| Oracle® Fusion Middleware Administrator's Guide for Oracle WebCenter Interaction 10g Release 4 (10.3.3.0.0) Part Number E14107-05 |
|
|
View PDF |
| Oracle® Fusion Middleware Administrator's Guide for Oracle WebCenter Interaction 10g Release 4 (10.3.3.0.0) Part Number E14107-05 |
|
|
View PDF |
This chapter describes how remote servers and Web services help to manage the services available through Oracle WebCenter Interaction.
It includes the following sections:
Many of the objects in the portal use Web services, which are components that run on a logically separate computer from the one that runs the portal and communicate with the portal through HTTP. We refer to this separate computer as a remote server. The Web service architecture allows multiple types of remote services (authentication sources, content crawlers, outgoing federated searches, portlets, and profile sources) to share a logical remote server, making it easier to manage the computers that make up the portal.
Web services also allow you to share settings (sometimes rather complex settings) with the objects created from those services. For example, administrative users creating portlet Web services need a greater understanding of the structure of the portlet, because they must specify whether the portlet has preferences or whether it sends user information; whereas users creating portlets from that Web service might only must set configuration settings appropriate for a non-technical user.
In addition, Web services enable you to create composite applications that use functionality from multiple Web services. For example, you might have several Web services accessing an application that requires user credentials. Rather than creating a separate configuration page for each Web service and requiring users to specify the same information multiple times, you can create a link to these shared settings, allowing users to specify the information only once for all of these Web services.
Objects that use Web services follow this general structure:
The remote server contains the base URL and credentials.
The Web service defines configuration settings for the associated object: remote authentication source, remote content source (used to create remote content crawlers), outgoing federated search, portlet, and remote profile source.
The associated object defines any remaining configuration settings.
Remote servers group together Web services that are installed on the same computer and require the same type of authentication. With a remote server, you enter the base URL and authentication settings just once for multiple Web services, and, if you must move the Web services, you just must change the remote server settings.
Remote servers do not must be visible from beyond your firewall. The portal can function as a gateway to the content on the remote servers.
You can use a remote server to create the following administrative objects:
Search Web Service
For information on search Web services, see About Providing Search Access to External Repositories with Federated Searches.
Profile Web Service
For information on profile Web services, see About Importing User Profile Information.
Authentication Web Service
For information on authentication Web services, see About Importing and Authenticating Users and Groups.
Remote Portlet Web Service
For information on remote portlet Web services, see Chapter 8, "Extending Portal Services with Portlets."
Content Web Service
For information on content Web services, see Content Crawlers.
This section describes the following main tasks:
It also covers the following low-level tasks:
Remote servers group together Web services that are installed on the same computer and require the same type of authentication. With a remote server, you enter the base URL and authentication settings just once for multiple Web services, and, if you must move the Web services, you just must change the remote server settings.
Note:
For information on creating a remote server for Oracle WebCenter Pagelet Producer, see Creating the Oracle WebCenter Pagelet Producer Remote Server.
To create a remote server you must have the following rights and privileges:
Access Administration activity right
Create Web Service Infrastructure activity right
At least Edit access to the parent folder (the folder that will store the remote server)
To edit a remote server you must have the following rights and privileges:
Access Administration activity right
At least Edit access to the remote server
To create or edit a remote server:
Click Administration.
Open the Remote Server Editor.
To create a remote server, open the folder in which you want to store the remote server. In the Create Object list, click Remote Server.
To edit a remote server, open the folder in which the remote server is stored and click its name.
On the Main Settings page, complete the following tasks:
On the Properties and Names page, perform tasks as necessary:
On the Security page, perform tasks as necessary:
The default security for this remote server is based on the security of the parent folder.
If you are editing a remote server, on the Migration History and Status page, perform tasks as necessary:
Note:
The Migration History and Status page is not available when creating an object.
To delete a remote server you must have the following rights and privileges:
Access Administration activity right
Admin access to the remote server
To delete a remote server:
Click Administration.
Navigate to the remote server.
Select the remote server you want to delete and click the delete icon.
Note:
Deleting a remote server will break any associated objects.
You can specify the location of a remote server on the Main Settings page of the Remote Server Editor.
If the Remote Server Editor is not already open, open it now and display the Main Settings page.
In the Base URL text box, type the URL to the parent folder of the Web services installed on this server.
This can be the root of the Web Server (for example, http://server/) or a specific application or virtual directory (for example, http://server/app/). Because the URL specifies a folder rather than a specific resource, it should always end with a slash.
The portal must be able to resolve the server name. Therefore, you might want to use Fully-Qualified Domain Names (FQDNs) such as “http://server.companyname.com” rather than just “http://server”. In some cases, when the portal is in a demilitarized zone (DMZ), you might must use an IP address like “10.1.2.140”.
You need a remote server for each port (for example, http://server:8082/ requires a different remote server than http://server:7071/). You also need a separate remote server if some services use SSL (for example, https://server/).
Note:
If you are sending any type of basic authentication information (specified in step 2), and you are not using a secured network, such as a separate subnet or a Virtual Private Network (VPN) connection, we strongly recommend that the Base URL use SSL (the URL must begin with https://). Basic authentication uses Base 64 encoding, which can be easily decoded back to clear text.
You can specify the authentication needed to access a remote server on the Main Settings page of the Remote Server Editor.
If the Remote Server Editor is not already open, open it now and display the Main Settings page.
Under Base Authentication Type, specify what authentication information, if any, you want this remote server to pass to its associated Web services.
To use no authentication information, choose None.
To use credentials from a user's login, choose User's Basic Authentication Information.
Confirm that the portal configuration file has been edited so that the portal stores the user name and password in memory for as long as the user is logged in to the portal (as described in the Oracle Fusion Middleware Installation Guide for Oracle WebCenter Interaction for Windows or the Oracle Fusion Middleware Installation Guide for Oracle WebCenter Interaction for Unix and Linux. This option is not supported for configurations in which users log in without typing a password (for example, single sign-on or Remember My Password) because the password is not available to the portal.
To specify a user name and password, choose Administrator's Basic Authentication Information and type the user name and password in the associated text boxes.
This information is encrypted, stored in the portal database, and sent with all requests to this remote server.
You can enable users to access external Web applications through portlets, passing authentication information in portlet headers. To do so, you must specify a public encryption key on the Main Settings page of the Remote Server Editor.
If the Remote Server Editor is not already open, open it now. The Remote Server Editor displays the Main Settings page.
To send credentials in portlet headers, using RSA public key/private key encryption, in the Public Encryption Key box, enter the public key for RSA encryption.
Set up a lockbox in the Credential Vault Manager. For details, see Working with Lockboxes.
Associate the lockbox with the remote portlet Web service (on the Authentication Settings page). For details, see Creating or Editing a Remote Portlet Web Service.
Use the IDK to provide the private key for RSA encryption (see the Oracle Fusion Middleware Web Service Developer's Guide for Oracle WebCenter Interaction).
This section describes common tasks in the Web Services Editors:
Adding an Administrative Configuration Link to the Select Utility Menu
Sending Activity Rights from a Web Service to Associated Objects
Sending User Preferences from the Web Service to Associated Objects
Sending User Information from a Web Service to Associated Objects
Note:
This setting is available for authentication Web services, content Web services, profile Web services, remote portlet Web services, and search Web services.
If the Web Service Editor is not already open, open it now. The Web Service Editor displays the Main Settings page.
Under Server Information, you can establish and manage remote server association for this Web service:
To associate a remote server (or to change an existing association), click Browse, then, in the Choose Remote Server dialog box, choose the remote server you want to associate and click OK.
To edit the remote server, click its name.
To remove the remote server association, click Remove.
Note:
You specify the location of intrinsic portlet Web services and remote pagelet Web services differently than other Web services. See Creating or Editing an Intrinsic Portlet Web Service and Creating or Editing a Remote Pagelet Web Service
To specify the location of the Web service provider or code:
If the Web Service Editor is not already open, open it now. The Web Service Editor displays the Main Settings page.
For each URL setting, specify the location of the provider or code on which your Web service is based. If you associated a remote server, the base URL displays to the left of the box. You can either type a relative path, finishing the path that starts with the base URL (for example, /myPortlet/Portlet.htm or /myWebService/myProvider.asmx), or you can type an absolute path, ignoring the base URL (for example, http://myServer/myPortlet/Portlet.htm or http://myServer/myWebService/myProvider.asmx).
Authentication Web Services
In the Authentication URL box, type the path to the authentication provider.
In the Synchronization URL box, type the path to the synchronization provider.
Content Web Services
In the Container URL box, type the path to the crawl provider, which tells the portal how to navigate through the content hierarchy.
In the Document URL box, type the path to the document provider, which tells the portal how to get information from a document of this type.
In the Upload URL box, type the path to the upload provider, which tells the portal how to copy a document into the Document Repository. If you associated a remove server, you can type a relative path or an absolute path.
Profile Web Services
In the Synchronization URL box, type the path to the profile provider (the .asmx file).
Remote Portlet Web Services
In the Portlet URL box, type the path to the remote portlet code.
Search Web Services
In the Search URL box, type the path to the search provider.
If you are searching another Oracle WebCenter Interaction portal that runs .NET, use the format: http://hostname:portnumber/ptapi/Search.asmx
If you are searching another Oracle WebCenter Interaction portal that runs Java, use the format: http://hostname:portnumber/ptapi/services/PTSearchServiceSoap
Note:
This setting is available for authentication Web services, content Web services, profile Web services, remote portlet Web services, and search Web services.
To specify the Web service's time-out settings:
If the Web Service Editor is not already open, open it now. The Web Service Editor displays the Main Settings page.
For each time-out setting, specify how long you want the portal to try to get the content from the host computer. If the host computer does not return content before the time-out period ends, an error message displays (for example, to the user upon login, in the portlet, or in the job log upon completion of an associated authentication source job).
In each time-out text box, type the number of seconds or minutes you want the portal to wait; then, in the drop-down list click Second(s) or Minute(s).
Note:
The Portlet Timeout setting for remote portlet Web services and remote pagelet Web services and the SOAP Timeout setting for search Web services applies only to non-gatewayed content. You probably want to set a relatively short time for these settings because users might have to wait for the entire time-out period to elapse before a My Page, community page, or search results display.
The Gateway Timeout setting for remote portlet Web services, remote pagelet Web services, and search Web services applies only to gatewayed content (for example, linked content from Oracle WebCenter Collaboration that is not displayed on a My Page or community page). You can probably set a slightly longer time here than for the portlet timeout, because gatewayed content is often secured or of a more complicated nature and therefore users are willing to wait longer for it to display.
Note:
This setting is available for all Web services.
You can quickly disable a Web service at any time. For example, you might want to disable a Web service if you must do maintenance on the host computer or on the Web service itself.
If the Web Service Editor is not already open, open it now. The Web Service Editor displays the Main Settings page.
Under Status of Web Service, specify what should happen when a user tries to access authentication sources associated with this Web service (for example, through login or by running an associated authentication source job):
To allow this Web service to authenticate or synchronize users, click Enabled.
To display a message to users when they try to access this Web service, click Disabled with message and type a message in the box.
Note:
This setting is available for remote pagelet Web services and remote portlet Web services.
To specify caching settings for a Web service:
If the Web Service Editor is not already open, open it now.
Click the HTTP Configuration page.
Using the Minimum Cache Time and Maximum Cache Time settings, specify the amount of time you want the content to be cached. In the text box, type the number of seconds, minutes, hours, or days you want the portal to cache the content; then, in the drop-down list, click the appropriate period.
Note:
You should cache content for as long as possible, to lower the burden on your remote servers.
If the content should not be cached, you can disable caching on the portal by setting both the minimum and maximum to 0 (also, disable error suppression).
You can also control caching through the portlet or pagelet code. For more information on portlet caching, refer to the Oracle Fusion Middleware Web Service Developer's Guide for Oracle WebCenter Interaction.
If you want to display cached content if an error occurs, rather than displaying an error message, select Suppress errors where possible (show cached content instead). This option is enabled (selected) by default.
Note:
This setting is available for content Web services, remote portlet Web services, and search Web services.
To specify how gatewayed content is handled by the Web service:
If the Web Service Editor is not already open, open it now.
Click the HTTP Configuration page.
Under Settings, specify how gatewayed content is handled:
Select Use hosted display mode on gateway pages if you want to display gatewayed content in the entire region between the portal header and footer. Otherwise, the content is displayed within the portlet that presents the gateway pages. This setting allows users to maintain their portal navigation and other features while working in the remote application.
(Recommended) Select Transform JavaScript files to run JavaScript files of a remote Web application through the portal transformer. This ensures that pages are displayed correctly and that portal navigation is not lost.
(Recommended) Select Transform CSS files to run CSS files of a remote Web application through the portal transformer. This ensures that pages are displayed correctly and that portal navigation is not lost.
Note:
This setting is available for authentication Web services, content Web services, profile Web services, remote portlet Web services, and search Web services.
To allow users access to remote content they would not normally be able to access, you might must gateway the content. Gatewayed content is downloaded from the computer hosting the content to the portal.
Note:
Do not gateway content that is openly accessible over the Internet, as this will unnecessarily burden your portal servers.
If the Web Service Editor is not already open, open it now.
Click the HTTP Configuration page.
To specify gateway settings for a Web service:
To add a prefix for which you want to gateway content, click Add Gateway Prefix and type the prefix in the newly displayed box. For example, if you enter http://myServer/ContentCrawler/ as the prefix, all content having a URL beginning with this prefix will be gatewayed, and all other content will be left in its original location. If you associated a remote server on the Main Settings page, you can type a relative path (/myPortlet/) or an absolute path (http://myServer/myPortlet/). If you enter an absolute path, ignore the base URL.
To gateway everything on the remote server, type a period followed by a slash (./).
Note:
Gateway URL prefixes must end with a slash (/).
If you are creating or editing a remote portlet Web service and you want the content in the portlet to refresh when a gatewayed link with a particular prefix is clicked, in the Inline Refresh column, check the box next to the prefix.
To delete a prefix, select the prefix and click the delete icon.
To select or clear all of the prefix check boxes, select or clear the box to the left of Prefix.
Note:
This setting is available for authentication Web services, content Web services, profile Web services, and search Web services.
Your Web service might require object-specific configuration settings. If so, you can include a page for these settings in the editor for the object associated with the Web service. For example, you might have an authentication source that needs information to limit the users or groups imported into the portal, so you could include a page for these settings in the associated Authentication Source Editor.
If the Web Service Editor is not already open, open it now.
On the left, under Edit Object Settings, click Advanced Settings (for an authentication Web service or a profile Web service) or Advanced URL Settings (for a content Web service or a search Web service).
In the Service Configuration URL box, type the path to the configuration page.
Note:
If you associated a remote server, the base URL displays to the left of the box. You can either type a relative path, finishing the path that starts with the base URL (/myWebService/ServiceConfig.htm), or you can type an absolute path, ignoring the base URL (http://myServer/myWebService/ServiceConfig.htm).
Note:
This setting is available for content Web services and search Web services.
Your Web service might require administrative configuration settings that affect more than just one Web service. For example, you might have server settings that are stored in a remote database and requires administrative user authentication. Rather than creating a separate configuration page for each Web service and requiring users to specify the same information multiple times, you can create a link to these shared settings in the Select Utility menu, allowing users to specify the information only once for all of these Web services.
Because the link will have the same name as the Web service, do one of the following:
Give the Web service (and thus the link) a name that clarifies what the shared settings are for.
Create a Web service that is not used for anything but these links.
Note:
If you create a Web service specifically for the configuration links the Web service will not be used to create any associated objects, so you can use any URL for the URL settings on the Main Settings page.
To add an administrative configuration link to the Select Utility menu:
If the Web Service Editor is not already open, open it now.
On the left, under Edit Object Settings, click Advanced URL Settings.
In the Administration Configuration URL box, type the path to the configuration page.
Note:
If you associated a remote server, the base URL displays to the left of the box. You can either type a relative path, finishing the path that starts with the base URL (/myWebService/AdminConfig.htm), or you can type an absolute path, ignoring the base URL (http://myServer/myWebService/AdminConfig.htm).
Note:
This setting is available for content Web services and search Web services.
Your Web service might require user preferences that affect more than just one Web service. For example, you might have several Web services accessing an application that requires user credentials. Rather than creating a separate configuration page for each Web service and requiring users to specify the same information multiple times, you can create a link to these shared settings on the My Account page, allowing users to specify the information only once for all of these Web services.
Because the link will have the same name as the Web service, do one of the following:
Give the Web service (and thus the link) a name that clarifies what the shared settings are for.
Create a Web service that is not used for anything but these links.
Note:
If you create a Web service specifically for the configuration links the Web service will not be used to create any associated objects, so you can use any URL for the URL settings on the Main Settings page.
To add a user configuration link to the My Account page:
If the Web Service Editor is not already open, open it now.
On the left, under Edit Object Settings, click Advanced URL Settings.
In the User Configuration URL box, type the path to the configuration page.
Note:
If you associated a remote server, the base URL displays to the left of the box. You can either type a relative path, finishing the path that starts with the base URL (/myWebService/UserConfig.htm), or you can type an absolute path, ignoring the base URL (http://myServer/myWebService/UserConfig.htm).
Note:
To send these settings to a Web service, specify the names of the preferences you want to send on the Preferences page of that Web service, as described in Sending User Preferences from the Web Service to Associated Objects.
Note:
This setting is available for authentication Web services, content Web services, profile Web services, and search Web services.
To specify encoding style for a Web service:
If the Web Service Editor is not already open, open it now.
On the left, under Edit Object Settings, click Advanced Settings.
Under SOAP Encoding Style, specify how information from this Web service is encoded:
RPC/Encoded: Choose this setting if this Web service uses Java.
Document/Literal: Choose this setting if this Web service uses .NET.
Note:
This setting is available for content Web services and remote portlet Web services.
You can send objects associated with a Web service the activity rights settings for the user. For example, you must send a content crawler the activity rights for the user running the content crawler (this tells the content crawler which types of portal objects the user can create).
To specify which activity rights the Web service passes to associated objects:
If the Web Service Editor is not already open, open it now.
Click the Advanced Settings page.
Under Activity Rights, specify which activity rights settings you want to send to associated objects:
To send activity rights settings, click Add Rights, select the settings you want to add, clear the settings you want to remove and click OK.
To remove activity rights settings, select the settings you want to remove and click the remove icon.
To select or clear all of the activity rights settings check boxes, select or clear the box to the left of Rights.
To toggle the order in which the rights are sorted (ascending/descending), click Rights or click the icon to the right of that.
Note:
This setting is available for authentication Web services, content Web services, profile Web services, remote portlet Web services, and search Web services.
If the Web Service Editor is not already open, open it now.
On the left, under Edit Object Settings, click Authentication Settings.
Under Basic Authentication Settings, specify what authentication information, if any, you want this Web service to pass to its associated objects:
If you associated a remote server on the Main Settings page of the Web Service Editor and you want to use the authentication information specified for that remote server, choose Use Remote Server Basic Authentication Information.
To use credentials from a user's login, choose User's Basic Authentication Information. Confirm that the CaptureBasicAuthenticationForPortlets parameter in the portal configuration file has been set so that the portal stores the user name and password in memory for as long as the user is logged in to the portal (as described in Appendix A, "Configuring Portal Settings"). This option is not supported for configurations in which users log in without typing a password (for example, single sign-on or Remember My Password) because the password will not be available to the portal.
Note:
This setting is available only for content Web services, remote portlet Web services, or search Web services.
If you selected a lockbox, and want to use the credentials supplied by the user in the Password Manager for this lockbox, choose User's Lockbox Credentials.
Note:
This setting is available only for remote portlet Web services.
To specify a user name and password, choose Administrator's Basic Authentication Information and type the user name and password in the associated text boxes. This information is encrypted, stored in the portal database, and sent with all requests to this Web service.
Note:
This setting is available for content Web services, remote portlet Web services, and search Web services. However, remote portlet Web services can also send community and session preferences, so, for remote portlet Web services, refer to Sending General Settings from a Remote Portlet Web Service to Associated Portlets rather than this section.
Your Web service might require user preferences that affect more than just one Web service. For example, you might have several Web services accessing an application that requires user credentials. Rather than creating a separate preference page for each Web service and requiring users to specify the same user credentials multiple times, you can create a link on the My Account page, allowing users to specify these credentials only once for all of these Web services.
To send preferences from a Web service:
To create the link on the My Account page, in a Web service, specify the path to the user preferences link on the Advanced URL Settings page, as described in Adding a User Configuration Link to the My Account Page.
In each Web service, on the Preferences page, specify, by name, the user preferences you want to send to the objects associated with the Web service.
To specify which user preferences to send from the Web service to associated objects:
If the Web Service Editor is not already open, open it now.
On the left, under Edit Object Settings, click Preferences.
Specify which user preferences to send:
To send a user preference to the objects associated with this Web service, type the name of the preference in the box below User Preferences.
To include another user preference, click Add User Preference and type the name of the preference in the additional box.
To delete a user preference, select the preference and click the delete icon.
To select or clear all of the preference check boxes, select or clear the box to the left of User Preferences.
Note:
This setting is available for content Web services, remote portlet Web services, and search Web services.
You can send user information from an external source to objects associated with a Web service. This information can be either imported into the portal database or generated dynamically (with custom code) when a user logs in.
You use profile sources to import user information into the portal from an external user repository, and you use the User Information Property Map to map that imported information to user properties in the portal. Objects associated with Web services can use the imported information instead of having users enter this information on a separate preference page.
To send user information to objects associated with a Web service:
If the Web Service Editor is not already open, open it now.
On the left, under Edit Object Settings, click User Information.
If you want to send information mapped to user properties by default, under User Information Settings, select the desired properties.
Note:
The Host Page URL Query String setting sends the actual query string of the My Page or community that a user hits. Select this if you have custom code that requires the actual string (which can include extra query string parameters) rather than the simplified host page URL.
If you want to send other user information, under Additional User Info Settings, perform any of the following actions:
To send unmapped user information, click Add User Info and type the name of a user property in the field.
To send mapped user information, click Add User Properties, select the properties, and click OK.
To delete user information, select the setting you want to delete and click the delete icon.
To select or clear all of the settings check boxes, select or clear the box to the left of User Info.
Note:
This setting is available for authentication Web services, content Web services, profile Web services, remote pagelet Web services, remote portlet Web services, and search Web services.
Error tracing sends information to the portal's debugging tools, allowing you to troubleshoot problems by analyzing error logs. For information on how to set up and use the debugging tools, see Appendix B, "Logging Features."
If the Web Service Editor is not already open, open it now.
On the left, under Edit Object Settings, click Debug Settings.
Under Debugging Configuration, select whether to enable HTTP request and HTTP response tracing.
Under User Selection, select whether to enable tracing for a specific user. Otherwise, tracing is on for all users. To select a specific user, click Browse, select the user, and click OK.
Under Portlet Selection, select whether to enable tracing for a specific portlet associated with this Web service. To select a specific portlet, click Browse, select the portlet, and click OK.
Note:
This setting is only available for portlet Web services.
Note:
This setting is available for all Web services.
To view all the objects associated with a Web service:
If the Web Service Editor is not already open, open it now.
On the left, under Edit Object Settings, click Associated Objects.
Table 3-1 Information Displayed for Associated Objects
| Column | Description |
|---|---|
|
Name |
Displays the name of the associated object. To edit the associated object, click its name. |
|
Path |
Displays the location where the associated object is stored. |
|
Type |
Displays what type of object this is (such as a portlet or an authentication source). |
If you change the settings for a Web service, the changes will affect all objects displayed on the Associated Objects page.
|
 Copyright © 2011, 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|
