > Folder Configuration > System Default Information Field Configuration Oracle Content Server > Administration > Folder Configuration > Information Field Inherit Configuration |
Adds the |
Oracle Content Server > Administration > Admin Applets > Workflow Admin > Options > Tokens menu |
Adds three |
If the |
Overrides certain behavior of the Site Studio Switch Content wizard to make Site Studio work in the WebCenter environment |
This provides access to the Site Studio Switch Content wizard and the Site Studio Contributor editor from within Content Presenter to allow for adding and editing Site Studio documents from WebCenter.
|
The fields described in the section "Content Check-In Form" (see the table) in the "User Interface" appendix in the Oracle Fusion Middleware User's Guide for Content Server are mandatory for Oracle Content Server. All content profiles must include them, otherwise the check-in will fail.
To ensure that upload using profiles is successful in all WebCenter applications, additional fields listed in Table 11-3 are mandatory for Oracle Content Server profiles. As indicated in this table, some fields can be added as hidden or information fields to the profile. They can also be added as a separate rule to be included in other profiles as needed.
Table 11-3 Required Fields for Profiles
Field Display Name | Field Name | Recommended Field Permissions Setting | Comments |
---|---|---|---|
Title |
|
EDIT |
User must enter a title. |
Content ID |
|
INFO |
Set to EDIT if you want to allow users to enter their own Content ID names. |
Folder |
|
INFO |
Set to EDIT if you want to allow users to override folder location. |
Type |
|
EDIT |
Recommend EDIT to allow for end user document type selection. |
Profile |
|
INFO |
Used to store profile that is associated with the content file. Do not set this field to Edit. |
Revision |
|
INFO |
Recommend setting it to INFO. Oracle Content Server auto-assigns the edit revision number. |
Security Group |
|
INFO |
Recommend setting it to INFO. WebCenter Spaces auto-assigns this value. |
Account |
|
EDIT |
Although Spaces auto-assigns this value, it is recommended that this field is editable or hidden to avoid errors. |
WorkflowAssignment |
|
INFO |
Must be set to INFO. Spaces manages this value. |
WorkflowApprover |
|
INFO |
Must be set to INFO. Spaces manages this value. |
Web Site Object Type |
|
INFO |
Must be set to INFO, or it should be hidden. Used by Content Presenter during SiteStudio contributor data file creation. |
Region Definition |
|
INFO |
Must be set to INFO, or it should be hidden only. Used by Content Presenter during SiteStudio contributor data file creation. |
Tags |
|
INFO |
Recommend setting it to INFO. Spaces manages this value. |
Page ID |
|
INFO |
Recommend setting it to INFO. Spaces manages this value. |
This section includes the following sections:
Section 11.2.2.2.1, "What You Should Know About Item Level Security."
Section 11.2.2.2.3, "How to Configure Additional Settings for WebCenter Portal Applications"
Oracle WebCenter allows custom permissions to be set on a file or a folder. This feature is referred to as Item level Security (ILS). Once configured, the feature can be accessed from the File menu > Security option when viewing a file or folder (See Section 34.6.1, "Managing Content").
Item level security is designed to replace the existing file or folder security with a custom set of permissions. When applied to a file, the custom permissions affect only that file. When applied to a folder, the updated security is propagated to all child files and folders recursively, stopping when a folder is encountered with its own custom permissions. The propagation does not affect a file with its own custom permissions.
Item Level Security cannot be applied to the root folder of a Space in the WebCenter Spaces application. This is so that the Space's security can be correctly restored on a file or folder when its item level security is removed.
Within the Oracle Content Server, item level security is implemented as a combination of ACL, account, and other metadata field settings. Oracle Content Server must be correctly configured to enable item level security. See, Section 11.2.2.2, "Configuring Oracle Content Server 11g to Support Item Level Security in All WebCenter Applications" and Section 11.2.2.3, "Configuring Security Between Oracle Content Server 11g and WebCenter Portal Applications."
What Happens in Oracle Content Server on Setting Custom Permissions
The following occurs in Oracle Content Server on setting custom permissions for a file or folder from the Item Level Security dialog:
The account is changed to account WCILS/
original_account
.
The ACL metadata fields, User Access List and Role Access List fields are updated with the custom permissions.
The Inhibit Propagation field is set to true
, to prevent ILS from overwriting an item's own custom security with a parent folder's custom permissions.
What Happens in Oracle Content Server on Removing Custom Permissions
Removing custom permissions from a folder or file attempts to revert the security on that item to the security set on the item's parent folder. When you remove custom permissions, the following changes take place within Oracle Content Server:
The item's account is changed to be the account of its parent folder.
The item's User Access List and Role Access List fields are cleared.
The Inhibit Update field is set to false
.
These changes are propagated in the same way as when the item level security was set.
Prerequisites for using Item Level Security in a WebCenter Portal Applications
The Item Level Security feature is compatible with an instance of Oracle Content Server that starts with a certain security configuration. This configuration is the WebCenter Spaces application's configuration of Oracle Content Server.
Note:
Oracle recommends using the Oracle Content Server standard security because it is efficient and scales easily for a large number of users and content objects compared with item level security. From an administrative perspective, Oracle Content Server's standard security is also easier to maintain. For information about configuring the standard security, see Section 11.2.2.3, "Configuring Security Between Oracle Content Server 11g and WebCenter Portal Applications."Once the standard Oracle Content Server security model is implemented, you can also enable item level security. In most scenarios item level security is not required, and therefore, it should not be implemented unless explicitly needed. Typical reasons for using item level security are application situations when the Oracle Content Server standard security models need to be overridden or supplemented to handle exception cases to security policies. Please be aware that there are performance impacts and additional administrative overhead when using item level security.
Item Level Security should only be used in a WebCenter Portal application when the Content Server security model:
Uses accounts in which all users are granted RWD (read, write, delete) on the application's security group, as well as accounts that are used to control the content item security. This is required so that when the account is changed to WCILS
, only the custom permissions determine the security on an item, and not the level of grant to the content item's security group.
Has ForceFolderSecurity
set to true
. This controls the propagation of folder security changes, as well as the setting of security on upload to a folder.
To configure item level security (ILS):
Log on to your Oracle Content Server instance.
From the Administration menu, choose Admin Server to open Component Manager.
In the Component Manager section, click the advanced component manager link.
In the Advanced Component Manager page, scroll down to the Disabled Components list, select RoleEntityACL, as shown in Figure 11-5, and then click Enable.
See Also:
"Setting Security Options for a File" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.Figure 11-5 Advanced Component Manager - RoleEntityACL Component
From the Options pane on left, select General Configuration.
Under the General Configuration page, in the Additional Configuration Variables box, add the following parameters:
UseEntitySecurity=1
SpecialAuthGroups=PersonalSpaces, applicationName
where:
SpecialAuthGroups
is a comma separated list of security groups that contains the content on which ILS can be specified. If in a WebCenter Spaces application users are to be provided ILS support, then the security group in which all Spaces content is created must be one of the SpecialAuthGroups
. For WebCenter Spaces, the security group is named the same as the Document Spaces Property's application name. (For WebCenter Portal applications, the applicationName
is the name of the security group in which content is created.)
Restart Oracle Content Server.
In addition to the steps described in Section 11.2.2.2.2, "How to Configure Item Level Security", ensure that all users by default are granted RWDA on the WCILS account. To do this, use the SET_DEFAULT_ATTRIBUTES service. For information about the SET_DEFAULT_ATTRIBUTES service, see the section "SET_DEFAULT_ATTRIBUTES" in Oracle Fusion Middleware Services Reference Guide for Universal Content Management.
To run the SET_DEFAULT_ATTRIBUTES service through a browser:
From a browser, log into Oracle Content Server as an administrative user.
View the source for the page, and find the value of the idcToken.
While in the same browser window, enter the URL in the format:
http://host:port/cs/idcplg?IdcService=SET_DEFAULT_ATTRIBUTES&dECPropSubKey=<Security Group>&dDefAttribs=account,WCILS,15&idcToken=<idcToken>&IsSoap=1
For example:
http://myhost.com:4444/cs/idcplg?IdcService=SET_DEFAULT_ATTRIBUTES&dECPropSubKey=Custom&dDefAttribs=account,WCILS,15&idcToken=1291297336399:6E324367FC9D2F8BE525F4CEBF4463FC&IsSoap=1
To configure Oracle Content Server 11g to work with a WebCenter Portal application, you must first set up content security and users in a development environment and then migrate them to a production environment. For detailed information about security, see also the chapter "Managing Security and User Access" in Oracle Fusion Middleware System Administrator's Guide for Universal Content Management.
This section describes the following mandatory steps:
Creating security groups: Security groups are required for folders so the folder content can be restricted or its access can be customized based on who should view, edit, or manage the folder content. To create security groups follow the steps in Section 11.2.2.3.1, "How to Create a Security Group using the Oracle Content Server Console."
Creating folders: Folders include content such as files, subfolders, images. To create folders, follow the steps in Section 11.2.2.3.2, "How to Create a Folder using the Oracle Content Server Console."
Creating roles: Roles are created with different permissions such as, read, write, delete, administer. First you must create roles in Oracle Content Server, as described in Section 11.2.2.3.3, "How to Create Roles using the Oracle Content Server Console"and then for the WebCenter Portal application, as described in Section 11.2.2.3.4, "How to Create Roles (Groups) using the Fusion Middleware Control Console."
Creating users: Users are assigned different roles based on their roles and responsibilities in their organizations. Create users as described in Section 11.2.2.3.5, "How to Create Users using the Fusion Middleware Control Console" and then grant roles to these users, as described in Section 11.2.2.3.6, "How to Grant a Role to a User using the Fusion Middleware Control Console."
Migrating security: Migrate these security groups, folders, users, and roles to your production environment. For information, see Section 11.2.2.3.7, "How to Migrate Security to a Production Environment." or directly go to Section 27.2.5, "Post-deployment Security Configuration Tasks."
The procedures described in this section apply to the Documents service (including wikis and blogs) and Content Presenter.
To create a security group:
Log into the Oracle Content Server Console as an administrator.
From the Administration menu, choose Admin Applets.
On the Administration Applet page, click User Admin to display the User Admin dialog.
From the Security menu, choose Permissions by Group.
In the Permission By Group dialog, click Add Group.
In the Add New Group dialog, enter a group name, for example, WikiBlog
.
Click OK.
This security group will be assigned to the Security folder that you will create in the next section.
To create a folder:
Log into the Oracle Content Server Console as an administrator.
From the Browse Content menu, choose Contribution Folders to display the root directory in which you will create a folder.
On the Contribution Folders page, from the New Item menu, choose New Folder to display the Hierarchy Folder Configuration page.
In the Virtual Folder Name field, enter a meaningful name, for example WikiBlog
.
Under the Folder Information section, in the Title field, enter a meaningful title, for example, WikiBlog
.
From the Security Group dropdown, select WikiBlog that you created as described in Section 11.2.2.3.1, "How to Create a Security Group using the Oracle Content Server Console".
All items in this folder will inherit the security from this security group.
Click Save.
To create roles:
Log into the Oracle Content Server Console as an administrator.
From the Administration menu, choose Admin Applets.
On the Administration Applet page, click User Admin to display the User Admin dialog.
From the Security menu, choose Permissions by Role.
In the Permission By Group dialog, click Add New Role.
In the Add New Role dialog, enter a name, for example, WikiBlog
.
Click OK. This displays the Permission By Role dialog.
In the Groups/Rights column, select the security group that you created earlier (for example, WikiBlog
), as described in Section 11.2.2.3.1, "How to Create a Security Group using the Oracle Content Server Console."
Click Edit Permissions.
In the Edit Permissions dialog, select all checkboxes: Read, Write, Delete, and Admin, and click OK.
The RWDA access is enabled, as shown in Figure 11-7.
Create another role, for example WikiBlogRO
, by performing steps 4 to 7.
Enable the Read permission for this role by following steps 8 to 10 and selecting the Read checkbox in the Edit Permissions dialog.
In this section you will create two roles: a role with read access and another role with full (read, write, delete, administer) access.
To create roles (groups):
Log into the Fusion Middleware Control Console as an administrator.
Under Domain Structure, click Security Realms.
In the table under the Summary of Security Realms section, click myrealm, for example.
IMPORTANT: myrealm uses the integrated LDAP that ships with Oracle WebCenter. For your enterprise implementation there may be a different LDAP, and therefore, you must use that instead of this integrated LDAP.
Select the Users and Groups tab and then the Groups subtab.
Under the Groups section, click New to display the Create a New Group section.
In the Name field, enter the name of the role to which you granted full access in Oracle Content Server (for example, WikiBlog
), as described in Section 11.2.2.3.3, "How to Create Roles using the Oracle Content Server Console", and click OK.
Create a role or group with the read permission (for example, WikiBlogRO
) by performing steps 5 and 6. The name of this role must match that you specified in Oracle Content Server, as described in Section 11.2.2.3.3, "How to Create Roles using the Oracle Content Server Console."
In this section you will create two users: a user for the read role and another for the full access (read, write, delete, administer) role.
To create users:
Log into the Fusion Middleware Control Console as an administrator.
Under Domain Structure, click Security Realms.
In the table under the Summary of Security Realms section, click myrealm, the built-in realm that works with the integrated LDAP.
Select the Users and Groups tab and then the Users subtab.
Under the Users section, click New to display the Create a New User section.
In the Name field, specify a name, for example Joe
.
In the Password field, specify a password.
In the Confirm Password field, enter the password again, and then click OK.
Create another user by performing steps 4 to 8.
In this section you will grant the roles you created in Section 11.2.2.3.4, "How to Create Roles (Groups) using the Fusion Middleware Control Console" to the users you created in Section 11.2.2.3.5, "How to Create Users using the Fusion Middleware Control Console".
To grant a role to a user:
Log into the Fusion Middleware Control Console as an administrator.
Under Domain Structure, click Security Realms.
In the table under the Summary of Security Realms section, click myrealm, the built-in realm that works with the integrated LDAP.
Select the Users and Groups tab and then the Users subtab.
In the table under the Users section, click the name of the user you created in Section 11.2.2.3.5, "How to Create Users using the Fusion Middleware Control Console", to display the settings section.
Select the Groups tab.
Under Parent Groups, in the Available column, select the role with the read permission (for example, WikiBlogRO
) that you created in Section 11.2.2.3.4, "How to Create Roles (Groups) using the Fusion Middleware Control Console".
Move this role to the Chosen column and click Save.
Repeat steps 5 to 8 and grant the role with the full access permission to another user you created.
For information about migrating security from a development environment to a production environment, see Section 27.2.5, "Post-deployment Security Configuration Tasks."
Please consider the following while configuring security for Oracle Content Server:
To secure identity propagation, you must configure SSL on Oracle Content Server. This is required when Oracle Content Server and your WebCenter application are not on the same system or the same trusted private network. For information, see Section 31.7, "Securing the WebCenter Spaces Connection to Oracle Content Server with SSL."
Oracle Content Server must be configured to use the same identity store LDAP server as WebCenter Spaces. For information, see Section 28.1, "Reassociating the Identity Store with an External LDAP Server."
None.
This section discusses the prerequisites for an Oracle Portal content repository in the following subsections:
For information on installing Oracle Portal, see Oracle Fusion Middleware Installation Guide for Oracle Portal, Forms, Reports and Discoverer.
Oracle Portal must be up-to-date with all the latest patches. For additional information about patches, see the product release notes. See also Oracle Fusion Middleware Administrator's Guide for Oracle Portal.
None.
Oracle Portal integration with Oracle WebCenter is read-only. It is not possible to create content in the portal from Oracle WebCenter.
You can expose Oracle Portal pages in WebCenter through the Federated Portal Adapter by publishing them as portlets in Oracle Portal. The following are not returned by the Federated Portal Adapter, and thus are not visible in Oracle WebCenter:
Seeded page groups:
Oracle Portal repository.
Oracle Portal design-time pages.
Pages of the following types:
Mobile.
URL.
Navigation pages.
Items of the following types:
Navigation items.
PLSQL items.
Portlet.
Portlet instance.
URL items.
Mobile items.
Page links.
Item links.
Items defined as:
Expired.
Hidden.
This section discusses the prerequisites for a file system content repository in the following subsections:
Caution:
File system connections must not be used in production or enterprise application deployments. This feature is provided for development purposes only. Connections created through the file system adapter can be used during the development of WebCenter Portal applications using Oracle JDeveloper.WebCenter Spaces applications do not support file system connections.
All operations are executed as the system user under which the JVM is running and therefore inherit its permissions.
This section contains the following subsections:
Section 11.5.1, "What You Should Know About Registering Content Repositories for WebCenter Spaces"
Section 11.5.2, "Registering Content Repositories Using Fusion Middleware Control"
Section 11.5.3, "Registering Content Repositories Using WLST"
Consider the following when registering Oracle Content Server repositories for WebCenter Spaces:
At start up, WebCenter Spaces creates seed data (if it does not already exist) in the primary/active/default repository for WebCenter Spaces.
A user name with administrative rights for the Oracle Content Server instance is required (Content Administrator
). This user will be used to create and maintain folders for WebCenter Spaces content and manage content access rights. The default content administrator is sysadmin
.
Administrative privileges are required for this connection so that operations can be performed on behalf of WebCenter users.
Root Folder
and Application Name
values:
Oracle does not recommend changing the Root Folder
and Application Name
values. However, if you change the Root Folder
value after configuring and running WebCenter Spaces, then you must also change the Application Name
value, and vice versa. That is, you must change both values (Root Folder
and Application Name
) to unique values if the WebCenter Spaces application already contains the seed data.
When you change these values, the existing seed data is not renamed in the Oracle Content Server repository. Instead, new seed data is created using the new values, when you start the application. Once the application is started, new WebCenter Spaces data is created under the new Root Folder
and existing data under the old Root Folder
is no longer available. This means that the Documents service will now be disabled in Spaces where the Documents service was previously enabled, prior to changing the Root Folder
.
Note:
Although theRoot Folder
and Application Name
values change, the old root content repository folder still appears in search results, like any other root folder in Oracle Content Server.For the active connection in WebCenter Spaces, the Root Folder
and Application Name
values are used to create the seed data in the WebCenter Spaces repository, to enable storage of the Space-related data.
The Root Folder
value is used as the name for the root folder within the content repository under which all Spaces content is stored. For the Root Folder
value, you must specify a content repository folder that does not yet exist. Use the format: /foldername
. For example: /MyWebCenterSpaces
. The Root Folder
cannot be /
, the root itself, and it must be unique across different WebCenter applications. The folder specified is created for you when the WebCenter application starts up. Invalid entries include: /
, /foldername/
, /foldername/subfolder
.
The WebCenter Spaces application within this content repository must have a unique name. For example: MyWCS
. The name must begin with an alphabetical character, followed by any combination of alphanumeric characters or the underscore character. The name specified here is also used to name document-related workflows, as follows: <applicationName><WorkflowName>
and <applicationName><WorkflowStepName>
. When naming workflows, only the first 14 characters of the Application Name are used.
The Application Name
value is used for the following:
To separate data when multiple WebCenter Spaces applications share the same content repository and should be unique across applications.
As the prefix to the seeded workflow and workflow steps.
The Application Name is also used as the prefix to the seeded workflow and workflow steps.
As the name of the security group.
As the prefix for the role (the name format is applicationName
User
)
To stripe users permissions on accounts for the particular WebCenter Spaces application.
To stripe default attributes for the particular WebCenter Spaces application.
For information about security groups and roles, see Managing Security and User Access for Content Server. For information about folders, see Folders and WebDav Administration Guide. These guides are available at http://download.oracle.com/docs/cd/E10316_01/owc.htm
.
To register a content repository:
Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application:
Do one of the following:
For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.
For WebCenter Portal applications - From the Application Deployment menu, choose WebCenter > Service Configuration.
From the list of services on the WebCenter Service Configuration page, select Content Repository.
To connect to a new content repository, click Add (Figure 11-8).
Enter a unique name for this connection, specify the content repository type, and indicate whether this connection is the active (or default) connection for the application. See Table 11-4.
Table 11-4 Manage Content Repository Connections
Field | Description |
---|---|
Connection Name |
Enter a unique name for this content repository connection. The name must be unique (across all connection types) within the WebCenter application. |
Repository Type |
Choose the type of repository you want to connect to. Select one of the following:
(WebCenter Spaces) If you are setting up the back-end content repository for WebCenter Spaces, that is, the repository used by WebCenter Spaces to store Space-related documents, you must select Oracle Content Server. |
Active Connection |
Select to make this the default or primary content repository for your WebCenter application. You can connect your WebCenter application to multiple content repositories; all connections are used. One connection must be designated the default (or active) connection. Do one of the following:
Deselecting this option does not disable the content repository connection. If a content repository is no longer required, you must delete the connection. |
(For the active connection in WebCenter Spaces only.) Enter additional details for the WebCenter Spaces repository. For information, see Section 11.5.1, "What You Should Know About Registering Content Repositories for WebCenter Spaces."
Enter connection details for the content repository. For detailed parameter information, see:
Table 11-5 Oracle Content Server Connection Parameters
Field | Description |
---|---|
RIDC Socket Type |
Specify whether Oracle Content Server connects on the content server listener port or the Web server filter, and whether the listener port is SSL enabled. Choose from:
For WebCenter Spaces, the Web option is not suitable for the active connection, that is, the back-end Oracle Content Server repository that is being used to store Space-related documents because it does not allow identity propagation. |
Server Host |
Enter the host name of the machine where the Oracle Content Server is running. For example: Server Host is required when the RIDC Socket Type is set to Socket or Socket SSL. |
Server Port |
Enter the port on which the Oracle Content Server listens:
This property corresponds to the IntradocServerPort setting in the Content Server configuration file, which defaults to port Server Port is required when the RIDC Socket Type is set to Socket or Socket SSL. |
Web URL |
Enter the Web server URL for the Oracle Content Server. Use the format: For example: Web URL is applicable when the RIDC Socket Type is set to Web. |
Web Service URL |
Enter the Web service URL required to connect to Oracle Content Server when using the JAX-WS protocol. Use the format: For example: Web Service URL is applicable when RIDC Socket Type is set to JAX-WS. |
Connection Timeout (ms) |
Specify the length of time allowed to log in to Oracle Content Server (in milliseconds) before issuing a connection timeout message. If no timeout is set, there is no time limit for the login operation. |
Authentication Method |
Choose from:
If an external application is used for authentication, use the Associated External Application drop down list to identify the application. If the application you want is not listed, select Create New to define the external application now. |
Web Server Context Root |
Enter the Web server context root for Oracle Content Server. Use the format When specified, several Oracle Universal Content Management (UCM) features based on iFrame are available in the WebCenter application. This includes:
The Web Server Context Root property is only applicable when the Authentication Method is set to Identity Propagation. Note: Specifying the Web Server Context Root is an indicator that the WebCenter application is front-ended by OHS. If you specify the Web Server Context Root and do not connect through OHS, a 404 error occurs while you attempt to edit the advanced metadata in the Document Viewer, upload using a profile, or click Details for a content item in a workflow in a Space. For information about setting up OHS to front-end WebCenter applications, see Appendix B, "Oracle HTTP Server Configuration for WebCenter". If your WebCenter application is connected to multiple UCM servers, Oracle recommends that each UCM server has a unique Web Server Context Root so that OHS re-direction works correctly. |
Associated External Application |
Select the external application used to authenticate users against the Oracle Content Server. Associated External Application is applicable when RIDC Socket Type is set to Web and also when the RIDC Socket Type is Socket or Socket SSL (with Authentication Method set to External Application). |
Client Security Policy |
Enter the client security policy to be used when the RIDC Socket Type is JAX-WS. For example: Leave this field blank if your environment supports Global Policy Attachments (GPA). |
Administrator User Name |
Enter a user name with administrative rights for this Oracle Content Server instance. This user will be used to fetch content type information based on profiles and track document changes for cache invalidation purpose. Defaults to |
Administrator Password |
Enter the password for the Oracle Content Server administrator. |
Key Store Location |
Specify the location of key store that contains the private key used to sign the security assertions. The key store location must be an absolute path. For example: Key Store Location is required when the RIDC Socket Type is set to Socket SSL. |
Key Store Password |
Enter the password required to access the keystore. For example: Key Store Password is required when the RIDC Socket Type is set to Socket SSL. |
Private Key Alias |
Enter the client private key alias in the keystore. The key is used to sign messages to the server. The public key corresponding to this private key must be imported in the server keystore. Ensure that the alias does not contain special characters or white space. For example: Private Key Alias is required when the RIDC Socket Type is set to Socket SSL. |
Private Key Password |
Enter the password to be used with the private key alias in the key store. For example: Private Key Password is required when the RIDC Socket Type is set to Socket SSL. |
Table 11-6 Connection Details - Oracle Content Server - Cache Details
Element | Description |
---|---|
Cache Invalidation Interval (minutes) |
Specify the frequency between checks for external Oracle Content Server content changes (in minutes). WebCenter automatically clears items that have changed from the cache. The default is 0 which means that cache invalidation is disabled. The minimum interval is 2 minutes. |
Maximum Cached Document Size (bytes) |
Enter a maximum cacheable size (in bytes) for Oracle Content Server binary documents. Documents larger than this size are not cached by WebCenter. The default is 102400 bytes (100K). Tune this value based on your machine's memory configuration and the types of binary documents that you expect to cache. |
Table 11-7 Oracle Portal Connection Parameters
Field | Description |
---|---|
Data Source Name |
Enter the JNDI DataSource location used to connect to the portal. For example: The datasource must be on the server where the WebCenter application is deployed. |
Connection Timeout (ms) |
Specify the length of time allowed to log in to Oracle Portal (in milliseconds) before issuing a connection timeout message. If no timeout is set, there is no time limit for the login operation. |
Authentication Method |
Specify how to authenticate users against Oracle Portal. Choose from:
If an external application is used for authentication, use the Associated External Application dropdown list to identify the application. |
Associated External Application |
Associate Oracle Portal with an external application. External application credential information is used to authenticate Oracle Portal users.You can select an existing external application from the dropdown list, or click Create New to configure a new external application now. |
Table 11-8 File System Connection Parameters
Field | Description |
---|---|
Base Path |
Enter the full path to a folder on a local file system in which your content is placed. For example: Caution: File system content must not be used in production or enterprise application deployments. This feature is provided for development purposes only. |
Click OK to save this connection.
Click Test to verify if the connection you created works. For a successful connection, the Test Status message displays the advice that to start using the new (active) connection, you must restart the managed server on which the WebCenter application is deployed.
The registered connections are now available to Documents service and Content Presenter task flows, which you can add to pages in WebCenter Spaces or WebCenter Portal applications. See also, "Working with the Documents Service" in the Oracle Fusion Middleware User's Guide for Oracle WebCenter.
Use the following WLST commands to register new content repository connections:
Oracle Content Server - createJCRContentServerConnection
File System - createJCRFileSystemConnection
Oracle Portal - createJCRPortalConnection
For command syntax and examples, see the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.
To configure a particular connection as the default connection, set isPrimary='true'
. See Section 11.6, "Changing the Active (or Default) Content Repository Connection".
For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands".
Note:
To start using the new (active) connection you must restart the managed server on which the WebCenter application is deployed. See "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.WebCenter applications support multiple content repository connections but only one content repository connection can be designated the active (or default) connection.
In WebCenter Spaces, the active connection becomes the default back-end repository for Space and Home Space documents and the repository must be an Oracle Content Server. The active connection is also used as the default connection for the Documents service and Content Presenter task flows.
For other WebCenter applications, the active connection becomes the default connection for Content Presenter, Document Manager, Document List Viewer, and Recent Documents, and so on. When no specific connection details are provided for these task flows, the default (active) connection is used.
This section contains the following subsections:
To change the active (or default) content repository connection:
Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application:
Do one of the following:
For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.
For WebCenter Portal applications - From the Application Deployment menu, choose WebCenter > Service Configuration.
From the list of services on the WebCenter Services Configuration page, select Content Repository.
The Manage Content Repository Connections table indicates the current active connection (if any).
Select the connection you want to become the active (or default) connection, and then click Edit.
Select the Active Connection checkbox.
Click OK to update the connection.
Click Test to verify if the connection you activated works. For a successfully activated connection, the Test Status message displays the advice that to start using the updated connection you must restart the managed server on which the WebCenter application is deployed.
Use the following WLST commands with isPrimary='true'
to designate an existing content repository connection as the default connection:
Oracle Content Server - setJCRContentServerConnection
File System - setJCRFileSystemConnection
Oracle Portal - setJCRPortalConnection
For command syntax and examples, see the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.
To subsequently disable a default content repository connection, run the same WLST command with isPrimary='false'
. Connection details are retained but the connection is no longer named as the primary connection in adf-config.xml
.
For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands".
Note:
To start using the new (active) connection you must restart the managed server on which the WebCenter application is deployed. See, "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.This section contains the following subsections:
Section 11.7.1, "Modifying Content Repository Connection Details Using Fusion Middleware Control"
Section 11.7.2, "Modifying Content Repository Connection Details Using WLST"
Section 11.7.3, "Modifying Cache Settings for Content Presenter"
To update content repository connection details:
Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application:
Do one of the following:
For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.
For WebCenter Portal applications - From the Application Deployment menu, choose WebCenter > Service Configuration.
From the list of services on the WebCenter Services Configuration page, choose Content Repository.
Select the connection name, and click Edit.
Edit connection details, as required. For detailed parameter information, see:
Click OK to save your changes.
Click Test to verify if the updated connection works. For a successfully updated connection, the Test Status message displays the advice that to start using the updated connection, you must restart the managed server on which the WebCenter application is deployed.
Use the following WLST commands to edit content repository connections:
Oracle Content Server - setJCRContentServerConnection
File System - setJCRFileSystemConnection
Oracle Portal - setJCRPortalConnection
For command syntax and examples, see the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.
To configure a particular connection as the active (or default) connection, set isPrimary='true'
. See Section 11.6, "Changing the Active (or Default) Content Repository Connection".
For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands".
Note:
To start using the updated (active) connection details, you must restart the managed server on which the WebCenter application is deployed. See "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.The content management code for Content Presenter, the Content Management Interoperability Services (CMIS) REST APIs, and so on, are shipped out of the box with local (in-memory) caches. This code does not use Coherence. You can enable Coherence for caches in the content-coherence-cache-config.xml
file. For WebCenter Spaces this file is stored in the ORACLE_HOME
/user_projects/applications/wc_domain/custom.webcenter.spaces.fwk/APP-INF/classes/
directory. For WebCenter Portal applications, developers must create the content-coherence-cache-config.xml
file in the application (EAR) classpath or server's system classpath.
A sample Coherence configuration file, as shown in Example 11-1, is provided within the content-app-lib.ear
file. This EAR file is located at: ORACLE_HOME
/as11gr1wc/webcenter/modules/oracle.webcenter.content.integration_11.1.1/content-app-lib.ear
). The sample file location is: /content-app-lib.ear/
APP-INF/classes/sample-content-coherence-cache-config.xml
file. You can copy this file and rename it to content-coherence-cache-config.xml
, and then set the values to meet customer's deployment needs. Table 11-9 describes the cache entries in this file.
Example 11-1 Sample Coherence Configuration File
<!DOCTYPE cache-config SYSTEM "cache-config.dtd"> <cache-config> <caching-scheme-mapping> <cache-mapping> <cache-name>repo.ucm.nodeUidCache.*</cache-name> <scheme-name>ContentNodeCaches</scheme-name> </cache-mapping> <cache-mapping> <cache-name>repo.ucm.nodePathToUidCache.*</cache-name> <scheme-name>ContentNodeCaches</scheme-name> </cache-mapping> <cache-mapping> <cache-name>repo.ucm.securityInfoCache.*</cache-name> <scheme-name>ContentNodeCaches</scheme-name> </cache-mapping> <cache-mapping> <cache-name>repo.ucm.typeNameCache.*</cache-name> <scheme-name>ContentTypeCaches</scheme-name> </cache-mapping> <cache-mapping> <cache-name>repo.ucm.typeNamesCache.*</cache-name> <scheme-name>ContentTypeCaches</scheme-name> </cache-mapping> <cache-mapping> <cache-name>binaryCache.*</cache-name> <scheme-name>ContentBinaryCaches</scheme-name> </cache-mapping> <cache-mapping> <cache-name>repo.ucm.searchCriteriaCache.*</cache-name> <scheme-name>ContentSearchCaches</scheme-name> </cache-mapping> <cache-mapping> <cache-name> repo.ucm.indexedFieldsCache.*</cache-name> <scheme-name>ContentSearchCaches</scheme-name> </cache-mapping> <cache-mapping> <cache-name>repo.ucm.securityUserCache.*</cache-name> <scheme-name>ContentSecurityCaches</scheme-name> </cache-mapping> <cache-mapping> <cache-name>repo.ucm.profileTriggerValueCache.*</cache-name> <scheme-name>ContentProfileCaches</scheme-name> </cache-mapping> </caching-scheme-mapping> <caching-schemes> <!-- The following schemes are all local. For a clustered deployment, a distributed, replcated, or other clustered scheme is recommended. See Coherence documentation for more information. --> <local-scheme> <scheme-name>ContentNodeCaches</scheme-name> <expiry-delay>1m</expiry-delay> <high-units>100</high-units> </local-scheme> <local-scheme> <scheme-name>ContentTypeCaches</scheme-name> <expiry-delay>30m</expiry-delay> <high-units>50</high-units> </local-scheme> <local-scheme> <scheme-name>ContentBinaryCaches</scheme-name> <expiry-delay>1m</expiry-delay> <high-units>100000</high-units> <unit-calculator> <class-scheme> <class-name>com.tangosol.net.cache.SimpleMemoryCalculator</class-name> </class-scheme> </unit-calculator> </local-scheme> <local-scheme> <scheme-name>ContentSearchCaches</scheme-name> <expiry-delay>5m</expiry-delay> <high-units>50</high-units> </local-scheme> <local-scheme> <scheme-name>ContentSecurityCaches</scheme-name> <expiry-delay>10m</expiry-delay> <high-units>50</high-units> </local-scheme> <local-scheme> <scheme-name>ContentProfileCaches</scheme-name> <expiry-delay>1h</expiry-delay> <high-units>100</high-units> </local-scheme> <!-- <class-scheme> <scheme-name>ContentDisabledCaches</scheme-name> <class-name>com.tangosol.util.NullImplementation$NullMap</class-name> </class-scheme> --> </caching-schemes> </cache-config>
Table 11-9 Cache Entries in content-coherence-cache-config.xml
Cache Entry Name | Description |
---|---|
|
Stores a list of nodes for a repository based on an ID. The size of this cache entry depends upon the number of nodes in the active repository.This cache expires based on when the node data is refreshed and how many times the data is modified from another application. Key - Node UID - String Value - A UCM Node object |
|
Stores a list of nodes for a repository based on a path. The size of this cache depends upon the number of nodes in the active repository.This cache entry expires based on when the node data is refreshed and how many times the data is modified from another application. The size and expiration time must be the same as that of Key - Node path - String Value - Node UID - String |
|
Stores cached security information for a node. The size of this cache depends upon the number of nodes in the repository. This cache expires based on the frequency of node security data updates. Key - Node UID - String Value - Security information for a node |
|
Caches Content Type information. The size of this cache depends upon the number of types in the repository. This cache expires based on when the type information is refreshed and how many times the types are modified from another application. Key - Content Type UID - String Value - A ContentType object |
|
Caches all the type names known to UCM. All type names are cached together (one key), and thus all expire at the same time. This cache expires based on the frequency of new types being created or removed. Key - There is only one key to this cache: " Value - An |
|
Caches binary property data. Only binaries that are smaller than the repository configuration property The size of this cache either depends on the number and frequency of the smaller binary properties (smaller than the This cache expires based on when the binary data is refreshed and how many times this data is modified from another application. Key - The Node UID and binary Property UID ( Value - The binary stream data - |
|
Caches a set of search query to parameters based on the UCM search grammar. The size of this cache depends upon the number of unique searches expected to be repeatedly performed. The expiration must be set to eventually expire unused searches and save on the cache memory. Key - A set of search query parameters. Value - A set of search query parameters, in UCM terms. |
|
Holds the indexed (searchable) system properties for the repository. There are three keys in this cache:
This cache expires based on the frequency of the indexed fields changes. Key - String Value - |
|
Caches the mapping between local user names (current application) and the name of the same user in UCM. The size of this cache depends upon the number of simultaneous and/or frequent users. This cache expires based on the frequency of user identity mapping updates. Key - Local user Id - String Value - UCM user Id - String |
|
Caches the profile trigger value for a given profile, so it is available when documents are created. The maximum number of entries in this cache is implicitly limited to the maximum number of profiles on the UCM server. The cache entry size is small. The primary entry to vary is the expiration, which depends upon how often the profile trigger field values are modified in UCM. These values change rarely once a profile is configured on the UCM system. Therefore, the expiration should be set appropriately. Key - The UCM profile name - String Value - The UCM profile trigger value - String |
This section contains the following subsections:
Section 11.8.1, "Deleting Content Repository Connections Using Fusion Middleware Control"
Section 11.8.2, "Deleting Content Repository Connections Using WLST"
Caution:
Delete a content repository connection only if it is not in use. If a connection is marked as active, it should first be removed from the active list, and then deleted.To delete a content repository connection:
Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application:
Do one of the following:
For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.
For WebCenter Portal applications - From the Application Deployment menu, choose WebCenter > Service Configuration.
From the list of services on the WebCenter Services Configuration page, choose Content Repository.
Select the connection name, and click Delete.
To effect this change you must restart the managed server on which the WebCenter application is deployed.
Use the WLST command deleteConnection
to remove a content repository connection. For command syntax and examples, see "deleteConnection" in the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.
For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands".
Note:
To effect this change you must restart the managed server on which the WebCenter application is deployed. See, "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.You can view, modify, and delete connection properties for the back-end Oracle Content Server repository that is being used by WebCenter Spaces to store Space and Home Space documents. Specifically, you can define the root folder under which Space content is stored, the name of the content repository administrator, and a unique application identifier for separating application data on the Oracle Content Server.
This section contains the following subsections:
To set content repository connection properties:
Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application. See Section 6.2, "Navigating to the Home Page for WebCenter Spaces".
From the WebCenter menu, choose Settings > Service Configuration.
From the list of services on the WebCenter Services Configuration page, choose Content Repository.
Select the connection name, and click Edit.
(For the active connection in WebCenter Spaces only.) Set connection properties for the WebCenter Spaces repository. For information, see Section 11.5.1, "What You Should Know About Registering Content Repositories for WebCenter Spaces."
Click OK to save your changes.
To start using the updated (active) connection properties, you must restart the managed server on which the WebCenter application is deployed.
The following commands are valid only for the WebCenter Spaces application to view, set, and delete properties for the Oracle Content Server repository that is being used by WebCenter Spaces to store Space and Home Space documents:
For command syntax and detailed examples, see the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.
For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands".
After setting up content repository connections, you can test them to make sure that you can access the content repository, as described in the following sections:
To verify a connection of the socket type web
, log in to the Web interface of Oracle Content Server as administrator
. You can obtain the URL of a socket type connection through Fusion Middleware Control as follows:
In Fusion Middleware Control, from the WebCenter menu, choose Settings and select Service Configuration (Figure 11-9).
On the Manage Content Repository Connections page, select the connection and click Edit (Figure 11-10).
On the Edit Content Repository Connection page, copy the Web URL (Figure 11-11).
Note:
Remove the/idcplg/
suffix from the URL before using it.The URL format is: http://
host_name
/
web_root
/
For example: http://mycontentserver/cms/
To verify the full state of an Oracle Portal connection:
In the Oracle WebLogic Administration Console, under Domain Structure, expand Services > JDBC, then double-click Data Sources (Figure 11-12).
On the Summary of JDBC Data Sources page, select the data source you intend to test (Figure 11-13).
In the Settings for datasource_name section, select the tabs Monitoring, then Testing. Select the data source target server, then click Test Data Source to test the connection (Figure 11-14).
By default, the maximum upload size for files is:
2 MB for WebCenter Portal applications. This default is imposed by Apache MyFaces Trinidad, which handles uploading files from a browser to the application server.
2 GB for WebCenter Spaces applications.
The WebCenter application developer can customize the default file upload size at design time by setting the UPLOAD_MAX_MEMORY
, UPLOAD_MAX_DISK_SPACE
, and UPLOAD_TEMP_DIR
parameters in the web.xml
file. For information about editing web.xml
, see Section A.1.2, "web.xml".
For more information, see "Setting Parameters to Upload Files to Content Repositories" in the Oracle Fusion Middleware Developer's Guide for Oracle WebCenter.