Oracle® Content Services Administrator's Guide 10g Release 1 (10.1.2) Part Number B25275-04 |
|
|
View PDF |
This chapter discusses the protocol servers supported by Oracle Content Services, and the client access paths and software for the supported protocols.
This chapter provides information about the following topics:
Users can connect to Oracle Content Services using protocols appropriate to their platform. For example, Windows users can use the Oracle Drive client or connect using Web Folders, Macintosh users can connect through WebDAV, and UNIX users can connect using FTP. Users on all platforms can connect using HTTP for browser-based access.
Oracle Content Services supports the following protocols:
HTTP is used for browser-based access. Use the following URL to access Oracle Content Services with HTTP:
http://server_name:port/content
FTP is used for file transfers across wide area networks such as the Internet.
The FTP protocol sends unencrypted passwords over the network. For this reason, users must create an FTP password for greater security. See the Oracle Content Services chapter of Oracle Collaboration Suite Security Guide for more information about FTP passwords.
In addition to FTP, FTPS is supported. You can access Oracle Content Services using either implicit or explicit FTPS. Because FTPS does not send unencrypted passwords over the network, an FTP password is not necessary.
WebDAV, Web-based Distributed Authoring and Versioning, is an HTTP-related protocol that is designed for wide area networks such as the Internet. Currently, the most widespread WebDAV client is the Web Folders extension to Windows Explorer, also known as Network Places in Windows 2000 and Windows XP. Oracle Content Services also provides WebDAV support for Macintosh users.
The Oracle Drive client provides Windows users with SMB-like drive mapping capabilities, while using WebDAV as the actual file protocol.
Table 4-1 lists some of the client platforms, protocols, and access methods supported by Oracle Content Services. See OracleMetaLink at http://metalink.oracle.com
for complete client certification information.
Table 4-1 Client Platforms and Protocol Support
Client Platform | Protocols Supported | Access UsingFoot 1 |
---|---|---|
Windows |
HTTP, WebDAV, FTP/FTPS |
Browser, Oracle Drive, Windows Explorer, FTP/FTPS client |
Macintosh (Mac OS 10.3) |
HTTP, WebDAV, FTP/FTPS |
Browser, WebDAV client, FTP client |
UNIX |
HTTP, FTP/FTPS |
Browser, command line |
Red Hat Linux Adv. Server 3.0 (Kernel 2.4.9-e.16) |
HTTP, FTP/FTPS |
Browser, command line |
Footnote 1 For all protocols, if the server to which you are connecting uses DHCP, then you must use the current IP address of the host in the connection syntax instead of the host name.
FTP can move large amounts of data faster than the other protocols. For bulk operations, such as migrating files from an existing system, FTP is the preferred protocol. FTP is disabled, by default, after Oracle Content Services is installed and configured.
Oracle Content Services also supports FTPS, which uses SSL to provide a confidential, integrity-protected channel. FTPS defines a mechanism to implement the FTP Security Extensions based on the TLS protocol. There is wide support for FTPS among FTP clients. Do not confuse FTPS with SFTP, a service of the Secure Shell that is not related to FTP. FTPS is also disabled, by default, after Oracle Content Services is installed and configured.
Note that if you define a policy on a folder or Library that requires users to enter data associated with uploaded content, users will not be able to place content in that folder or Library using FTP. This limitation is because the FTP protocol does not provide a facility to enter metadata.
This section contains the following topics:
After FTP or FTPS has been enabled, users can use FTP or FTPS with Oracle Content Services, as long as the following requirements are met:
An FTP or FTPS client must be installed on the local computer of the user.
The user must know which port number to use. The default port number for FTP and for explicit FTPS is 21; the default port number for implicit FTPS is 990.
For FTP only, each user must use a separate FTP password for greater security. Users can set their FTP password on the User Preferences page in the Oracle Content Services Web client.
Users who are not members of the default Site must specify their realm name when they access Oracle Content Services through FTP or FTPS, in the format username@realmname
.
Oracle Content Services supports several FTP Quote commands that users can issue during an FTP or FTPS session. See Appendix F, "FTP Quote Command Reference" for more information.
Note that users with multibyte user names cannot sign on to Oracle Content Services using FTP. For this reason, you should not create Oracle Content Services user names that contain multibyte characters.
You can enable FTP for Oracle Content Services so that users can upload and download files using FTP. FTP is disabled, by default, after Oracle Content Services is installed and configured.
To enable the Oracle Content Services FTP server:
Access the Oracle Collaboration Suite Control and go to the Content Services Home page.
You may want to change the default port number for the FTP server. To do this:
In the Administration section, click Server Configurations.
Click FtpServerConfiguration.
In the Properties section, click IFS.SERVER.PROTOCOL.FTP.Port.
In the Value field, enter the desired port number and click OK.
On the Edit Server Configuration page, click OK.
Return to the Content Services Home page, and in the Administration section, click Node Configurations.
Click the name of the node configuration that corresponds to the node where you want to run the FTP server. You can only run the FTP server on regular nodes; you cannot run FTP on HTTP nodes.
Scroll down to the Servers table and click FtpServer.
Select Active and Initially Started.
On the Edit Server page, click OK.
On the Edit Node Configuration page, click OK.
Return to the Content Services Home page and restart the node.
Repeat this procedure for any additional regular nodes on which you want to run FTP.
For security reasons, anonymous FTP access is disabled by default. If you want to enable anonymous access, you must first modify the FTP server configuration to allow anonymous access, then allow public access to particular folders in Oracle Content Services.
After public access has been enabled for a particular folder, users can connect directly to that folder using anonymous FTP. In most cases, anonymous users should use FTP links to connect. For example, if an administrator only enables public access to the folder /us/TestFiles/PublicViewing
, users would need to configure an FTP client to connect directly to that folder. Anonymous users would not be able to connect to the root folder and navigate to the PublicViewing
folder, because the us
and TestFiles
folders do not have public access enabled.
To modify the FTP server configuration to allow anonymous access:
Connect to the Oracle Collaboration Suite Control and go to the Content Services Home page.
In the Administration section, click Server Configurations.
Click FtpServerConfiguration.
In the Properties section, select IFS.SERVER.PROTOCOL.FTP.AnonymousAllowed and click Edit, or just click the property name.
Set the Value to true and click OK.
On the Edit Server Configuration page, click OK.
Return to the Content Services Home page and restart the node.
Before you can allow public access to a particular folder, you must ensure that the ability to grant public access has been enabled at the Site level.
To ensure that the ability to grant public access is enabled for the Site:
Connect to Oracle Content Services as a user with the Content Administrator and User Administrator roles, such as orcladmin
.
Change to Administration Mode.
Access the Sharing Properties for the root Site folder.
Ensure that the option Allow public access to be granted has been enabled.
To grant public access to a particular folder:
Connect to Oracle Content Services as a user with the Content Administrator and User Administrator roles, such as orcladmin
.
Change to Administration Mode.
Access the Sharing Properties for the folder to which you want to grant public access.
Add the special group Public to this folder. If you cannot add this group, make sure that you enabled the ability to grant public access at the Site level, as described in the previous procedure.
You can enable FTPS for Oracle Content Services so that users can upload and download files using FTPS. The FTPS protocol is disabled, by default, after Oracle Content Services is installed and configured. Users sign on to Oracle Content Services over FTPS using their regular single sign-on password.
There are two types of FTPS supported by Oracle Content Services: implicit FTPS and explicit FTPS. Implicit FTPS secures the channel on connection, while explicit FTPS (Auth TLS) secures the connection when the client issues an AUTH command. An explicit FTPS connection starts out as a regular FTP connection; the connection becomes secure only after the client issues an AUTH command. You can choose to enable the implicit FTPS server, the explicit FTPS server, or both.
To set up FTPS, you first need to use Oracle Wallet Manager to create a new wallet and obtain a security certificate. You must configure the wallet for automatic login. For more information, see Oracle Collaboration Suite Security Guide and Oracle Database Advanced Security Administrator's Guide.
After you have obtained a security certificate, you can use the Oracle Collaboration Suite Control to enable the Oracle Content Services FTPS servers.
To enable explicit FTPS:
Connect to the Oracle Collaboration Suite Control and go to the Content Services Home page.
In the Administration section, click Server Configurations.
Click FtpServerExplicitConfiguration.
Select IFS.SERVER.PROTOCOL.FTP.Port and click Edit, or just click the property name.
In the Value field, enter the appropriate Explicit FTPS port number (for example, 21) and click OK.
Select IFS.SERVER.PROTOCOL.FTPS.WALLET.Location and click Edit, or just click the property name.
Update the value with the location of the wallet file (for example, /CSHome/WALLET/cwallet.sso
) and click OK.
On the Edit Server Configuration page, click OK.
Return to the Content Services Home page and click Node Configurations in the Administration section.
Click the name of the regular node configuration that corresponds to the node where you want to run the Explicit FTPS server.
In the Servers section, select FtpsServerExplicit and click Edit, or just click the server name.
Select Active and Initially Started, then click OK.
On the Edit Node Configuration page, click OK.
Return to the Content Services Home page and restart the node.
To enable implicit FTPS:
Connect to the Oracle Collaboration Suite Control and go to the Content Services Home page.
In the Administration section, click Server Configurations.
Click FtpServerImplicitConfiguration.
Select IFS.SERVER.PROTOCOL.FTP.Port and click Edit, or just click the property name.
Update the Value with the appropriate Implicit FTPS port number (for example, 990) and click OK.
Select IFS.SERVER.PROTOCOL.FTPS.WALLET.Location and click Edit, or just click the property name.
Update the value with the location of the wallet file (for example, /CSHome/WALLET/cwallet.sso
) and click OK.
On the Edit Server Configuration page, click OK.
Return to the Content Services Home page and, in the Administration section, click Node Configurations.
Click the name of the regular node configuration that corresponds to the node where you want to run the Implicit FTPS server.
Select FtpsServerImplicit and click Edit, or just click the server name.
Select Active and Initially Started, then click OK.
On the Edit Node Configuration page, click OK.
Return to the Content Services Home page and restart the node.
The WebDAV protocol is enabled, by default, after Oracle Content Services is installed and configured.
Note that if you define a policy on a folder or Library that requires users to enter data associated with uploaded content, users will not be able to place content in that folder or Library using WebDAV. This limitation is because the WebDAV protocol does not provide a facility to enter metadata.
Use the following URL to access Oracle Content Services with WebDAV:
http://server_name:port/content/dav
The value for port
varies depending on your platform, and depending on whether OracleAS Web Cache is running. If OracleAS Web Cache is running, the typical values are:
7777 for UNIX systems
80 for Windows systems (unless port 80 is in use when the Applications tier is configured)
If OracleAS Web Cache is not running, the port number is typically 7778.
Users who are not members of the default Site must specify their realm name when they access Oracle Content Services through WebDAV, in the format username@realmname
.
Note that users with multibyte user names cannot sign on to Oracle Content Services using WebDAV. For this reason, you should not create Oracle Content Services user names that contain multibyte characters.
The user name that needs to be entered when authenticating against WebDAV and FTP can vary. The user name format depends on whether the user is a member of the default realm, and on the nickname attribute set for the realm in Oracle Internet Directory (uid
or mail
).
The default nickname attribute is uid
. You can use Oracle Directory Manager to view or change the nickname attribute for the realm; see Oracle Internet Directory Administrator's Guide for more information about using Oracle Directory Manager.
Table 4-2 summarizes the user name format that users need to enter for WebDAV and FTP, according to these two factors.
Table 4-2 User Name Format for Authenticating Against WebDAV and FTP
Realm Type | Nickname Attribute | Example User Names in Oracle Internet Directory | Example User Names to Enter When Authenticating Against WebDAV and FTP |
---|---|---|---|
Default realm Example: oracle |
uid |
user_name jsmith |
user_name jsmith |
Non-default realm Example: mycompany |
uid |
user_name jsmith |
user_name@mycompany jsmith@mycompany |
Default realm Example: oracle |
|
user.name@mydomain.com jsmith@anotherdomain.com |
user.name jsmith |
Non-default realm Example: mycompany |
|
user.name@mydomain.com jsmith@anotherdomain.com |
user.name@mycompany jsmith@mycompany |
This section describes how to install Oracle Drive, a Windows desktop client that uses the WebDAV protocol to access Oracle Content Services. After it is installed, Oracle Drive appears as a mapped drive in Windows Explorer. Oracle Drive also provides file synchronization capabilities between your local computer and Oracle Content Services.
Oracle Drive is available from the Oracle Collaboration Suite Downloads page. This page can be accessed from the Oracle Collaboration Suite Welcome page.
For information about which Windows platforms are supported by Oracle Drive, see OracleMetaLink at http://metalink.oracle.com
.
To install Oracle Drive:
On the Oracle Collaboration Suite Downloads page, click the Oracle Drive executable link.
In the File Download window, select Run this program from its current location, then click Yes in the warning dialog box.
You can also download the installation program to your local hard drive and run it from there. After downloading, double-click the executable file to begin installation.
On the Choose Setup Language screen, select a language and click OK.
On the Welcome screen, click Next.
On the Customer Information screen, select whether you want to install Oracle Drive for all users, or for the current user only. Then, click Next.
On the Choose Destination Location screen, accept the default installation directory, or click Change to select a different installation directory. Then, click Next.
On the Ready to Install the Program screen, click Install to install Oracle Drive, or click Back to change any values that you entered.
After the installation process completes, the Oracle Drive installer prompts you to add a shortcut icon to your desktop. Select Add Oracle Drive shortcut to the desktop if you want to add the icon, and click Next.
The Oracle Drive installer prompts you to restart your computer. Select Yes to restart your computer automatically, or select No and restart your computer manually.
Click Finish. If you selected No, I will restart my computer later, you must manually restart your computer to complete the Oracle Drive installation process.
For complete information about how to set up a WebDAV connection between Oracle Drive and Oracle Content Services, as well as information about how to use Oracle Drive, see the Oracle Drive Help.
You can choose to deploy the End-User Documentation Portal to provide your users with information about Oracle Content Services protocol access. The End-User Documentation Portal is a set of customizable HTML pages that provide an overview of Oracle Collaboration Suite clients and access methods, including information about how to connect to Oracle Content Services using the supported protocols.
The End-User Documentation Portal also includes links to the FAQ & Troubleshooting site on the Oracle Technology Network (OTN), as well as links to Oracle Collaboration Suite tutorials.
For information about deploying the End-User Documentation Portal, see "Managing the End-User Documentation Portal" in Chapter 5 of Oracle Collaboration Suite Administrator's Guide.