16 System Settings Overview
This chapter describes Oracle Enterprise Repository's System Settings that administrators use to configure basic operations and specific features.
This chapter contains the following sections:
16.1 Access System Settings
To access the system settings, perform the following steps:
-
Click System Settings in the sidebar on the Oracle Enterprise Repository Admin screen.
Figure 16-1 Oracle Enterprise Repository System Settings Page
Description of "Figure 16-1 Oracle Enterprise Repository System Settings Page"
The System Settings section opens in the main pane.
System Settings are organized into categories. Each category is further divided into feature groups.
-
Click the plus icon to expand the display of any category or feature group.
-
Click the minus icon to collapse the display.
16.2 Search for System Settings
System settings for particular features can be located using the System Settings Search.
-
Enter a search term in the System Settings Search box. The relevant category sections expand to display the relevant System Settings.
-
Click the Clear button to clear the search results.
16.3 Enable System Settings Properties
In some cases it may be necessary to enable specific properties in order to activate certain optional Oracle Enterprise Repository features. These properties are provided by Oracle Support.
-
Obtain the necessary system setting property.
-
Enter the system setting property in the Enable New System Setting text box.
-
Click Enable. The appropriate System Setting category will open in the lower pane.
-
Edit the system setting properties as necessary.
-
Click Save when finished.
16.4 Move Settings to Database
Exercising this option moves all system settings stored in property files to the database. This action cannot be reversed.
-
Click Move settings to database. All system settings are saved to the database. This is for a clustered environment. All servers in the clustered environment will now have one source for system settings.
For more information, see the Move Application Properties to the Database section in the Oracle Fusion Middleware Installation Guide for Oracle Enterprise Repository.
16.5 System Settings in Oracle Enterprise Repository
This section describes all the system setting available in Oracle Enterprise Repository.
This section contains the following topics:
16.5.1 Functional Settings
This section contains the following topics:
16.5.1.1 General User Interface
-
Default Browse Categorization
-
cmee.assettab.default-categorization
-
The list selection determines the initial asset categorization in the Browse Tree on the Assets screen.
Results in..
-
-
Default Browse Type
-
cmee.assettab.default-categorization-show-assettype
-
The True and False options toggle the default display of assets by Type in the Browse Tree on the Assets screen (subject to the system setting in Default Browse Categorization).
True Results in..
-
-
Sticky Registrar Queues
-
cmee.registrar.stickyqueues
-
The True and False options toggle the default display of the selected Asset Editor tab when browsing assets.
-
True: Each asset opens to the Asset Editor tab in view from the previously selected asset.
-
False: Defaults to the Overview tab for each asset viewed in the Asset Editor.
-
-
-
Table Zoom
-
cmee.assettab.multiplegroupelement.force-zoom
-
The True and False options toggle the ability to open table elements in their own window.
-
-
Repeat Table Header
-
cmee.assettab.multiplegroupelement.show-header-interval
-
The number entered in the text box determines the interval (number of rows) at which the table header repeats in large tables.
-
Value of 0 results in...
-
Value of 2 results in...
-
-
-
Show All Detail In Tabs
-
cmee.framework.show-as-tabs
-
The True and False options toggle the default display of the asset detail.
-
True results in the tabbed view...
-
False results in the standard view...
-
-
-
Long Date Format Specification
-
cmee.server.date.format.long.default
-
Specifies the date format for the display of full date information (yyyy-MM-dd HH:mm:ss z).
Results in..
-
-
Short Date Format Specification
-
cmee.server.date.format.short.default
-
Specifies the date format for the display of abbreviated date information (yyyy-MM-dd).
-
Similar to Long Date Format Specification.
-
-
-
Full Name Format
-
enterprise.defaults.fullname.format
-
Specifies the format for the display of user names. Can contain the strings "{prefix}", "{first}", "{middle}", "{suffix}" and punctuation immediately following any of these name parts in any order. Extra space is trimmed.
-
Note: Changes to this setting require server restart.
Results in..
-
-
-
Show System-Supplied Relationships
-
cmee.show-system-supplied-relationships
-
The True and False options toggle the display of system-supplied relationships in the Asset Editor tab and in the asset detail. The False setting will hide system-supplied relationships in the Asset Editor's Relationships tab and in the asset detail; however, they will remain visible in the Asset Editor's Configure Relationships dialog.
System-supplied relationships are used for system-specific relationships within Oracle Enterprise Repository, such as allowing for more complex matches when doing asset updates. Therefore, users cannot create or delete system-supplied relationships, nor can they modify a system-supplied relationship's direction, which is always read-only.
-
-
Display Name Field
-
enterprise.defaults.displayname.field
-
The list selection determines the information displayed for the user.
Note: Changes to this setting require server restart.
Results in..
-
-
Display Name - Full Name and Initial
-
enterprise.defaults.fullname.middleasinitial
-
When a user's middle name is supplied, the True and False options toggle the display of the middle name in full or as an initial.
True results in...
False results in..
-
16.5.1.2 Search
-
Save Searches
-
cmee.asset.registry.saved.searches
-
The True and False options toggle the Save Searches feature. This feature allows search criteria to be saved and reused.
True displays the Saved Searches section in the sidebar on the Assets screen, as illustrated below.
-
-
Search Indexed Fields
-
cmee.search.general.include.indexedfields
-
The True and False options toggle the inclusion of indexed fields in general asset searches.
-
-
Search Categorizations
-
cmee.search.general.include.categorizations
-
The True and False options toggle the inclusion of categorizations in general asset searches.
-
-
More Search Options Categorization Default Visibility
-
cmee.search.advanced.categorizations.visible
-
The True and False options toggle the default display of the Categorizations tree in the expanded form and included in the More Search Options dialog.
False results in..
Figure 16-20 More Search Options - Categorizations Tree Not Expanded
Description of "Figure 16-20 More Search Options - Categorizations Tree Not Expanded"
True results in..
Figure 16-21 More Search Options - Categorizations Tree Expanded
Description of "Figure 16-21 More Search Options - Categorizations Tree Expanded"
-
-
Search Specific Field
-
cmee.search.specific.field
-
The True and False options toggle the ability to search specific fields during Standard Searches by identifying the field to be searched in the Keyword text box.
As illustrated below, the string description:MyAsset will search for the keyword the MyAsset in the Description field of every asset in the Repository.
-
-
Confirm Empty Search
-
cmee.empty.search.confirm
-
The True and False options toggle the display of a warning message when a user performs a search on a blank string.
True displays a warning message.
-
-
Minimum Number of Characters for User Search
-
cmee.users.min.text.search
-
The numerical value entered in the text box determines the minimum number of characters required to perform a search to locate user information.
Attempts to perform a user search with fewer than the minimum number of characters results in a warning message.
-
16.5.1.3 Print Asset Detail via PDF
-
Use default XSLT for asset types
-
cmee.asset.pdf.xslt.default
-
The True and False options specifies that when exporting an asset to PDF, a default asset type is used. Failing its existence, an error is shown.
-
-
PDF Asset Export Destination
-
cmee.asset.xml.paths.export-destination
-
Text entered in the text box identifies the PDF asset export destination.
-
-
PDF Asset Export Destination URL
-
cmee.asset.xml.paths.export-destination-url
-
Text entered in the text box identifies the PDF asset export destination URL.
-
-
PDF Asset XSL Directory
-
cmee.asset.xml.paths.xsl-source
-
Text entered in the text box identifies the PDF asset XSL directory.
-
-
PDF Asset Generated PDF Destination
-
cmee.asset.xml.paths.out-destination
-
Text entered in the text box identifies the PDF asset generated PDF destination.
-
-
PDF Asset Generated PDF Destination URL
-
cmee.asset.xml.paths.out-destination-url
-
Text entered in the text box identifies the PDF asset generated PDF destination URL.
-
-
PDF Asset Export WebApp URL
-
cmee.asset.xml.paths.webapp-url
-
Text entered in the text box identifies the PDF asset export WebApp URL.
-
16.5.1.4 Projects and Navigator
-
Enable Projects
-
cmee.projects.enabled
-
The True and False options toggle the support of multiple projects.
-
-
Navigator and Project Hierarchy
-
cmee.projecttool.advanced
-
The True and False options toggle advanced project options including the Navigator and project hierarchy.
-
-
Navigator Support for Microsoft JDK
-
cmee.navigator.force-msjdk-support
-
The True and False options toggle the use of an alternative Navigator applet that is compatible with Microsoft's applet plugin for Internet Explorer.
-
-
User Defined Projects
-
cmee.extraction.user-projects.enable
-
The True and False options toggle the feature that allows users to create a project on the fly during the asset Use/Download process.
True results in...
False results in...
-
-
User Defined Projects - Prefix
-
cmee.extraction.user-projects.prefix
-
As illustrated below, text entered in the property text box becomes the prefix for any user-defined projects. This is useful for visual grouping in reports. (User-defined Projects must be enabled.)
Results in..
-
-
Producing Projects
-
cmee.project.producing.enabled
-
The True and False options toggle the display of the Producing Projects section in the Asset Submission dialog (Standard Submission via the Submit and Asset link on the Oracle Enterprise Repository Assets screen.)
True results in...
False results in...
-
-
Advanced Project Option - Categorization
-
cmee.projecttool.categorizations
-
The True and False options toggle the assignment of categorizations to projects.
-
-
Enable Project Reported Asset Value
-
cmee.projecttool.assetvalue.enabled
-
The True and False options toggle the metrics of the Reported Asset Value for projects.
-
16.5.1.5 Assets in Progress
-
View Assets in Progress
-
cmee.asset.in-progress.visible
-
Select True to enable the ability to see assets in progress outside the Asset Editor.
-
16.5.1.6 Policy Management
-
Enable Compliance Templates (See Figure 16-33)
-
cmee.compliance-template.enable
-
Enables the Compliance Template System.
-
-
Enable Asset Policies
-
cmee.asset-policy.enable
-
Enables the Policy Management System.
-
-
Collapse Policy Assertions
-
cmee.asset-policy.collapse.assertions
-
Collapse the display of assertions by default when showing applied policies in the Asset detail.
-
-
Asset Policy Relationship
-
cmee.asset-policy.relationship
-
Defines the relationship type within the system to use for policy assignment - it should be a Two-way, Order Matters relationship.
-
16.5.1.7 Notifications
-
Asset Use Notification
-
cmee.extraction.notify-maintainer
-
The True and False options toggle the feature that automatically sends an email to the notification address listed for an asset when that asset is used.
-
When an email is sent, the following algorithm is used to determine the destination address:
-
If the asset has a notification address, use that as the email destination,
-
else, if the system setting cmee.extraction.default.maintainer.email has a value, use that value as the destination address,
-
else, if there is a "submitted-by" user that has an email address, use that email address,
-
else, if there is a "created-by" user that has an email address, use that email address,
-
else, do not send a usage notification email.
-
-
-
Default Email Address for Asset Use Notification
-
cmee.extraction.default.maintainer.email
-
This system setting is used to specify the default destination email address for notifications related to usage sent by the system.
-
-
System Registrar Email
-
cmee.registrar.email
-
Fill in the text box with the registrar's email address, to be used in auto-generated email messages.
-
-
System Registrar Alternate Notification
-
cmee.registrar.email.enable
-
Allows notification emails to be sent to the System Registrar email address when the notification email has not been set on an asset.
-
-
Access Administrator Email Address
-
cmee.security-admin.email
-
Fill in the text box with the email address of the individual(s) to whom user- and access-related auto-generated emails are to be sent. This includes notifications sent when unapproved LDAP users are added to the user directory.
-
-
Enable Reminder Email
-
cmee.extraction.notification.enabled
-
Enables notification via email to update the status of asset usage and value metrics.
-
-
Reminder Delay
-
cmee.extraction.initial.delay
-
Fill in the text box with a numeric value indicating the number of days to wait after a user downloads an asset before sending a reminder to complete the Update Status form (see below).
-
-
Reminder Delay - Subsequent
-
cmee.extraction.subsequent.delay
-
Fill in the text box with a numeric value indicating the number of days to wait after the initial usage status reminder message before sending subsequent reminders.
-
16.5.1.8 Access Control
-
Custom Access Settings
-
cmee.customaccesssettings.enabled
-
Enables advanced custom access settings.
-
-
Custom Access Settings on Assets
-
cmee.customaccesssettings.asset
-
Enables advanced custom access settings on assets.
-
-
Custom Access Settings on Files
-
cmee.customaccesssettings.file
-
Enables custom access settings on files.
-
-
Ability to toggle all permissions
-
cmee.security.gui.toggleall
-
Enables the GUI control to allow an administrator to toggle all permissions one role at a time.
-
16.5.1.9 Software File Identification (SFID)
-
Enable Automated Usage Detection
-
cmee.usagedetection.enable
-
Enables the Automated Usage Detection plug-in to manage SFIDs, and allow automated detection of possible usage.
-
-
Enable Harvesting of Unrecognized SFIDs
-
cmee.sfid.harvesting.enable
-
Enables the collection of information related to detected SFIDs that are not yet registered in the system.
Figure 16-38 Software File Identification (SFID)
Description of "Figure 16-38 Software File Identification (SFID)"
-
16.5.1.10 Use - Download
-
Asset Usage Custom Field List
-
cmee.extraction.exported-custom-field.
-
This unique setting allows the creation of Custom Asset Usage Fields.
Note:
This property appears with a period at the end. When you enter this property in the Search field, enter the property along with the period.
-
-
Enter the property name in the Enable New System Setting box and press Enter.
-
As necessary, click Add to open additional text boxes.
-
Enter a name for each additional Custom Usage Field in the corresponding text box.
-
Click Save when finished. The new Custom Usage Fields appear in the Use - Download dialog.
16.5.1.11 Custom Links
This group of settings controls the configuration and display of custom links on the right side of the Oracle Enterprise Repository menu bar.
-
Custom Link 1
-
cmee.tool.show-marketplace
-
The True and False options toggle the display of Custom Link 1.
Figure 16-43 Custom Link 1 and Custom Link 2
Description of "Figure 16-43 Custom Link 1 and Custom Link 2"
(Illustrates both Custom 1 Link and Custom 2 Link set to True.)
-
-
Custom Link 1 Label
-
cmee.tool.marketplace.label
-
Text entered in the text box will appear as the label for Custom Link 1 on the Oracle Enterprise Repository menu bar.
-
-
Custom Link 1 URL
-
cmee.tool.marketplace.url
-
Enter the URL for Custom Link 1.
-
-
Custom Link 1 Target Frame
-
cmee.tool.marketplace.target
-
Specifies the frame in which to open Custom Link 1
-
-
Custom Link 2
-
cmee.tool.show-marketplace
-
The True and False options toggle the display of Custom Link 2.
-
-
Custom Link 2 Label
-
cmee.tool.marketplace.label
-
Text entered in the text box will appear as the label for Custom Link 2 on the Oracle Enterprise Repository menu bar.
-
-
Custom Link 2 URL
-
cmee.tool.marketplace.url
-
Enter the URL for Custom Link 2.
-
-
Custom Link 2 Target Frame
-
cmee.tool.marketplace.target
-
Specifies the frame in which to open Custom Link 2.
-
-
Custom Help URL
-
cmee.tool.help.url
-
Specifies a custom URL for the Help link.
Note: Oracle Enterprise Repository help files are hosted remotely by default. If necessary, Help files can be hosted in your local environment. Change this setting to reflect the location of the Help files.
-
16.5.1.12 Reports
-
Report Server URL
-
oracle.reports.server.url
-
Specifies a custom URL for the report server link.
-
-
Report Server Endpoint URL
-
oracle.reports.server.endpoint.url
-
Specifies a custom URL for the Web Service endpoint to authenticate against the report server.
-
-
Report Server Username
-
oracle.reports.server.username
-
Specifies the username credential for the report server.
-
-
Report Server Password
-
oracle.reports.server.password
-
Specifies the password credential for the report server.
-
-
Enable PDF Output for Reports
-
oracle.reports.pdf.enable
-
Enables PDF Output for Reports.
-
-
Enable Excel Output for Reports
-
oracle.reports.excel.enable
-
Enables Excel Output for Reports.
-
16.5.1.13 Miscellaneous
-
Asset Submission File Requirement
-
cmee.submission.file.required.enable
-
When enabled, a user performing a Standard Asset Submission is required to provide a file location URL or upload files.
-
-
Consumer Survey
-
cmee.extraction.consumer-survey.enable
-
The True and False options toggle the display of the complete asset usage Update Survey, available for any asset listed in the Asset Usage section of the My Stuff page.
True displays the full survey...
False displays only the Status list.
-
-
Default Usage Rejection Reason
-
cmee.default.usage.rejection.reason
-
Use the list to select the default asset rejection reason that is recorded when an asset is rejected when updating the status of the asset usage in the My Stuff section.
Figure 16-48 Default Usage Rejection Reason
Description of "Figure 16-48 Default Usage Rejection Reason"
-
-
Enable Type Manager
-
cmee.typemanager.enabled
-
The True and False options toggle the ability to display Type Manager.
True displays the Type Manager when you select the Manage Types option in the Asset Editor. False does not display the Type Manager.
-
-
Export Assets into a Microsoft Excel spreadsheet
-
cmee.asset.registry.export.excel
-
The True and False options toggle the ability to export asset detail information to an external Microsoft Excel spreadsheet.
True displays the Export to Excel menu selection in the asset search results frame and the Excel button in the asset detail.
False removes the menu selection and button.
-
Within the context of Oracle Enterprise Repository, Affinity is the condition that occurs when two or more assets are deployed in the same project. The Affinity element will appear in the asset detail for each asset that meets this condition, and will list other assets that have (deployed) projects in common.
The following Affinity System Settings determine the specific behavior of the Affinity element and its contents.
-
Affinity Threshold
-
cmee.assettab.affinity.threshold
-
If the number of affinity matches exceeds the numerical value entered for this setting, a View All Affinity Assets" link appears in the Affinity element in the asset detail.
-
-
Affinity Minimum Project Count
-
cmee.assettab.affinity.minimum
-
The numerical value entered in this field determines the minimum number of projects to require inclusion in for assets to appear in Affinity section on Asset Detail page.
If the number of projects that have consumed the asset is less than the supplied numerical value, the Affinity element will indicate that the display criteria have not been met.
-
16.5.2 Server Settings
This section contains the following topics:
16.5.2.1 General
-
Admin Role
-
enterprise.security.roletype.admin
-
The text entered in this box designates the name applied to the role that has unlimited administrative rights and permissions within Oracle Enterprise Repository.
-
-
Company Name
-
cmee.enterprisetab.homepageselection.enabled
-
The True and False options toggle the ability to assign a specific homepage based on user role or department assignment.
True assigns a specific homepage based on user role or department. False displays the default home page.
-
-
Enable Homepage Selection
-
cmee.server.companyname
-
Enter the name of your company in the text box.
-
-
Homepage
-
cmee.enterprisetab.homepage
-
The default URL points to the default Oracle Enterprise Repository homepage, as it appears in the main (right) frame.
Change this URL as necessary to load a different page as the Oracle Enterprise Repository homepage.
-
-
Default Character Encoding
-
cmee.server.defaultencoding
-
The default character encoding to use in the system (defaults to the JVM default).
-
Examples are UTF-8 and ISO-8859-1. UTF-16 is not supported.
-
-
Enable Custom Unique Element
-
cmee.unique-element.enable
-
The True and False options toggle the ability to enable an additional plug-in for Types, which defines a unique constraint additional to the Name/Version pair that is used by default.
-
-
Unique Element Per Type
-
cmee.unique-element.per-assettype
-
The True and False options toggle the ability to make the Unique Element plugin pertain to each Type individually.
-
-
Asset Editor Disable Auto-refresh Tree
-
cmee.asseteditor.disable-autorefresh-tree
-
The True and False options toggle the ability to disable the auto-refresh of tree whenever user clicks Accept, Submit, or Register.
-
16.5.2.2 Server Resources
-
Database Connection Name
-
enterprise.dbaccess.connectionname
-
The name assigned to the database connection.
-
-
WebApp JSP Path
-
enterprise.server.paths.jsp
-
The filepath to the location on the application server where JSPs are stored.
-
-
WebApp Servlet Path
-
enterprise.server.paths.servlet
-
The filepath to the location on the application server where product servlets are stored.
-
-
Web Resource Path
-
cmee.server.paths.resource
-
The Web server path to the location where Web resources are stored.
-
-
Web Image Path
-
cmee.server.paths.image
-
The filepath to the location on the Web server where product images are stored. This setting must include the *images subdirectory of the Web Resource Path.
-
-
Web JNLP Path
-
cmee.server.paths.jnlp-tool
-
The filepath to the location on the Web server where JNLP tool jars are stored. Due to Java Web Start compatibility issues, this path must not point to an SSL-enabled service.
-
-
WebApp JSP Path
-
cmee.server.paths.jsp
-
The filepath to the location on the application server where JSPs are stored.
-
-
WebApp Servlet Path
-
cmee.server.paths.servlet
-
The filepath to the location on the application server where product servlets are stored.
-
-
Asset Detail Path
-
cmee.assettab.asset-detail-page
-
The application server path used by integrations to load asset details.
-
16.5.2.3 Email
-
Allow Distribution List Email
-
cmee.email.cc
-
The True and False options toggle the availability of the email distribution list feature. This allows users to create distribution lists so that the list members are automatically copied on certain email notifications that are sent as part of the asset registration process.
-
-
Allow External Emails in a Distribution List
-
cmee.email.nonuser.cc
-
The True and False options determine the ability for a user to specify external email addresses in distribution lists. True allows external email addresses in distribution lists. False restricts distribution lists to only internal Oracle Enterprise Repository users.
-
-
SMTP Server
-
cmee.server.smtp
-
The hostname or IP address of the SMTP server used for auto-generated email messages.
-
-
Use External Email System
-
cmee.server.smtp.send-with-cron
-
True and False options determine the selection of the email mechanisms for automated Oracle Enterprise Repository messages. True enables the external mechanism. False enables Oracle Enterprise Repository's internal email send mechanism.
Note: Changes to this setting require server restart.
-
-
Send Email Interval
-
cmee.server.smtp.send-interval
-
This setting determines the number of minutes between automatic Oracle Enterprise Repository email messages.
-
-
Send System Email as HTML
-
cmee.server.smtp.send.format-html
-
The True and False options toggle the selection of HTML or plain-text formatting of automatic Oracle Enterprise Repository messages.
-
True enables HTML formatting.
-
False enables plain text formatting.
-
-
-
Send System Email with Reply-To Header
-
cmee.server.smtp.send.replyto-required
-
The True and False options toggle the option to include a Reply-to header in automated Oracle Enterprise Repository messages. The Reply-to header includes the From address.
True enables the Reply-to header.
-
-
Notification Email Delimiter
-
cmee.email.delimiter
-
Use the list to select the appropriate delimiter (comma or semi-colon) for multiple email addresses as determined by the default email client. (For example, Microsoft Outlook uses the semi-colon, while Outlook Express uses the comma).
-
-
Send Diagnostic Email to Oracle
-
cmee.server.smtp.senddiag
-
The True and False options toggle an automatic monthly diagnostic email to Oracle, for internal informational purposes only.
-
16.5.2.4 Upload Area
-
Submission Upload Directory
-
cmee.server.paths.upload
-
Defines a locally referenced operating system path to upload files onto the application server directly via an HTTP file upload process. This property enables the following features:
-
Enables the Add Attachment Now option in the Asset Submission form. (Required if files are to be attached to assets during the submission process.)
-
Enables Uploaded Submission Files option in the Asset Editor.
-
-
-
Registrar Submission Upload Path
-
cmee.server.paths.upload-registrar
-
Enables file browsing through the Asset Editor (Optional).
-
The path, when hosted by UNC, requires Windows OS or Samba/Sharity.
-
Enables the appearance of the Browse button in Uploaded Submission Files in the Asset Editor.
-
-
-
Submission Upload Artifact Store
-
cmee.server.paths.upload-repository
-
Sets a configured artifact store to allow direct public access to the submitted files. This property is used for one-step acceptance of submitted files in the Asset Editor. When this property is set:
-
Asset files that are available for use/download are visible.
-
The Accept button is visible in the uploaded submission files section of the Asset Editor.
-
-
16.5.2.5 Audit
-
Asset Save Export Filename
-
cmee.asset.logging.filenamep
-
Text entered in the text box identifies the filename used to save asset data at every save (for archival and audit purposes).
-
-
Asset Save Export Fail on Error
-
cmee.asset.logging.failonerror
-
Select the True option to enable the ability to abort the save of the audit if unable to write to the asset export filename for any reason.
-
16.5.2.6 Caching
-
Preload Asset Cache at Start-up
-
cmee.assets.preload.at-startup
-
Select the True option to preload the asset cache on application server start-up.
True preloads the asset cache.
-
-
Preload Asset Cache as Seperate Thread
-
cmee.assets.preload.as-seperate-thread
-
Select the True option to spawn the preloaded asset cache as a separate thread on application server startup.
-
16.5.3 Enterprise Authentication Settings
This section contains the following topics:
16.5.3.1 General
-
Default Email Suffix
-
enterprise.defaults.email.suffix
-
The information supplied in this text box is automatically suffixed to usernames to form the default user email address.
-
-
Unapproved User Login
-
enterprise.security.unapproveduser.allowlogin
-
The True and False options toggle the ability for unapproved users to log in to the system. This is useful when using LDAP or container-managed authentication.
-
-
Display Login dialog
-
enterprise.security.showloginpopup
-
The True and False options toggle the default display of the Oracle Enterprise Repository login dialog. The dialog identifies the users and displays login information.
Figure 16-60 Oracle Enterprise Repository Login Page
Description of "Figure 16-60 Oracle Enterprise Repository Login Page"
-
-
Maximum Failed Login Attempts
-
enterprise.security.loginattempt.max
-
The numerical entry in the text box determines the number of failed login attempts before user lock-out. A value of zero or less disables lock-out.
Figure 16-61 Oracle Enterprise Repository Login Page
Description of "Figure 16-61 Oracle Enterprise Repository Login Page"
-
-
Concurrent Logins Per User
-
enterprise.security.concurrentuser.max
-
The numerical value entered in the text box determines the maximum number of concurrent logins each user is permitted. A value of less than or equal to zero permits infinite concurrent user logins.
-
-
Grace Logins
-
enterprise.security.password.expiration.gracelogins
-
The numerical value entered in the text box determines the number of times a user is allowed to log in after his/her password has expired.
-
-
Enable LDAP Login
-
enterprise.authentication.ldap.enabled
-
Enables the LDAP Login Module for authentication.
-
-
Enable Container Login
-
enterprise.authentication.container.enabled
-
Enables the Container Login Module for authentication.
-
-
Enable Advanced Container Login
-
enterprise.authentication.advancedcontainer.enabled
-
Select the True option to enable the Advanced Container Login Module for authentication.
-
-
Synchronize Container Roles
-
enterprise.authentication.container.synchroles.enabled
-
Enables the synchronization of existing Java EE container roles.
-
-
Default Email Suffix
-
enterprise.defaults.email.suffix
-
Suffix added to a username to determine their default email address.
-
-
New Unapproved User Notification
-
cmee.new.unapproved.users.notify
-
The True and False options toggle the feature that automatically sends an email to the security administrator when a new user is created via external authentication, such as LDAP or a Java EE container.
-
LDAP Settings and its description are as follows:
| LDAP Settings | Description |
|---|---|
|
ldap.ssl.enabled |
Enables an SSL Connection for LDAP; defaults to false |
|
ldap.host |
Host name for the LDAP server; required |
|
ldap.port |
LDAP server port number; defaults to 389; optional |
|
ldap.mask |
The LDAP mask, either the authentication bind or search criteria; required |
|
ldap.allow-user-creation |
Determines if unapproved user accounts can be created; defaults to true; optional |
|
ldap.version |
The LDAP version used, which can be either 2 or 3; defaults to 2; optional |
|
ldap.bindDN |
The distinguished name of the administrator account; optional |
|
ldap.bindPassword |
The password for the administrator account; optional |
|
ldap.baseDN |
Start location for a search, works with ldap.mask and ldap.scope to define the search; optional |
|
ldap.scope |
Determines the scope of the search; optional |
|
ldap.uniqueIDAttrib |
Attribute Name that Identifies a Found Entry |
|
ldap.emailAttrib |
Found Entry Email Attribute Name |
|
ldap.givennameAttrib |
Found Entry First Name Attribute Name |
|
ldap.surnameAttrib |
Found Entry Last Name Attribute Name |
|
ldap.telephoneAttrib |
Found Entry Telephone Number Attribute Name |
|
ldap.middlenameAttrib |
Found Entry Middle Name Attribute Name |
|
ldap.enable-sync-depts |
If true, get user departments from LDAP upon login |
|
ldap.enable-synch-roles |
If true, get user roles from LDAP upon login |
|
ldap.deptAttrib |
Name of attribute of the departments of the entry found |
|
ldap.rbac.roleAttrib |
Name of attribute of the roles of the entry found |
|
ldap.redirectDnAttrib |
Attribute which identifies a second level lookup to retrieve user info; must be a dn(distinguished name); optional |
|
ldap.retrieve-data-as-admin |
Retrieve data using the admin account |
|
ldap.assign-default-roles |
If true, users shall be assigned default roles |
|
ldap.follow-referrals |
If true, follow referral |
|
ldap.auto-create-missing-roles |
If true, auto create missing roles |
|
ldap.auto-create-missing-depts |
If true, auto create missing departments |
16.5.3.2 Authentication Token
-
Authentication Token Expiration
-
enterprise.defaults.authtokens.expiration.value
-
The numerical value entered in the text box determines the period of time (in units determined by the Authentication Token Expiration Units menu selection) until an authentication token expires and is eligible to be purged.
-
-
Authentication Token Expiration Units
-
enterprise.defaults.authtokens.expiration.period
-
Use the list, as shown in Figure 16-63, to select the units of time to be used in conjunction with the Authentication Token Expiration setting.
Figure 16-63 Authentication Token Expiration Units List
Description of "Figure 16-63 Authentication Token Expiration Units List"
-
-
Authentication Token Purge Expired Frequency
-
enterprise.defaults.authtokens.purgefrequency.value
-
The numerical value entered in the text box determines the period of time (in units determined by the Authentication Token Purge Expired Frequency Units menu selection) between purges of expired authentication tokens.
-
-
Authentication Token Purge Expired Frequency Units
-
enterprise.defaults.authtokens.purgefrequency.period
-
Use the list to select the units of time to be used in conjunction with the Authentication Token Purge Expired Frequency setting.
-
16.5.3.3 Password Settings
-
Password - Minimum Length
-
enterprise.security.password.composition.minimumlength
-
The numerical value entered in the text box determines the minimum number of characters required for a valid password.
Note: This setting does not apply to passwords created by individuals in the Admin role.
-
-
Password - Alpha Character Required
-
enterprise.security.password.composition.require.alpha
-
Select the True option to set the requirement that passwords contain at least one alphabetic character.
Note: This setting does not apply to passwords created by individuals in the Admin role.
-
-
Password - Numeric Character Required
-
enterprise.security.password.composition.require.numeric
-
Select the True option to set the requirement that passwords contain at least one numeric character.
Note: This setting does not apply to passwords created by individuals in the Admin role.
-
-
Password - Special Character Required
-
enterprise.security.password.composition.require.special
-
Select the True option to set the requirement that passwords contain at least one special character. The list of special characters used for the password are as follows:
` ~ ! @ # $ % ^ & * ( ) - _ = + [ { ] } \ \ | ; : ' \ " , < . > / ?
Note: This setting does not apply to passwords created by individuals in the Admin role.
-
-
Password Expiration
-
enterprise.security.password.expiration.days
-
The numerical value entered in the text box determines the number of days until password expiration.
A value of zero or less disables password expiration.
-
-
Password History Tracking
-
enterprise.security.password.history.count
-
The numerical value entered in the text box determines the number of prior passwords remembered by the system. The password history is used to prevent the reuse of passwords.
-
-
Password History - Minimum Tracking Age
-
enterprise.security.password.history.minagehours
-
The numerical value entered in the text box determines the minimum number of hours a password must be in effect before it is added to the password history. This feature is useful for preventing circumvention of the password history by repeatedly changing passwords.
-
16.5.3.4 Plugin Login Settings
-
Plug-in Login Module Class Name
-
enterprise.loginmodules.pluggableloginmodule.classname
-
Text entered in the text box identifies the class name for the plug-in login module.
Click +Add as necessary to add class names for additional plug-in login modules.
-
-
Plug-in Login Module Display Name
-
enterprise.loginmodules.pluggableloginmodule.displayname
-
Text entered in the text box appears as the display name of the plug-in login module.
Click +Add as necessary to add display names for additional plug-in modules.
-
-
Plug-in Login Module
-
enterprise.loginmodules.pluggableloginmodule.enabled
-
Enter true in the text box to enable the plug-in login module.
Click +Add as necessary to add and enable/disable additional plug-in modules.
-
-
Plug-in Login Module - Internal Checking
-
enterprise.loginmodules.pluggableloginmodule.internalchecking
-
Enter
truein the text box to enable internal checking of password expiration and grace logins for the configured plug-in login module.Enter
falsein the text box when using LDAP-based, SSO-based, Container Managed or other external login modules to defer these types of checks to the external authentication system.Click +Add as necessary to add and enable/disable internal checking for additional plug-in modules.
-
16.5.3.5 LDAP and Active Directory Settings
Figure 16-66 LDAP and Active Directory Settings
Description of "Figure 16-66 LDAP and Active Directory Settings"
-
LDAP Server Host Name
-
ldap.host
-
Enter the host name for the LDAP server. This is a mandatory field.
-
-
LDAP Server Port Number
-
ldap.port
-
Enter the LDAP server port number. The default is 389. This is an optional field.
-
-
LDAP Mask
-
ldap.mask
-
Enter the LDAP mask, either the authentication bind or search criteria. This is a mandatory field.
-
-
Creation of Unapproved User Accounts
-
ldap.allow-user-creation
-
Select True to determine if unapproved user accounts can be created. The default value is true. This is an optional field.
-
-
Assign default roles to users
-
ldap.assign-default-roles
-
Select true to determine, if users shall be assigned default roles.
-
-
Auto create missing roles
-
ldap.auto-create-missing-roles
-
Select true to determine, if auto create missing roles is enabled.
-
-
Auto create missing departments
-
ldap.auto-create-missing-depts
-
Select true to determine if auto create missing departments is enabled.
-
-
LDAP Version
-
ldap.version
-
The LDAP version used, which can be either 2 or 3. The default value is 2. This is an optional field.
-
-
Administrator Account Distinguished Name
-
ldap.bindDN
-
The distinguished name of the administrator account. This is an optional field.
-
-
Administrator Account Password
-
ldap.bindPassword
-
The password for the administrator account. This is an optional field.
-
-
Use SSL Connection
-
ldap.ssl.enabled
-
Enables an SSL Connection for LDAP. The default is false.
-
-
Follow referrals
-
ldap.follow-referrals
-
If true, follow referrals.
-
-
Retrieve data using the admin account
-
ldap.retrieve-data-as-admin
-
If true, then bindDN must be set. The default is false.
-
-
Search Start Location
-
ldap.baseDN
-
Start location for a search, works with ldap.mask and ldap.scope to define the search. This is an optional field.
-
-
Search Scope
-
ldap.scope
-
Determines the scope of the search. This is an optional field.
-
-
Attribute Name that Identifies a Found Entry
-
ldap.uniqueIDAttrib
-
Attribute name that identifies a found entry beyond the use of the distinguished name, if not specified, then defaults to uid. This is a mandatory field.
-
-
Found Entry Email Attribute Name
-
ldap.emailAttrib
-
Email attribute name of a found entry. This is an optional field.
-
-
Found Entry First Name Attribute Name
-
ldap.givennameAttrib
-
First name attribute name of a found entry. This is an optional field.
-
-
Found Entry Middle Name Attribute Name
-
ldap.middlenameAttrib
-
Middle name attribute name of a found entry. This is an optional field.
-
-
Found Entry Last Name Attribute Name
-
ldap.surnameAttrib
-
Last name attribute name of a found entry. This is an optional field.
-
-
Found Entry Telephone Number Attribute Name
-
ldap.telephoneAttrib
-
Telephone number attribute name of a found entry. This is an optional field.
-
-
Use LDAP Departments
-
ldap.enable-synch-depts
-
If true, get user departments from LDAP upon login.
-
-
Department Attribute
-
ldap.deptAttrib
-
Name of attribute of the departments of the entry found.
-
-
Use LDAP Roles
-
ldap.enable-synch-roles
-
If true, get user roles from LDAP upon login.
-
-
Role Attribute
-
ldap.rbac.roleAttrib
-
Name of attribute of the roles of the entry found.
-
-
Second Level Lookup Attribute
-
ldap.redirectDnAttrib
-
Attribute which identifies a second level lookup to retrieve user info; must be a dn(distinguished name). This is an optional field.
-
-
Bridge Class Name
-
ldap.bridge.classname
-
This is a required field. The text for this property represents the class name of the bridge to be used.
-
16.5.3.6 Single Sign-On (SSO) Settings
Figure 16-67 Single Sign-On (SSO) Settings
Description of "Figure 16-67 Single Sign-On (SSO) Settings"
-
Username Header Name
-
enterprise.container.auth.username
-
The value entered in the text field represents the name of the header which contains the user's username.
-
-
Firstname Header Name
-
enterprise.container.auth.firstname
-
The value entered in the text field represents the name of the header which contains the user's firstname.
-
-
Middlename Header Name
-
enterprise.container.auth.middlename
-
The value entered in the text field represents the name of the header which contains the user's middlename.
-
-
Lastname Header Name
-
enterprise.container.auth.lastname
-
The value entered in the text field represents the name of the header which contains the user's lastname.
-
-
Status Header Name
-
enterprise.container.auth.status
-
The value entered in the text field represents the name of the header which contains the user's status.
-
-
Email Header Name
-
enterprise.container.auth.email
-
The value entered in the text field represents the name of the header which contains the user's email.
-
-
Phone Header Name
-
enterprise.container.auth.phone
-
The value entered in the text field represents the name of the header which contains the user's phonenumber.
-
-
Roles Header Name
-
enterprise.container.auth.roles
-
The value entered in the text field represents the name of the header which contains the user's roles.
-
-
Department Header Name
-
enterprise.container.auth.depts
-
The value entered in the text field represents the name of the header which contains the user's departments.
-
-
Use Container passed Departments
-
enterprise.container.auth.enable-synch-depts
-
Select the True option to get the user departments from the container.
-
-
Departments passed within single header
-
enterprise.container.auth.depts-single-header
-
Select the True option to pass the departments within a single header.
-
-
Department Delimiter
-
enterprise.container.auth.depts-delimiter
-
The value entered in the text field represents the delimiter between department names.
-
-
Use Container passed Roles
-
enterprise.container.auth.enable-synch-roles
-
Select the True option to get user the roles from the container.
-
-
Roles passed within single header
-
enterprise.container.auth.roles-single-header
-
Select the True option to pass the roles within a single header.
-
-
Role Delimiter
-
enterprise.container.auth.roles-delimiter
-
The value entered in the text field represents the delimiter between role names.
-
-
Assign default roles to users
-
enterprise.container.auth.assign-default-roles
-
Select the True option to determine if users shall be assigned with default roles.
-
-
Auto create missing roles
-
enterprise.container.auth.auto-create-missing-roles
-
Select the True option to determine if the system will auto create missing roles.
-
-
Auto create missing departments
-
enterprise.container.auth.auto-create-missing-depts
-
Select the True option to determine if the system will auto create the missing departments.
-
-
Pass All Cookies - JWS
-
cmee.jws.pass-all-cookies
-
Select the True option to pass all of the current cookies from the user's browser to Java Web Start for the Asset Editor to use.
-
-
Suppress Authorization Header - JWS
-
cmee.jws.suppress-authorization-header
-
Select the True option to prevent authorization header from being propagated by JWS launched utilities.
SSO Settings and its description are as follows:
SSO Settings Description enterprise.container.auth.username
Name of the header which contains the user's username
enterprise.container.auth.firstname
Name of the header which contains the user's firstname
enterprise.container.auth.middlename
Name of the header which contains the user's middlename
enterprise.container.auth.lastname
Name of the header which contains the user's lastname
enterprise.container.auth.status
Name of the header which contains the user's status. Values may be 0=ACTIVE, 10=UNAPPROVED, 20=LOCKED_OUT, 30=INACTIVE
enterprise.container.auth.email
Name of the header which contains the user's email
enterprise.container.auth.phone
Name of the header which contains the user's phonenumber
enterprise.container.auth.roles
Name of the header which contains the user's roles
enterprise.container.auth.depts
Name of the header which contains the user's departments
enterprise.container.auth.enable-synch-depts
If true, get user departments from the container
enterprise.container.auth.enable-synch-roles
If true, get user roles from the container
enterprise.container.auth.assign-default-roles
If true, users shall be assigned default roles
enterprise.container.auth.auto-create-missing-roles
If true, the system will auto create missing roles
enterprise.container.auth.auto-create-missing-depts
If true, the system will auto create missing departments
enterprise.container.auth.roles-single-header
If true, roles are passed within a single header
enterprise.container.auth.roles-delimiter
The delimiter between roles names
enterprise.container.auth.depts-single-header
If true, departments are passed within a single header
enterprise.container.auth.depts-delimiter
The delimiter between department names
-
16.5.3.7 Container Login Settings
-
Fallback Authentication
-
enterprise.loginmodules.fallbackauthentication
-
Enables fallback authentication.
-
-
Container Login Module Class Name
-
enterprise.loginmodules.containerloginmodule.classname
-
Text entered in the text box identifies the class name of the container login module.
-
-
Container Login Module Display Name
-
enterprise.loginmodules.containerloginmodule.displayname
-
Text entered in the text box appears as the display name of the container login module.
-
-
Container Login Module
-
enterprise.loginmodules.containerloginmodule.enabled
-
Select the True option to enable the container login module.
-
-
Container Login Module - Internal Checking
-
enterprise.loginmodules.containerloginmodule.internalchecking
-
Select the True option to enable internal checking for the container login module.
-
16.5.3.8 Cookie Login Settings
-
Allow Cookie Login
-
enterprise.security.cookielogin.allow
-
Select the True option to enable automatic login using a cookie. If disabled, manual login is required.
-
-
Default to Cookie Login
-
enterprise.security.cookielogin.default
-
Select the True option to set Enable automatic login as the default in the Oracle Enterprise Repository login dialog.
Figure 16-70 Oracle Enterprise Repository Login Page
Description of "Figure 16-70 Oracle Enterprise Repository Login Page"
-
-
Cookie Login Module Class Name
-
enterprise.loginmodules.cookieloginmodule.classname
-
Text entered in the text box identifies the class name of the cookie login module.
-
-
Cookie Login Module Display Name
-
enterprise.loginmodules.cookieloginmodule.displayname
-
Text entered in the text box appears as the display name of the cookie login module.
-
-
Cookie Login Module
-
enterprise.loginmodules.cookieloginmodule.enabled
-
Select the True option to enable the cookie login module.
-
-
Cookie Login Module - Internal Checking
-
enterprise.loginmodules.cookieloginmodule.internalchecking
-
Select the True option to enable internal checking for the cookie login module.
-
16.5.3.9 Guest Login Settings
-
Allow Guest Users
-
enterprise.guest.allow
-
Select the True option to enable use of a guest login account.
-
-
Guest User Name
-
enterprise.guest.username
-
The value entered in the text field represents the user name for the guest login account.
-
-
Guest User Password
-
enterprise.guest.password
-
The value entered in the text field represents the password for the guest login account.
-
16.5.4 Open API Settings
This section contains the following open API settings:
16.5.4.1 Open API
-
Open API
-
cmee.extframework.enabled
-
Enables the Open API.
-
-
Testing Capabilities of the Open API
-
cmee.extframework.test.enabled
-
Enables the testing Functions built into the Open API.
-
-
Open API - Max Assets
-
cmee.extframework.assets.max
-
Maximum number of assets returned by queries through the Open API.
-
-
Open API - Max Projects
-
cmee.extframework.projects.max
-
Maximum number of projects returned by queries through the Open API.
-
-
Open API - Max Users
-
cmee.extframework.users.max
-
Maximum number of users returned by queries through the Open API.
-
-
Open API - Location for temporary export file
-
cmee.extframework.export.tempfile
-
Path of temporary export file.
-
Note:
For more information about REX Open API, see the "Repository Extensibility Framework" chapter in Oracle Fusion Middleware Integration Guide for Oracle Enterprise Repository.
16.5.5 External Integration Settings
This section contains the following topics:
16.5.5.1 UDDI
-
UDDI
-
cmee.uddi.enabled
-
Enables the UDDI Web Service Plugin.
-
-
UDDI - Default Business
-
cmee.uddi.default.business
-
Use the list to select the default business entity to be assigned to any UDDI services to which no business has been assigned.
-
-
Business Service Relationship Name
-
cmee.uddi.business.service.relationship
-
Use the list to select the relationship that will link UDDI Business Services to UDDI Business Entities.
-
-
UDDI
-
cmee.uddi.server.enabled
-
Select the True option to allow Oracle Enterprise Repository to act as a UDDI registry for selected applications.
-
-
Import - Default UDDI Service Type
-
cmee.import.uddi.service.assettype
-
Use the list to specify the default asset type to be assigned to imported UDDI services.
-
16.5.5.2 File Stores
-
Advanced Access File Stores
-
registry.advanced.filestores.enabled
-
Select the True option to set advanced file store options.
-
16.5.5.3 Rational ClearCase
-
Configuration Specification
-
cmee.config-spec.enabled
-
Select the True option to enable attachment of configuration specification files to assets.
-
16.5.5.4 Eventing
-
Enable Event Manager
-
cmee.eventframework.enabled
-
Select the True option to enable the Advanced Registration Flow subsystem.
-
-
Event Manager Notifier Thread Sleep (seconds)
-
cmee.eventframework.notifier.sleep
-
Specifies in seconds how long the notifier should wait, if an endpoint is unavailable, before retrying to send an event.
-
-
Event Manager Store Thread Sleep (seconds)
-
cmee.eventframework.store.sleep
-
Specifies in seconds how long the Event Manager's Store Manager thread should sleep before polling for the next available event stored in memory.
-
-
Event Manager Delivery Thread Sleep (seconds)
-
cmee.eventframework.delivery.sleep
-
Specifies in seconds how long the Event Manager's Delivery Manager thread should sleep before selecting the next available event from the JMS server.
-
16.5.6 Import / Export and Introspection Settings
This section contains the following topics:
16.5.6.1 Import / Export
-
Import/Export Client
-
cmee.importexport.enabled
-
Select the True option to enable the Import / Export client.
-
-
Import/Export job monitor max idle (msecs)
-
cmee.extframework.impexp.monitor.maxidle
-
The value entered in the text field represents the maximum time (in msecs) that an import/export job can be idle before it is automatically killed by the job monitor.
-
-
Import/Export job monitor max idle for Rex transactions(msecs)
-
cmee.extframework.impexp.monitor.rex.maxidle
-
The value entered in the text field represents the maximum time (in msecs) that a rex transaction can be idle before it is automatically killed by the job monitor.
-
-
Import/Export job monitor max runtime (msecs)
-
cmee.extframework.impexp.monitor.maxruntime
-
The value entered in the text field represents the maximum time (in msecs) that an import/export job can run before it is automatically killed by the job monitor.
-
-
Import/Export job monitor period (msecs)
-
cmee.extframework.impexp.monitor.period
-
The value entered in the text field represents the time (in msecs) between scans for the job monitor.
-
-
Import/Export job monitor auto cleanup (msecs)
-
cmee.extframework.impexp.monitor.autocleanup
-
The value entered in the text field represents the time (in msecs) that an import/export job's results remain in the system before they are automatically cleaned up by the job monitor.
-
-
Import/Export job proxy period (msecs)
-
cmee.extframework.impexp.proxy.period
-
The value entered in the text field represents the time (in msecs) between checks by job proxies for job status on other cluster nodes.
-
-
Import/Export job proxy timeout (msecs)
-
cmee.extframework.impexp.proxy.timeout
-
The value entered in the text field represents the time (in msecs) before a job proxy stops monitoring status of remote jobs on other clustered nodes.
-
-
Import/Export audit temp file location
-
cmee.extframework.impexp.audit.dir
-
The value entered in the text field represents the directory in which temp files will be stored as they are created. These files are cleaned up after being served.
-
16.6 Known Issues
This section describes the issues found in Oracle Enterprise Repository system setting properties:
Duplicate System Setting Properties
In Oracle Enterprise Repository System Settings page, the following property names appear twice:
In Server Settings, the Server Resources settings section has the following duplicate properties:
WebApp JSP Path
enterprise.server.paths.jsp = {%cmee.server.paths.jsp%}
WebApp Servlet Path
enterprise.server.paths.servlet = {%cmee.server.paths.servlet%}
These two settings should remain static and reference their counterpart properties: cmee.server.paths.jsp and cmee.server.paths.servlet respectively.