Skip Headers
Oracle® Fusion Middleware Administrator's Guide for Oracle WebCenter Portal
11g Release 1 (11.1.1.7.0)

Part Number E12405-19
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

22 Managing Oracle Secure Enterprise Search in WebCenter Portal

This chapter describes how to configure the Oracle Secure Enterprise Search (SES) adapter to index and search most WebCenter Portal objects. In addition to providing better scalability and performance than WebCenter's live search adapter, Oracle SES is beneficial for the following reasons:

Note:

The information in this chapter is not required if you choose to use WebCenter Portal's live Search service adapter.

With WebCenter Portal: Framework applications, Oracle SES is set as the default and preferred search platform. Detailed configuration steps are in Section 22.5, "Configuring Oracle SES to Search Framework Applications."

With WebCenter Portal: Spaces applications, WebCenter Portal's internal Search service adapters are set as the default search platform; however, large-scale implementations should be configured to use Oracle SES for best performance. Detailed configuration steps are in Section 22.6, "Configuring Oracle SES to Search Spaces Applications."

Always use Fusion Middleware Control or the WLST command-line tool to review and configure back-end services for WebCenter Portal applications. Any changes that you make to applications, post deployment, are stored in MDS metatdata store as customizations. See Section 1.3.5, "WebCenter Portal Configuration Considerations."

Note:

Most changes that you make to Search configuration, through Fusion Middleware Control or using WLST, are not dynamic. You must restart the managed server on which the WebCenter Portal application is deployed (by default, WC_Spaces) for your changes to take effect. See Section 8.2, "Starting and Stopping Managed Servers for WebCenter Portal Application Deployments."

This chapter includes the following sections:

Audience

The content of this chapter is intended for Fusion Middleware administrators (users granted the Admin or Operator role through the Oracle WebLogic Server Administration Console). See also, Section 1.8, "Understanding Administrative Operations, Roles, and Tools."

22.1 What You Should Know About WebCenter Portal's Search with Oracle SES

Oracle recommends Oracle SES for best search performance. You can configure Oracle SES to search WebCenter Portal applications for the following resources:

Note:

WebCenter Portal: Spaces includes the additional Oracle SES crawler that indexes spaces, lists, pages, and people resources in Spaces. This crawler is not supported in Framework applications, so those resources are not searchable with Oracle SES in Framework applications.

Results from all sources are listed together, with the most relevant items appearing first. For example, when you run a search for a user name, most likely, you are looking for that person's contact information (that is, the exact user name in the People Connections service), not necessarily documents that the user wrote. The unified ranking results in Oracle SES allow you to see the most relevant results, across all different types of searches, without configuring Search Preferences.

When Oracle SES is configured to search WebCenter Portal applications (Spaces applications and Framework applications), other non-crawled resources (for example, notes and events) are not returned in search results.

Three types of Oracle SES crawlers index WebCenter Portal resources:

Note:

Oracle SES crawlers collect data through connectors to back-end repositories. Each connector is configured in Oracle SES as a "crawl source." Each crawl source has a type that identifies the type of repository that holds the data, such as a relational database or an Oracle Content repository.

When you configure Oracle SES to search WebCenter Portal applications (Spaces applications and Framework applications), all available Oracle SES crawlers should be enabled. It is not recommended to enable one of these Oracle SES crawlers and not another. For example, when you configure Oracle SES to search Framework applications, you cannot have it crawl documents but not discussions.

22.2 Configuration Roadmaps for Oracle SES in WebCenter Portal

Use the roadmaps in this section as an administrator's guide through the configuration process:

22.3 Prerequisites for using Oracle SES

This section includes the following subsections:

22.3.1 Oracle SES - Installation

Supported Oracle SES versions include 11.1.2 and 11.1.2.2. Oracle strongly recommends using Oracle SES release 11.1.2.2. For Oracle SES installation directions, see the section, "Back-End Requirements for the Search Service" in Oracle Fusion Middleware Installation Guide for Oracle WebCenter Portal.

See Also:

It is important to verify that you have installed all required patches for Oracle SES. For the latest information on required patches, check the Release Notes.

This chapter assumes that you are running the latest supported products: Oracle SES 11.1.2.2 and Oracle WebCenter Content: Content Server 11.1.1.5.

22.3.2 Oracle SES - Configuration

  1. Oracle SES must be configured with an identity management system to validate and authenticate users. This is necessary for secure searches, so searches return only results that the user is allowed to view based on access privileges.

    Because WebCenter Portal uses identity propagation when communicating with Oracle SES, WebCenter Portal's user base must match that in Oracle SES. One way this can happen is by configuring WebCenter Portal and Oracle SES to the same identity management system, such as Oracle Internet Directory.

    Note:

    For information on all supported identity management systems, see Section 29.2.3, "Default Identity and Policy Stores."

    Only one identity plug-in can be set up for each Oracle SES instance. All repositories (Oracle WebCenter Content: Content Server, Oracle WebCenter Portal Discussions Server, and Oracle WebCenter Portal: Spaces) must share the same user base as Oracle SES.

    Oracle SES includes numerous identity plug-ins for identity management systems including Oracle Internet Directory, Oracle Content Server, and Microsoft Active Directory. For information, see the Oracle SES documentation included with the product. (This is listed in the WebCenter Portal product area on the Oracle Fusion Middleware documentation library.)

    The following example sets up the identity plug-in for Oracle Internet Directory:

    1. In the Oracle SES administration tool, navigate to the Global Settings - Identity Management Setup page, select Oracle Internet Directory from the available identity plug-ins, and click Activate.

    2. Provide the following values:

      Host name: The host name of the computer where Oracle Internet Directory is running

      Port: The Oracle Internet Directory port number

      Use SSL: true or false, based on your preference

      Realm: The Oracle Internet Directory realm, for example, dc=us,dc=oracle,dc=com

      User name: The Oracle Internet Directory admin user name; for example, cn=orcladmin

      Password: Admin user password

    3. Click Submit.

  2. Each Oracle SES instance must have a trusted entity for allowing WebCenter Portal end users to be securely propagated at search time. (A trusted entity allows the WebCenter Portal application to authenticate itself to Oracle SES and assert its users when making queries on Oracle SES.) This trusted entity can be any user that either exists on the identity management server behind Oracle SES or is created internally in Oracle SES.

    You can do this either in WLST or in Oracle SES.

    Note:

    This trusted entity name and password is required later as the appUser and appPassword properties in the WLST command createSESConnection.

    To do this with WLST, use the createFederationTrustedEntity command (Example 22-1).

    Example 22-1 createFederationTrustedEntity Command

    createFederationTrustedEntity(
    'webcenter', 'http://ses-host:ses-port/search/api/admin/AdminService',
     'ses-admin-pw', 'webcenter-proxy-user', 'webcenter-proxy-user-pw', 
    'Trusted entity for WebCenter');
     
    

    where:

    • ses-host = Oracle SES host name

    • ses-port = Oracle SES port number

    • ses-admin-pw = Oracle SES admin user password

    • webcenter-proxy-user = Proxy user to log on WebCenter Portal end users

    • webcenter-proxy-user-pw = Password of proxy user to log on WebCenter Portal end users

    For command syntax and examples, see the section, "createFederationTrustedEntity" in Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

    To do this in Oracle SES, follow these steps.

    1. In the Oracle SES administration tool, navigate to the Global Settings - Federation Trusted Entities page.

    2. Enter a name for a trusted entity. This is the name that WebCenter Portal uses to authenticate itself to Oracle SES at search time (before it propagates the end user identity to Oracle SES).

      To allow the entity to be authenticated through the active identity plug-in:

      - Make sure that the entity name is the name of a user that exists in the identity management system.

      - Leave the password field blank.

      - Select the Use Identity Plug-in for authentication check box.

      - Enter the authentication attribute value corresponding to the Authentication Attribute in your active identity plug-in.

      To allow the entity to be authenticated through Oracle SES:

      - Enter any user name (for example, wcsearch) and password (for example, MyPassword1).

      - Do not select the Use Identity Plug-in for authentication check box.

      For more information, see the online help for the Federation Trusted Entities page in Oracle SES.

Note:

For reference, the following sample user names are used in this chapter:

  • wcsearch: User of the Oracle SES Federation Trusted Entity

  • mycrawladmin: Crawl admin user in Spaces and in the identity management system to crawl certain Spaces objects, such as lists, pages, spaces, and people connections profiles

  • sescrawer (or admin user): Crawl admin user in Oracle WebCenter Content Server with sescrawlerrole (or admin) role

22.3.3 Oracle SES - Security

Most enterprise deployments require that their HTTP connections be secure. SSL (secure socket layer) is an encryption protocol for securely transmitting private content on the internet. Oracle strongly recommends that you use an SSL-protected channel to transmit password and other secure data over networks.

For instructions, see Section 34.10, "Securing the Connection to Oracle SES with SSL."

22.4 Setting Up Oracle SES Connections

This section includes the following subsections:

22.4.1 Testing the Connection to Oracle SES

Confirm the connection to Oracle SES by entering in a browser the URL for Oracle SES Web Services operations:

http://host:port/search/query/

If the URL address does not render in the browser, then either the host or port for the Oracle SES server is incorrect, or Oracle SES has not been started.

22.4.2 Registering Oracle Secure Enterprise Search Servers

You can register multiple Oracle SES connections with a WebCenter Portal application but only one of them is active at a time.

You can register Oracle SES connections using either Fusion Middleware Control or WLST. This section includes the following subsections:

22.4.2.1 Registering Oracle SES Connections Using Fusion Middleware Control

To register an Oracle SES instance with WebCenter Portal applications:

  1. Log in to Fusion Middleware Control and navigate to the home page for the WebCenter Portal application. For more information, see:

  2. Do one of the following:

    • For the Spaces application - From the WebCenter Portal menu, select Settings > Service Configuration.

    • For Framework applications - From the Application Deployment menu, select WebCenter Portal > Service Configuration.

  3. From the list of services on the WebCenter Portal Service Configuration page, select Search.

  4. To connect to a new Oracle SES instance, click Add (Figure 22-3).

    Figure 22-3 Configuring Oracle Secure Search Services

    Configuring Oracle Secure Search Services
    Description of "Figure 22-3 Configuring Oracle Secure Search Services"

  5. On the Add Secure Enterprise Search Connection page, enter a unique name for this connection, and indicate whether this connection is the active (or default) connection for the application (Figure 22-4).

    Figure 22-4 Add Secure Enterprise Search Connection

    add SES connection page

    Table 22-3 describes the connection parameters.

    Table 22-3 Oracle SES Connection - Name

    Field Description

    Connection Name

    Enter a unique name for the connection. The name must be unique (across all connection types) within the WebCenter Portal application.

    Active Connection

    Select to use the Oracle SES instance defined on this connection to search repositories outside the WebCenter Portal application and include Oracle SES results in your result set.

    While you can register multiple Oracle SES connections for an application, only one connection is used—the default (or active) connection.


  6. Enter connection details for the Oracle SES instance (Table 22-4).

    Table 22-4 Oracle SES - Connection Details

    Field Description

    SOAP URL

    Enter the Web Services URL that Oracle SES exposes to enable search requests.

    Use the format:

    http://host:port/search/query/OracleSearch
    

    For example:

    http://myHost:7777/search/query/OracleSearch
    

    Federation Trusted Entity Name

    Enter the user name of the Oracle SES Federation Trusted Entity created in Section 22.3.2, "Oracle SES - Configuration."

    Tip: This user is configured in the Oracle SES administration tool, on the Global Settings - Federation Trusted Entities page.

    The WebCenter Portal application must authenticate itself as a trusted application to Oracle SES to perform searches on behalf of WebCenter Portal users.

    Examples in this chapter use wcsearch for this value.

    Federation Trusted Entity Password

    Enter the password for the Federation Trusted Entity.


  7. Click OK to save this connection.

Note:

To start using the new (active) connection you must restart the managed server on which the application is deployed. For more information, see Section 8.2, "Starting and Stopping Managed Servers for WebCenter Portal Application Deployments."

22.4.2.2 Registering Oracle SES Connections Using WLST

  1. Use the WLST command createSESConnection to create a connection to Oracle SES. For example:

    createSESConnection(appName='webcenter',
                       name='MySesConnection',
                       url='http://myhost.com:7777/search/query/OracleSearch',              
                       appUser='wcsearch',
                       appPassword='MyPassword1',
                       default=true)
    

    where appUser is the user name of the Oracle SES Federation Trusted Entity created in Section 22.3.2, "Oracle SES - Configuration."

For command syntax and examples, see the section, "createSESConnection" in Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

To configure the Search service to actively use a new Oracle SES connection, set default=true. For more information, see Section 22.4.3.2, "Choosing the Active Oracle SES Connection Using WLST."

For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands."

Note:

To start using the new (active) connection or settings, you must restart the managed server on which the application is deployed (by default, WC_Spaces). See "Starting and Stopping WebLogic Managed Servers Using the Command Line" in Oracle Fusion Middleware Administrator's Guide.

22.4.3 Choosing the Active Oracle SES Connection

You can register multiple Oracle SES connections with a WebCenter Portal application but only one connection is active at a time.

Note:

These steps in this section are not necessary if you selected the active connection in Section 22.4.2, "Registering Oracle Secure Enterprise Search Servers."

This section includes the following subsections:

22.4.3.1 Choosing the Active Oracle SES Connection Using Fusion Middleware Control

To change the active connection:

  1. Log in to Fusion Middleware Control and navigate to the home page for the WebCenter Portal application. For more information, see:

  2. Do one of the following:

    • For the Spaces application - From the WebCenter Portal menu, select Settings > Service Configuration.

    • For Framework applications - From the Application Deployment menu, select WebCenter Portal > Service Configuration.

  3. From the list of services on the WebCenter Portal Services Configuration page, select Search.

    The Manage Secure Enterprise Search Connections table indicates the current active connection (if any).

  4. Select the connection you want to make the active (or default) connection, and then click Edit (Figure 22-5).

    Figure 22-5 Edit Icon

    Edit icon
  5. Select the Active Connection check box (Figure 22-6).

    Figure 22-6 Active Connection Check Box

    Active Connection checkbox
  6. Click OK to update the connection.

Note:

To start using the new (active) connection you must restart the managed server on which the application is deployed. For more information, see Section 8.2, "Starting and Stopping Managed Servers for WebCenter Portal Application Deployments."

22.4.3.2 Choosing the Active Oracle SES Connection Using WLST

Use the WLST command setSESConnection with default=true to activate an existing Oracle SES connection. For example:

setSESConnection(appName='app1', 
                name='SESConn1', 
                url='http://myhost.com:7777/search/query/OracleSearch',          
                appUser='wpadmin', 
                appPassword='password',
                default=1)

For full command syntax and examples, see the section, "setSESConnection" in Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

To subsequently disable an Oracle SES connection, run the same WLST command with default=false. Connection details are retained but the connection is no longer named as an active connection.

For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands."

Note:

To start using the active connection you must restart the managed server on which the application is deployed (by default, WC_Spaces). For more information, see the section, "Starting and Stopping WebLogic Managed Servers Using the Command Line" in Oracle Fusion Middleware Administrator's Guide.

22.4.4 Modifying Oracle SES Connection Details

You can modify Oracle SES connection details at any time.

To start using the updated (active) connection you must restart the managed server on which the WebCenter Portal application is deployed.

Note:

The steps in this section are required only to modify the details configured in Section 22.4.2, "Registering Oracle Secure Enterprise Search Servers."

This section includes the following subsections:

22.4.4.1 Modifying Oracle SES Connection Details Using Fusion Middleware Control

To update connection details for an Oracle SES instance:

  1. Log in to Fusion Middleware Control and navigate to the home page for the WebCenter Portal application. For more information, see:

  2. Do one of the following:

    • For the Spaces application - From the WebCenter Portal menu, select Settings > Service Configuration.

    • For Framework applications - From the Application Deployment menu, select WebCenter Portal > Service Configuration.

  3. From the list of services on the WebCenter Portal Service Configuration page, select Search.

  4. Select the connection name, and click Edit.

  5. Edit connection details, as required. For detailed parameter information, see Table 22-4.

  6. Click OK to save your changes.

Note:

To start using the updated (active) connection you must restart the managed server on which the application is deployed. For more information, see Section 8.2, "Starting and Stopping Managed Servers for WebCenter Portal Application Deployments."

22.4.4.2 Modifying Oracle SES Connection Details Using WLST

Use the WLST command setSESConnection to alter an existing Oracle SES connection. For command syntax and examples, see the section, "setSESConnection" in Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

Note:

To start using the updated (active) connection you must restart the managed server on which the application is deployed (by default, WC_Spaces). For more information, see the section "Starting and Stopping WebLogic Managed Servers Using the Command Line" in Oracle Fusion Middleware Administrator's Guide.

22.4.5 Deleting Oracle SES Connections

You can delete Oracle SES connections at any time but take care when deleting the active connection. If you delete the active connection, users are not able to search content on external repositories.

This section includes the following subsections:

22.4.5.1 Deleting Oracle SES Connections Using Fusion Middleware Control

To delete an Oracle SES server connection:

  1. Log in to Fusion Middleware Control and navigate to the home page for the WebCenter Portal application. For more information, see:

  2. Do one of the following:

    • For the Spaces application - From the WebCenter Portal menu, select Settings > Service Configuration.

    • For Framework applications - From the Application Deployment menu, select WebCenter Portal > Service Configuration.

  3. From the Service Connection drop-down, select Search.

  4. Select the connection name, and click Delete.

    Figure 22-7 Delete Connection Icon

    Delete icon

Note:

To effect this change you must restart the managed server on which the application is deployed. For more information, see Section 8.2, "Starting and Stopping Managed Servers for WebCenter Portal Application Deployments."

22.4.5.2 Deleting Oracle SES Connections Using WLST

Use the WLST command deleteConnection to remove an Oracle SES connection. For command syntax and examples, see the section, "deleteConnection" in Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands."

Note:

To effect this change you must restart the managed server on which the application is deployed (by default, WC_Spaces). For more information, see the section "Starting and Stopping WebLogic Managed Servers Using the Command Line" in Oracle Fusion Middleware Administrator's Guide.

22.5 Configuring Oracle SES to Search Framework Applications

With WebCenter Portal: Framework applications, Oracle SES is set as the default and preferred search platform. Configuring Oracle SES to search Framework applications requires similar steps to configuring Oracle SES to search Spaces applications, but Framework applications do not support the Spaces Crawler.

Note:

For an overview of the tasks that must be performed to enable Oracle SES as the search engine in Framework applications, see Section 22.2, "Configuration Roadmaps for Oracle SES in WebCenter Portal." There may be various acceptable ways and orders to perform the required tasks.

This section describes the steps to set up Oracle SES to search Framework applications:

22.5.1 Setting Up Oracle WebCenter Portal Content Server for Oracle SES

This section describes how to configure Oracle WebCenter Content: Content Server to be crawlable by Oracle SES (in particular, the Content Server that WebCenter Portal uses for storing documents).

The following steps must be done from within the Content Server.

  1. Create the role sescrawlerrole.

  2. Create the user sescrawler, and assign it the admin role and the sescrawlerrole role. This user creates the Content Server source in Oracle SES.

  3. Add sceCrawlerRole=sescrawlerrole to config.cfg (located in MiddlewareHome/user_projects/domains/yourdomain/ucm/cs/config).

  4. Restart the Content Server.

  5. In the Content Server console, install the SESCrawlerExport component on the content server, if not done:

    1. Log on to the Content Server as a system administrator. For example: http://host:port/cs.

    2. From the Administration dropdown menu, select Admin Server (Figure 22-8).

      Figure 22-8 Content Server Administration

      Description of Figure 22-8 follows
      Description of "Figure 22-8 Content Server Administration"

    3. Click the button with the instance name.

    4. Click Component Manager from the menu list on the left pane (Figure 22-9).

      Figure 22-9 Content Server Component Manager

      Description of Figure 22-9 follows
      Description of "Figure 22-9 Content Server Component Manager"

    5. Select SESCrawlerExport under Integration and click Update.

    6. Enter configuration parameters. (You can change configuration parameters after installation.)

      Disable security on authentication and authorization APIs provided by the SESCrawlerExport; that is, set Disable Secure APIs to false. This lets security provided by the SESCrawlerExport be done internally instead of by the Content Server.

      Additionally, in clustered environments only, the feedLoc parameter must specify a location on the shared disk accessed by the nodes of content server, and they each must reference it the same way; for example, sharedDrive/dir1/dir2. Note that this is not the default location (relative path) provided.

    7. Restart the Content Server.

  6. Take a snapshot of the Content Server repository.

    1. Log on to the Content Server as a system administrator. For example: http://host:port/cs.

    2. From the Administration dropdown menu, select SESCrawlerExport.

    3. Select All sources, and click Take Snapshot (Figure 22-10).

      Figure 22-10 Content Server Snapshot

      Description of Figure 22-10 follows
      Description of "Figure 22-10 Content Server Snapshot"

      It is important to take a snapshot before the first crawl or any subsequent full crawl of the source.

      The snapshot generates configFile.xml at the location specified during component installation, and feeds are created at the subdirectory with the source name under feedLoc.

  7. If the Content Server is configured for web rendition, then items in the Content Server are rendered in PDF format. The content item's native MIME type rendition is overwritten. For example, the MIME type of a Microsoft Office Word document is 'application/msword', but when the Content Server uses web rendition the MIME type becomes 'application/pdf'. A search query with the Mimetype parameter set to 'application/msword' does not return Word documents.

    If your Content Server is configured to use web rendition, then you must configure the Content Server metatdata list to include the dFormat value, so that required MIME types are exported to Oracle SES. This is necessary to be able to narrow searches by MIME type.

    1. Back on the SESCrawlerExport Administration page, click Configure SESCrawlerExport (Figure 22-11).

      Figure 22-11 Content Server Snapshot

      Description of Figure 22-11 follows
      Description of "Figure 22-11 Content Server Snapshot"

    2. By default, the Metadata List field is blank (Figure 22-12).

      Figure 22-12 Content Server Metadata List

      Description of Figure 22-12 follows
      Description of "Figure 22-12 Content Server Metadata List"

      Left blank, the list of metadata values that are exported to Oracle SES consists of the following (plus any custom metadata fields beginning with 'x'):

      dID,dDocName,dRevLabel,dDocType,dDocAccount,dSecurityGroup,dOriginalName,dReleaseDate,dOutDate.

      However, the dFormat value must be added to this list.

      When the blank default value is changed, the default values are removed, so they also must be added back. To include dFormat with the standard attributes, enter the following value for Metadata List:

      dFormat,dID,dDocName,dRevLabel,dDocType,dDocAccount, dSecurityGroup,dOriginalName,dReleaseDate,dOutDate

    3. Optionally, add to this list any custom metadata values you require (beginning with x).

      For example, the following entry for Metadata List includes custom attributes:

      dFormat,dID,dDocName,dDocType,dDocAccount,dSecurityGroup,dOriginalName,dReleaseDate,dDocAuthor,dDocCreator,dDocCreatedDate,dOutDate,xCollectionID,xWCTags,xComments,xRegionDefinition

    See Also:

22.5.2 Setting Up Oracle WebCenter Portal's Discussion Server for Oracle SES

This section describes how to configure Oracle WebCenter Portal's Discussion Server to be crawlable by Oracle SES (in particular, the discussions server that WebCenter Portal uses for storing discussions and announcements).

Note:

These steps is not required if you have a new installation of WebCenter Portal (with an Oracle database) and Oracle WebCenter Portal's Discussion Server. It is only required if you are using upgraded (patched) instances.

You can find database schema details for the corresponding data sources from your Oracle WebLogic Server console.

  1. Run the Repository Creation Utility (RCU) to confirm that the Discussions Crawler WebCenter Portal component has been installed on the system.

    • Oracle databases:

      Verify that the Oracle WebCenter Portal's Discussion Server back end has been configured properly by noting that the MyPrefix_DISCUSSIONS user is installed in RCU.

      Then verify that the Discussions Crawler has been configured properly by noting that the MyPrefix_DISCUSSIONS_CRAWLER user is installed in RCU.

    • Microsoft SQL Server databases:

      Verify that the Oracle WebCenter Portal's Discussion Server back end has been configured properly by noting that the MyPrefix_DISCUSSIONS user is installed in RCU.

      Then verify that the Discussions Crawler has been configured properly by noting that the MyPrefix_DISCUSSIONS_CRAWLER user is installed in RCU.

    • IBM DB2 databases:

      Verify that the Oracle WebCenter Portal's Discussion Server back end has been configured properly by noting that the MyPrefix_DS user is installed in RCU.

      Then verify that the Discussions Crawler has been configured properly by noting that the MyPrefix_DC user is installed in RCU.

      Note:

      For IBM DB2 databases, MyPrefix is limited to five characters. IBM DB2 uses operating system users for authentication (that is, the database user is actually an operating system user). Because some operating systems have an eight character limit for user names, this requires an eight character user name.

    If the Discussions Crawler component is not installed, then you must install it using RCU, selecting the same prefix that was used for the Oracle WebCenter Portal's Discussion Server component. Also, during the tablespace specification step in RCU, select Prefix_IAS_DISCUSSIONS as the default tablespace. This installs the user for Oracle SES.

    For more information, see Chapter 7, "Deploying WebCenter Portal: Framework Applications."

  2. For instances upgraded from WebCenter 11.1.1.1.0, run the following tool to upgrade the data in the Oracle WebCenter Portal's Discussion Server database schema, if you have not run the tool yet:

    Note:

    This step is necessary only if the instance is upgraded from WebCenter 11.1.1.1.0. For instances installed after WebCenter 11.1.1.1.0, this is not required.

    java -jar \
    $MW_HOME/discussionserver/discussionserver-upgradeforses.jar \
    <command_line_parameters>
    

    where command_line_parameters are the following MDS schema details and discussions database schema details:

    -mds_jdbc_user user_id \ 
    -mds_jdbc_password password \
    -mds_jdbc_url url \
    -discussions_jdbc_user user_id \
    -discussions_jdbc_password password \
    -discussions_jdbc_url url
    

    where mds_jdbc_user, mds_jdbc_password, and mds_jdbc_url are the values to log in to the MDS schema, and discussions_jdbc_user, discussions_jdbc_password, and discussions_jdbc_url are the values to log in to the discussions database schema.

    For example:

    java -jar $MW_HOME/as11r1wc/discussionserver/discussionserver-upgradeforses.jar\
    -mds_jdbc_user foo \ 
    -mds_jdbc_password MyPassword1 \ 
    -mds_jdbc_url jdbc:oracle:thin:@host:port:SID \
    -discussions_jdbc_user foo \ 
    -discussions_jdbc_password MyPassword1 \ 
    -discussions_jdbc_url jdbc:oracle:thin:@host:port:SID
    

22.5.3 Setting Up Oracle SES to Search WebCenter Portal

The steps in this section must be performed in the Oracle SES administration tool.

The following steps are required:

  1. Section 22.5.3.1, "Logging on to the Oracle SES Administration Tool"

  2. Section 22.5.3.2, "Setting Up Oracle SES to Search Documents"

  3. Section 22.5.3.3, "Setting Up Oracle SES to Search Discussions and Announcements"

  4. Section 22.5.3.4, "Additional Oracle SES Configuration"

See Also:

Confirm that you have installed all required patches for Oracle SES. For the latest information on required patches, see "Back-End Requirements for the Search Service" in Oracle Fusion Middleware Installation Guide for Oracle WebCenter Portal and the Release Notes.

For detailed information about Oracle SES configuration, see the Oracle SES documentation included with the product. (This is listed in the WebCenter Portal product area on the Oracle Fusion Middleware documentation library.)

22.5.3.1 Logging on to the Oracle SES Administration Tool

Open the Oracle SES administration tool:

  1. Open a browser and enter the URL provided after the installation. (This has the form http://host:port/search/admin/index.jsp.)

  2. Log on with the Oracle SES admin user name eqsys and the password specified during installation.

22.5.3.2 Setting Up Oracle SES to Search Documents

To search WebCenter Portal documents using Oracle SES, you must first set up a Document Service Manager (with a Document Service Instance and a Document Service Pipeline), and then create a Content Server source.

  1. Configure the Document Service Manager (one time for each Oracle SES instance).

    Note:

    Document services are plug-ins involved in the processing of a document when it is being crawled. A document service allows WebCenter Portal to add indexable attributes for documents used in the application.

    1. On the Global Settings - Document Services page, click Create. Select Create New Manager, click Next, and enter the following parameters:

      Manager Class Name: oracle.webcenter.search.crawl.ucm.ses.WcUcmDsManager

      Manager Jar File Name: search-crawl-ucm.jar

      Note:

      The webcenter_search_ses_plugins.zip file installs Oracle_Home/search/lib/plugins/doc/search-crawl-ucm.jar.

      Click Next, and then click Finish (Figure 22-13).

      Figure 22-13 Creating a Document Services Manager in Oracle SES

      Description of Figure 22-13 follows
      Description of "Figure 22-13 Creating a Document Services Manager in Oracle SES"

    2. Create the Document Service Instance.

      Again, on the Global Settings - Document Services page, click Create. This time, select Select From Available Managers with Secure Enterprise Search WebCenter UCM Plugin, and click Next (Figure 22-14).

      Figure 22-14 Create Document Service

      Description of Figure 22-14 follows
      Description of "Figure 22-14 Create Document Service"

      In addition to the entering an instance name, enter the following parameters:

      WebCenter Application Name: This must be left blank.

      Connection Name: The Content Server connection name in your WebCenter Portal application.

      WebCenter URL Prefix: The host and port where the WebCenter Portal application is deployed, plus the context root; for example: http://myhost:8888/MyPortalApp, where MyPortalApp is the context root of the application.

    3. Create the Document Services Pipeline. This invokes the document service instance.

      Again, on the Global Settings - Document Services page, under the Document Services Pipelines section, click Create.

      Enter a name and select the instance created in the previous step.

  2. Create the Content Server source for documents.

    1. Go to Home > Sources.

    2. From the Source Type dropdown list, select Oracle Content Server, and click Create (Figure 22-15).

      Figure 22-15 Create Oracle Content Server Source

      Description of Figure 22-15 follows
      Description of "Figure 22-15 Create Oracle Content Server Source"

    3. Enter the following parameters:

      Source Name: unique_name

      Configuration URL: Content_Server_SES_Crawler_Export_endpoint; for example, http://host:port/cs/idcplg?IdcService=SES_CRAWLER_DOWNLOAD_CONFIG&source=default

      Note:

      The source=default parameter denotes the name of the source created in the configuration of the SES Crawler Export. The default one is created automatically and called "default."

      Authentication Type:

      If the Content Server is not protected by SSO, then enter NATIVE.

      If the Content Server is protected by Oracle SSO, then enter ORASSO.

      User ID: The user to crawl the Content Server must have the sceCrawlerRole role defined. The sceCrawlerRole is a configuration parameter in SESCrawlerExport. Typically, administrators create a special role, assign it no privileges to view content, then create a user account that has this role.

      If you do not set up a specific sceCrawlerRole, then admin credentials are required to crawl. The sysadmin user ID works by default.

      If Authentication Type is ORASSO, then enter a user ID (and password) of a user in the identity management server fronted by Oracle SSO. This user must have been granted the same permissions as sysadmin. If it is not possible to grant those permissions, then delete the "remote" user corresponding to this user in the Content Server, and create a "local" version of the user (same name) in the Content Server.

      Password: Password for this Content Server user.

      Realm:

      If Authentication Type is NATIVE, then enter Idc Security /cs/idcplg, where /cs/ is the context root you provided when you installing the Content Server.

      If Authentication Type is ORASSO, then leave this parameter blank.

      Scratch Directory: Optional. Specify a directory on the system under which the Oracle SES instance resides.

      Oracle SSO Login URL:

      If Authentication Type is ORASSO, then specify a value for Oracle SSO. For example: https://login.example.com/mysso/signon.jsp?site2pstoretoken=

      If Authentication Type is NATIVE, then leave this field blank.

      Oracle SSO Action URL:

      If Authentication Type is ORASSO, then specify a value for Oracle SSO. For example: https://login.example.com/sso/auth

      If Authentication Type is NATIVE, then leave this field blank.

      Click Next (Figure 22-16).

      Figure 22-16 Oracle Content Server Source Parameters

      Description of Figure 22-16 follows
      Description of "Figure 22-16 Oracle Content Server Source Parameters"

    4. On the Create User-Defined Source : Step 2 : Authorization page, enter the following parameters in the Authorization Manager section, if not entered by default:

      Plug-in Class Name: oracle.search.plugin.security.auth.stellent.StellentAuthManager

      Jar File Name: oracleapplications/StellentCrawler.jar

      HTTP endpoint for authorization: for example, http://host:port/cs/idcplg

      Display URL Prefix: for example, http://host:port/cs

      Authentication Type: NATIVE or ORASSO

      Administrator User: The user to crawl the Content Server must have the sceCrawlerRole role defined. The sceCrawlerRole is a configuration parameter in SESCrawlerExport. Typically, administrators create a special role, assign it no privileges to view content, then create a user account that has this role.If you do not set up a specific sceCrawlerRole, then admin credentials are required to crawl. The sysadmin user ID works by default.

      If Authentication Type is ORASSO, then enter a user ID (and password) of a user in the identity management server fronted by Oracle SSO. This user must have been granted the same permissions as sysadmin. If it is not possible to grant those permissions, then delete the "remote" user corresponding to this user in the Content Server, and create a "local" version of the user (same name) in the Content Server.

      Administrator Password: Password for crawl admin user

      Authorization User ID Format: Authentication attribute used in the active identity plug-in. To find this value, go to the Global Settings - Identity Management Setup page in Oracle SES. Enter the value of the Authentication Attribute under the Active Plug-in (for example, nickname or username or something else). If you are using the Oracle E-Business Suite R12 identity plug-in, then leave the this parameter blank.

      Realm:

      If Authentication Type is NATIVE, then enter "Idc Security /cs/idcplg", where /cs/ is the context root you provided when you installing the Content Server.

      In Authentication Type is ORASSO, then leave this field blank.

    5. Click Create & Customize (or edit a created source) to see other source parameters. On the Crawling Parameters tab, enter the following crawling parameter: Document Service Pipeline.

    6. Click Enable and select the pipeline you created.

22.5.3.3 Setting Up Oracle SES to Search Discussions and Announcements

To search WebCenter Portal's discussions and announcements using Oracle SES, you must first set up two Oracle SES Database sources: one for discussions and one for announcements. For example, the discussions source could have the source name GS_Discussions and a View of FORUMCRAWLER_VW, and the announcements source might have the source name GS_Announcements and a View of ANNOUNCEMENTS_VW.

Note:

There are slightly different steps for Oracle, Microsoft SQL Server, and IBM DB2 databases.

  1. Configure the JDBC driver:

    1. To crawl a Microsoft SQL Server or IBM DB2 database, download the appropriate JDBC driver jar files into the ORACLE_HOME/search/lib/plugins/oracleapplications directory in Oracle SES.

      Note:

      • For Microsoft SQL Server: Copy the Microsoft JDBC driver files sqljdbc.jar and sqljdbc4.jar.

      • For IMB DB2: Copy the IBM driver files db2jcc.jar and db2jcc_license_cu.jar (obtainable from the IBM DB2 UDB client).

      If the JDBC drivers for JRE 1.5 and JRE 1.6 are different (for example: sqljdbc.jar works for JRE 1.5 and sqljdbc4.jar works for JRE 1.6), then perform the following:

      - Download both the driver jars into the ORACLE_HOME/search/lib/plugins/oracleapplications directory in Oracle SES.

      - Add an entry for the JRE 1.6 version (sqljdbc4.jar for SQLServer) of the driver jar to the CLASSPATH element of ORACLE_HOME/search/config/searchctl.conf.

      - Restart the middle tier.

    2. Update the drivers.properties file with the following information: DatabaseName:DriverClassName.

    3. Add the JRE 1.5 JDBC driver jar file name to the classpath in META-INF/MANIFEST.MF of appsjdbc.jar and DBCrawler.jar.

      For example, change:

      Class-Path:  sqljdbc.jar rsscrawler.jar  ../../pluginmessages.jar
      

      to

      Class-Path:  db2jcc.jar sqljdbc.jar rsscrawler.jar  ../../pluginmessages.jar
      

      and change:

      Class-Path: appsjdbc.jar
      

      to

      Class-Path: db2jcc.jar appsjdbc.jar
      

    For a key attribute that is not named KEY, change the JDBC driver information in the drivers.properties file to specify the key attribute name: database_name: driver_class_name, key_attribute_name

    For example, for a key attribute named ID:

    oracle : oracle.jdbc.driver.OracleDriver, ID
    

    In the crawling query, use key_attribute_name as the alias for the key value column name. In this example, ID is the alias for KEYVAL:

    SELECT keyval id, content, url, lastmodifieddate, lang FROM sales_only
    

    Oracle and SQL Server databases: The following default drivers are used if none is specified in drivers.properties:

    • Oracle: oracle.jdbc.driver.OracleDriver

    • SQL Server: com.microsoft.sqlserver.jdbc.SQLServerDriver

  2. Required for IBM DB2 databases only:

    1. Make sure that no crawlers are running that use the database crawler source. In the Oracle SES administration tool, check the crawler progress and status on the Home - Schedules page. (Click Refresh Status.)

    2. Remake the appsjdbc.jar file and the DBCrawler.jar file. Ensure that the META-INF/MANIFEST.MF was updated correctly; otherwise, the crawler fails with the following error in the crawler log file:

      EQP-80406: Loading JDBC driver failed
      
    3. Modify the Oracle_Home/search/lib/plugins/oracleapplications/drivers.properties file to include the following line:

      db2: com.ibm.db2.jcc.DB2Driver
      
    4. Include the driver jar (db2jcc.jar) to the CLASSPATH element of ORACLE_HOME/search/config/searchctl.conf. For example:

      #CLASS PATH
      CLASSPATH=ORACLE_HOME/search/webapp/config:ORACLE_HOME/search/webapp/
      SESAuthenticator.jar:ORACLE_HOME/search/lib/plugins/commons-plugins-
      stubs.jar :ORACLE_HOME /search/lib/plugins/oracleapplications/db2jcc.jar
      
    5. Edit JVM_OPTIONS in the $ORACLE_HOME/search/config/searchctl.conf file to add the system property "-Doracle.home=ORACLE_HOME/search". For example:

      JVM_OPTIONS= -Djava.awt.headless=true
      -Dweblogic.RootDirectory=ORACLE_HOME/search/base_domain
      -Doracle.home=ORACLE_HOME/search
      
    6. Copy the $ORACLE_HOME/search/lib/plugins/oracleapplications/pluginmessages.jar file to the $ORACLE_HOME/search/lib directory.

    7. Create the database source. Make sure to enter the correct authorization query and confirm that the attribute name used in Grant Security Attributes matches the one used in the authorization query; otherwise, users do not get any results when searching for documents.

  3. Create a Discussions source or an Announcements source.

    1. In Oracle SES, go to Home > Sources.

    2. From the Source Type dropdown list, select Database, and click Create (Figure 22-17).

      Figure 22-17 Create Database Source

      Description of Figure 22-17 follows
      Description of "Figure 22-17 Create Database Source"

    3. Enter the following parameters:

      Source Name: unique_name; for example, GS_Discussions to crawl discussions (or GS_Announcements to crawl announcements)

      Database Connection String: Enter one of the following

      - Oracle databases: Enter one of the following

      jdbc:oracle:thin:@host:port:sid

      jdbc:oracle:thin@host:port/serviceId

      - IBM DB2 databases: Enter jdbc:db2://host:port/database_name

      - Microsoft SQL Server databases: Enter jdbc:sqlserver://host_or_IP_address:port;database_name

      User ID: Enter one of the following:

      - Oracle databases: The user MyPrefix_DISCUSSIONS_CRAWLER created during Oracle WebCenter Portal's Discussion Server installation

      - Microsoft SQL Server databases: The user MyPrefix_DISCUSSIONS_CRAWLER created during Oracle WebCenter Portal's Discussion Server installation

      - IBM DB2 databases: The user MyPrefix_DC created during Oracle WebCenter Portal's Discussion Server installation (where MyPrefix is five characters)

      Password: Password for this user

      Query: Enter one of the following queries:

      SELECT * FROM FORUMCRAWLER_VW
      SELECT * FROM ANNOUNCECRAWLER_VW
      

      Use FORUMCRAWLER_VW for the source crawling discussion forums.

      Use ANNOUNCECRAWLER_VW for the source crawling announcements.

      URL Prefix: The URL prefix for the WebCenter Portal application, including host, port, and application name. For example, http://host:port/webcenter.

      Grant Security Attributes: WCSECATTR

      Note:

      Previous releases of Content Server used FORUMID for Grant Security Attributes.

    4. Click Next.

    5. On the Create User-Defined Source : Step 2 : Authorization page, enter the following parameters (if not prepopulated) in the Authorization Manager section:

      Plug-in Class Name: oracle.search.plugin.security.auth.db.DBAuthManager

      Jar File Name: oracleapplications/DBCrawler.jar

      Authorization Database Connection String: Enter one of the following:

      - Oracle databases: Enter one of the following:

      jdbc:oracle:thin:@host:port:sid

      jdbc:oracle:thin@host:port/serviceId

      - IBM DB2 databases: Enter jdbc:db2://host:port/database_name

      - Microsoft SQL Server databases: Enter jdbc:sqlserver://host_or_IP_address:port;database_name

      User ID: Enter one of the following:

      - Oracle databases: Enter the user MyPrefix_DISCUSSIONS_CRAWLER

      - Microsoft SQL Server databases: Enter the user MyPrefix_DISCUSSIONS_CRAWLER

      - IBM DB2 databases: Enter the user MyPrefix_DC (where MyPrefix is five characters)

      Password: This user password

      Single Record Query: false

      Authorization Query: Enter the following (on one line):

      SELECT DISTINCT forumID as WCSECATTR 
      FROM AUTHCRAWLER_FORUM_VW 
      WHERE username = LOWER(?) UNION SELECT DISTINCT -1 as WCSECATTR
      FROM AUTHCRAWLER_FORUM_VW
      

      Note:

      Previous releases of Content Server used the following authorization query:

      SELECT forumID 
      FROM AUTHCRAWLER_FORUM_VW 
      WHERE (username = ? or userID=-1) 
      UNION SELECT f.forumID 
      FROM jiveForum f, AUTHCRAWLER_CATEGORY_VW c 
      WHERE f.categoryID = c.categoryID AND (c.username =  ? or userID=-1) 
      

      Authorization User ID Format: Authentication attribute used in the active identity plug-in. To find this value, go to the Global Settings - Identity Management Setup page in Oracle SES. Enter the value of the Authentication Attribute under the Active Plug-in (for example, nickname or username or something else).

      If you are using the Oracle E-Business Suite R12 identity plug-in, then leave the this parameter blank.

    6. Click Create to complete the source creation.

22.5.3.4 Additional Oracle SES Configuration

This section describes the required steps in the Oracle SES administration tool.

  1. Create a source group that includes the names of the Content Server, Discussions, Announcements, and WebCenter Portal services sources you created.

    1. Go to the Search - Source Groups page, and click Create.

    2. Enter the same source group name entered in Section 22.5.4, "Setting Up WebCenter Portal: Framework for Oracle SES."

    3. From the Select Source Type dropdown list, select each source type (Database, Oracle Content Server, Oracle WebCenter), and then from the Available Sources listed for each source type, move the source you created for that source type into the Assigned Sources list.

    4. Click Finish.

  2. Optionally configure the security filter lifespan. This refreshes the authorization policies for users in the system. It is best to have a short lifespan when user policies change frequently. (This chapter uses Oracle Internet Directory identity plug-in as the example.)

    For example, on the Global Settings - Query Configuration page, under Secure Search Configuration, enter 0 for Security Filter Lifespan (minutes).

    Valid values for the security filter lifespan are between 0 minutes (no cache) and 526500 minutes (cache for one year).

  3. To index everything, you must force a full crawl for each source; that is, you must change the existing incremental crawl schedule for each source to first process ALL documents.

    This step is very important, in that searching does not work unless the content is first indexed completely.

    Go to the Home - Schedules page, select the source schedule, and click Edit to force a full crawl.

    After each source has been crawled, go back to the same page and change the crawl policy back to incremental (index documents that have changed since the previous crawl). Also, in the Frequency section of the page, select a non-manual type for running incremental crawl (for example, weekly or daily).

    Note:

    Before the first crawl of the Content Server, remember to go to the Content Server Administration page, select SES Crawler Export, and take a snapshot. For more information, see Section 22.5.1, "Setting Up Oracle WebCenter Portal Content Server for Oracle SES."

22.5.4 Setting Up WebCenter Portal: Framework for Oracle SES

This section describes how to configure WebCenter Portal: Framework to work with Oracle SES.

Make sure you have created and configured the connection between WebCenter Portal and Oracle SES, specifying the Federation Trusted Entity, and optionally specifying a source group.

The Oracle SES crawlers are enabled by default in Framework applications.

22.5.4.1 Configuring Framework Applications After Deployment

After a Framework application has been deployed to an Oracle WebLogic managed server, you can configure it using WLST or Fusion Middleware Control. This section contains the following subsections:

22.5.4.1.1 Modifying Search Parameters Using WLST

Use the WLST command setSearchConfig to modify search parameters post deployment.

Example 22-2 shows how to specify a data group (also known as source group) under which you search Oracle SES.

Example 22-2 Set a Source Group

setSearchSESConfig(appName='webcenter',
                   dataGroup='MySources')

where dataGroup is the source group you create in Section 22.5.3.4, "Additional Oracle SES Configuration" (for Framework applications) or in Section 22.6.4.6, "Additional Oracle SES Configuration" (for Spaces applications).

Example 22-3 shows how to increase the number of search results displayed. Five is the default setting for the number of search results displayed in Oracle SES results, but result sets generally are larger than five.

Example 22-3 Increase Number of Search Results Displayed

setSearchConfig(appName='webcenter',
                numResultsMain=10)

Example 22-4 shows how to configure the maximum time that a service is allowed to execute a search (in ms). When a service times out largely depends on the system load. If you consistently get time out errors, adjust this parameter.

Example 22-4 Configure Maximum Time WebCenter Waits for Search Results

setSearchConfig(appName='webcenter',
                executionTimeout=10000)

For command syntax and examples, see the section, "setSearchConfig" in Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

22.5.4.1.2 Configuring Search Crawlers Using WLST

You can use WLST commands to create crawlers and to start, stop and delete crawler schedules post deployment. These commands let you crawl new data in Oracle SES or delete old crawlers if the configuration data changes.

Example 22-5 and Example 22-6 show some of these commands. For more information, see the section, "Search - Oracle SES Search Crawlers" in Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

Example 22-5 Create a Documents Crawler in WLST

createDocumentsCrawler(
'portal', 'portal_host', 'portal_port',
'http://ses-host:ses-port/search/api/admin/AdminService', 'ses-admin-pw',
'http://ucm-host:ucm-port/cs/idcplg?IdcService=
SES_CRAWLER_DOWNLOAD_CONFIG&source=default', 'ucm-crawl-user',
'ucm-crawl-user-pw', '/tmp',
'http://ucm-host:ucm-port/cs/idcplg', 'http://ucm-host:ucm-port/cs',
'Idc Security /cs/idcplg', 'authentication-id-format', 'Document-pipeline',
'ACCEPT_ALL', 'PROCESS_CHANGED', 'MANUAL', 1, 1, 'MONDAY', 1, 1, 1, 1)

where:

  • portal = Name of the Framework application in which to perform this operation

  • portal_host = Host name of the system where the Framework application is running

  • portal_port = Port number used to access the Framework application

  • ses-host = Oracle SES host name

  • ses-port = Oracle SES port number

  • ses-admin-pw = Oracle SES admin user password

  • ucm-host = Content Server host name

  • ucm-port = Content Server port number

  • ucm-crawl-user = Content Server crawl user name

  • ucm-crawl-user-pw = Content Server crawl user password

  • authentication-id-format = Use 'nickname' if the Identity Management plug-in on Oracle SES is set to Oracle Internet Directory; otherwise, use the value of the Authentication Attribute parameter on the Identity Management plug-in on Oracle SES

  • Document-pipeline = Document pipeline on Oracle SES created for this Framework instance

Example 22-6 Create a Discussions Crawler in WLST

createDiscussionsCrawler(
'webcenter','webcenter_host','webcenter_port',
'http://ses-host:ses-port/search/api/admin/AdminService', 'ses-admin-pw',
'jdbc:oracle:thin:@database-host:database-port:database-sid',
'Jive-crawler-schema','Jive-crawler-schema-pw', 'authentication-id-format',
'ACCEPT_ALL', 'PROCESS_ALL', 'MANUAL', 1, 1, 'MONDAY', 1, 1, 1, 1)

where:

  • webcenter_host = Framework application host name

  • webcenter_port = Framework application port number

  • ses-host = Oracle SES host name

  • ses-port = Oracle SES port number

  • ses-admin-pw = Oracle SES admin user password

  • database-host = Discussions server database host name

  • database-port = Discussions server database port number

  • database-sid = Discussions server database name or SID

  • Jive-crawler-schema = Discussions server crawler schema name. Determine the prefix from RCU, and use rcu-prefix_DISCUSSION_CRAWLER.

  • Jive-crawler-schema-pw = Discussions server crawler schema password

  • authentication-id-format = Use 'nickname' if the Identity Management plug-in on Oracle SES is set to Oracle Internet Directory; otherwise, use the value of the Authentication Attribute parameter on the Identity Management plug-in on Oracle SES.

Note:

To effect WLST changes, you must restart the managed server on which the WebCenter Portal application is deployed (by default, WC_Spaces). For more information, see the section "Starting and Stopping WebLogic Managed Servers Using the Command Line" in Oracle Fusion Middleware Administrator's Guide.

22.5.4.1.3 Configuring Search Parameters and Crawlers Using Fusion Middleware Control

You can enable or disable Oracle SES and configure search settings using Fusion Middleware Control.

  1. Log in to Fusion Middleware Control and navigate to the home page for your WebCenter Portal application. For more information, see Section 6.2, "Navigating to the Home Page for the Spaces Application" or Section 6.3, "Navigating to the Home Page for Framework Applications."

  2. From the WebCenter Portal menu, select Settings > Application Configuration.

  3. Select to enable the Oracle SES adapter or the default WebCenter Portal adapters, and click Apply (Figure 22-18).

    Optionally, you can configure search parameters.

    • Oracle Secure Enterprise Search Data Group: Specify the Oracle SES source group in which to search. If no value is provided, then everything in the Oracle SES instance is searched.

    • Execution Timeout: Enter the maximum time that a service is allowed to execute a search (in ms).

    • Executor Preparation Timeout: Enter the maximum time that a service is allowed to initialize a search (in ms).

    • Results per Service - Saved Search Task Flows: Enter the number of search results displayed, per service, in a Saved Search task flow.

    • Results per Service - Search Page: Enter the number of search results displayed, per service, for searches submitted from the main search page. Users can click Show All if they want to see all the results.

    • Number of Saved Searches in Search Page: Enter the number of saved searches displayed in the Saved Search list (on the main search page).

    You do not need to restart the managed server on which the Framework application is deployed.

    Figure 22-18 Application Settings for Oracle Search

    Description of Figure 22-18 follows
    Description of "Figure 22-18 Application Settings for Oracle Search"

22.6 Configuring Oracle SES to Search Spaces Applications

With Spaces applications, WebCenter Portal's internal live search adapters are set as the default search platform; however, large-scale implementations should be configured to use Oracle SES for best performance.

Note:

For an overview of the tasks that must be performed to enable Oracle SES as the search engine in Spaces, see Section 22.2, "Configuration Roadmaps for Oracle SES in WebCenter Portal." There may be various acceptable ways and orders to perform the required tasks.

This section describes the steps necessary to set up Oracle SES to search Spaces:

22.6.1 Setting Up WebCenter Portal: Spaces for Oracle SES

This section describes how to configure WebCenter Portal: Spaces to work with Oracle SES.

  1. Create and configure the connection between Spaces and Oracle SES, and optionally specifying a source group.

  2. To use Oracle SES to search spaces, lists, or pages, you must first create a crawl admin user in WebCenter Portal: Spaces and in your back-end identity management server (for example, mycrawladmin). You must only create a crawl admin user once.

    Note:

    See your identity management system documentation for information on creating users.

    The following example uses Oracle Directory Services Manager to create the mycrawladmin user.

    1. On the Data Browser tab, navigate to the target cn and click Create. This example navigates to "dc=com,dc=oracle,dc=us,cn=Users". In the Add Object Class dialog, select the appropriate object class, and click OK. (Figure 22-19).

      Figure 22-19 Oracle Directory Services Manager - Add Object Class

      Description of Figure 22-19 follows
      Description of "Figure 22-19 Oracle Directory Services Manager - Add Object Class"

    2. Find the distinguished name (DN) path, and click Select (Figure 22-20). This example selects "dc=com,dc=oracle,dc=us,cn=Users".

      Figure 22-20 Oracle Directory Services Manager - Select DN Path

      Description of Figure 22-20 follows
      Description of "Figure 22-20 Oracle Directory Services Manager - Select DN Path"

    3. In the Create New Entry dialog, enter properties, and click Next (Figure 22-21).

      Figure 22-21 Oracle Directory Services Manager - Create New Entry

      Description of Figure 22-21 follows
      Description of "Figure 22-21 Oracle Directory Services Manager - Create New Entry"

    4. When you see that the new entry was created successfully, click Finish. (Figure 22-22)

      Figure 22-22 Oracle Directory Services Manager - Status

      Description of Figure 22-22 follows
      Description of "Figure 22-22 Oracle Directory Services Manager - Status"

  3. Grant the crawl application role to the crawl admin user created in Section 22.3.2, "Oracle SES - Configuration." For example:

    grantAppRole(appStripe="webcenter",
                 appRoleName="webcenter#-#defaultcrawl",
                 principalClass="weblogic.security.principal.WLSUserImpl",
                 principalName="mycrawladmin");
    

    For command syntax and examples, see the section, "grantAppRole" in Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

    Note:

    To effect WLST changes, you must restart the managed server on which the application is deployed (by default, WC_Spaces). For more information, see the section "Starting and Stopping WebLogic Managed Servers Using the Command Line" in Oracle Fusion Middleware Administrator's Guide.

  4. Enable the Oracle SES crawlers in WebCenter Portal.

    With the same WLST command, you can set crawler properties (that is, enable/disable the crawlers) and specify an interval between full crawls for the Spaces crawler. By default, full crawls for the Spaces crawler occur every seven days, but you can specify a different frequency. (Incremental crawls are initiated by the schedule set in Oracle SES.)

    For example:

    setSpacesCrawlProperties(appName='webcenter', 
                             fullCrawlIntervalInHours=168, 
                             spacesCrawlEnabled = true, 
                             documentCrawlEnabled=true,          
                             discussionsCrawlEnabled=true)
    

    Notes:

    The spacesCrawlEnabled, documentCrawlEnabled and discussionsCrawlEnabled parameters all must be set to true to enable Oracle SES.

    A clustered instance additionally requires the server parameter; for example, server="WC_Spaces1".

    The following example specifies that Spaces runs a full crawl through the Spaces crawler every 8 days.

    setSpacesCrawlProperties(appName='webcenter',fullCrawlIntervalInHours=192)
    

    You also can use WLST to return the current crawl settings for WebCenter Portal, such as the number of hours between full crawls (Spaces crawler). For example, the following command returns the current crawl settings for Spaces.

    getSpacesCrawlProperties(appName='webcenter')
    
    WebCenter Spaces Crawl Properties:
    -----------------
    fullCrawlIntervalInHours: 124
    spacesCrawlEnabled:       true
    documentCrawlEnabled:     true
    discussionsCrawlEnabled:  true
    
  5. Use the listDocumentsSpacesProperties command to determine the unique name that the back-end Content Server is using to identify this WebCenter Portal application and the connection name for the primary Content Server that WebCenter Portal is using to store documents. For example:

    listDocumentsSpacesProperties(appName='webcenter')
    

    The response should looks something like the following:

    The Documents Spaces container is "/WebCenter1109"
    The Documents repository administrator is "sysadmin"
    The Documents application name is "WC1109"
    The Documents primary connection is "stxxl18-ucm11g"
    

    Note:

    Record the application name and the primary connection returned. These values are required later (in Section 22.6.4.2, "Setting Up Oracle SES to Search Documents") to set up Oracle SES to crawl documents.

    Note:

    To effect WLST changes, you must restart the managed server on which the application is deployed (by default, WC_Spaces). For more information, see the section "Starting and Stopping WebLogic Managed Servers Using the Command Line" in Oracle Fusion Middleware Administrator's Guide.

22.6.1.1 Configuring Search Parameters Using WLST

Use the WLST command setSearchConfig to modify search parameters.

Example 22-7 shows how to specify a data group (also known as source group) under which you search Oracle SES.

Example 22-7 Set a Source Group

setSearchSESConfig(appName='webcenter',
                   dataGroup='MySources')

where dataGroup is the source group you create in Section 22.5.3.4, "Additional Oracle SES Configuration" (for Framework applications) or in Section 22.6.4.6, "Additional Oracle SES Configuration" (for Spaces applications).

Example 22-8 shows how to increase the number of search results displayed. Five is the default setting for the number of search results displayed in Oracle SES results, but result sets generally are larger than five.

Example 22-8 Increase Number of Search Results Displayed

setSearchConfig(appName='webcenter',
                numResultsMain=10)

Example 22-9 shows how to configure the maximum time that a service is allowed to execute a search (in ms). When a service times out largely depends on the system load. If you consistently get time out errors, adjust this parameter.

Example 22-9 Configure Maximum Time WebCenter Portal Waits for Search Results

setSearchConfig(appName='webcenter',
                executionTimeout=10000)

For command syntax and examples, see the section, "setSearchConfig" in Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

22.6.1.2 Configuring Search Parameters and Crawlers Using Fusion Middleware Control

You can enable or disable Oracle SES and configure search settings using Fusion Middleware Control.

  1. Log in to Fusion Middleware Control and navigate to the home page for your WebCenter Portal application. For more information, see Section 6.2, "Navigating to the Home Page for the Spaces Application" or Section 6.3, "Navigating to the Home Page for Framework Applications."

  2. From the WebCenter Portal menu, select Settings > Application Configuration.

  3. Select to enable the Oracle SES adapter or the default WebCenter Portal search adapters, and click Apply (Figure 22-23).

    You can specify an interval between full crawls for the Spaces crawler. By default, full crawls for the Spaces crawler occur every seven days, but you can specify a different frequency. (Incremental crawls, for all three crawlers, are initiated by the schedule set in Oracle SES.)

    Optionally, you can configure search parameters.

    • Oracle Secure Enterprise Search Data Group: Specify the Oracle SES source group in which to search. If no value is provided, then everything in the Oracle SES instance is searched.

    • Execution Timeout: Enter the maximum time that a service is allowed to execute a search (in ms).

    • Executor Preparation Timeout: Enter the maximum time that a service is allowed to initialize a search (in ms).

    • Results per Service - Saved Search Task Flows: Enter the number of search results displayed, per service, in a Saved Search task flow.

    • Results per Service - Search Page: Enter the number of search results displayed, per service, for searches submitted from the main search page. Users can click Show All if they want to see all the results.

    • Number of Saved Searches in Search Page: Enter the number of saved searches displayed in the Saved Search list (on the main search page).

    You do not need to restart the managed server on which the WebCenter Portal application is deployed.

    Figure 22-23 Application Settings for WebCenter Portal Search

    Search crawlers
    Description of "Figure 22-23 Application Settings for WebCenter Portal Search"

22.6.2 Setting Up Oracle WebCenter Portal: Content Server for Oracle SES

This section describes how to configure Oracle WebCenter Content: Content Server to be crawlable by Oracle SES (in particular, the Content Server that WebCenter Portal uses for storing documents).

The following steps must be done from within the Content Server.

  1. Create the role sescrawlerrole.

  2. Create the user sescrawler, and assign it the admin role and the sescrawlerrole role. This user creates the Content Server source in Oracle SES.

  3. Add sceCrawlerRole=sescrawlerrole to config.cfg (located in MiddlewareHome/user_projects/domains/yourdomain/ucm/cs/config).

  4. Restart the Content Server.

  5. In the Content Server console, install the SESCrawlerExport component on the content server, if not done:

    1. Log on to the Content Server as a system administrator. For example: http://host:port/cs.

    2. From the Administration dropdown menu, select Admin Server (Figure 22-24).

      Figure 22-24 Content Server Administration

      Description of Figure 22-24 follows
      Description of "Figure 22-24 Content Server Administration"

    3. Click the button with the instance name.

    4. Click Component Manager from the menu list on the left pane (Figure 22-25).

      Figure 22-25 Content Server Component Manager

      Description of Figure 22-25 follows
      Description of "Figure 22-25 Content Server Component Manager"

    5. Select SESCrawlerExport under Integration and click Update.

    6. Enter configuration parameters. (You can change configuration parameters after installation.)

      Disable security on authentication and authorization APIs provided by the SESCrawlerExport; that is, set Disable Secure APIs to false. This lets security provided by the SESCrawlerExport be done internally instead of by the content server.

      Additionally, in clustered environments only, the feedLoc parameter must specify a location on the shared disk accessed by the nodes of content server, and they each must reference it the same way; for example, sharedDrive/dir1/dir2. Note that this is not the default location (relative path) provided.

    7. Restart the Content Server.

  6. Take a snapshot of the Content Server repository.

    1. Log on to the Content Server as a system administrator. For example: http://host:port/cs.

    2. From the Administration dropdown menu, select SESCrawlerExport.

    3. Select All sources, and click Take Snapshot (Figure 22-26).

      Figure 22-26 Content Server Snapshot

      Description of Figure 22-26 follows
      Description of "Figure 22-26 Content Server Snapshot"

      It is important to take a snapshot before the first crawl or any subsequent full crawl of the source.

      The snapshot generates configFile.xml at the location specified during component installation, and feeds are created at the subdirectory with the source name under feedLoc.

  7. If the Content Server is configured for web rendition, then items in the Content Server are rendered in PDF format. The content item's native MIME type rendition is overwritten. For example, the MIME type of a Microsoft Office Word document is 'application/msword', but when the Content Server uses web rendition the MIME type becomes 'application/pdf'. A search query with the Mimetype parameter set to 'application/msword' does not return Word documents.

    If your Content Server is configured to use web rendition, then you must configure the Content Server metatdata list to include the dFormat value, so that required MIME types are exported to Oracle SES. This is necessary to be able to narrow searches by MIME type.

    1. Back on the SESCrawlerExport Administration page, click Configure SESCrawlerExport (Figure 22-11).

      Figure 22-27 Content Server Snapshot

      Description of Figure 22-27 follows
      Description of "Figure 22-27 Content Server Snapshot"

    2. By default, the Metadata List field is blank (Figure 22-28).

      Figure 22-28 Content Server Metadata List

      Description of Figure 22-28 follows
      Description of "Figure 22-28 Content Server Metadata List"

      Left blank, the list of metadata values that are exported to Oracle SES consists of the following (plus any custom metadata fields beginning with 'x'): dID,dDocName,dRevLabel,dDocType,dDocAccount,dSecurityGroup,dOriginalName,dReleaseDate,dOutDate

      However, the dFormat value must be added to this list.

      When the blank default value is changed, the default values are removed, so they also must be added back. Enter the value for Metadata List as follows: dFormat,dID,dDocName,dRevLabel,dDocType,dDocAccount, dSecurityGroup,dOriginalName,dReleaseDate,dOutDate

    3. Optionally, add to this list any custom metadata values you require (beginning with x).

      For example, the following entry for Metadata List includes custom attributes:

      dFormat,dID,dDocName,dDocType,dDocAccount,dSecurityGroup,dOriginalName,dReleaseDate,dDocAuthor,dDocCreator,dDocCreatedDate,dOutDate,xCollectionID,xWCTags,xComments,xRegionDefinition

See Also:

22.6.3 Setting Up Oracle WebCenter Portal Discussion Server for Oracle SES

This section describes how to configure Oracle WebCenter Portal's Discussion Server to be crawlable by Oracle SES (in particular, the discussions server that WebCenter Portal uses for storing discussions and announcements).

Note:

These steps is not required if you have a new installation of WebCenter Portal (with an Oracle database) and Oracle WebCenter Portal's Discussion Server. It is only required if you are using upgraded (patched) instances.

You can find database schema details for the corresponding data sources from your Oracle WebLogic Server console.

  1. Run the Repository Creation Utility (RCU) to confirm that the Discussions Crawler WebCenter Portal component has been installed on the system.

    • Oracle and Microsoft SQL Server databases:

      Verify that the Oracle WebCenter Portal's Discussion Server back end has been configured properly by noting that the MyPrefix_DISCUSSIONS user is installed in RCU.

      Then verify that the Discussions Crawler has been configured properly by noting that the MyPrefix_DISCUSSIONS_CRAWLER user is installed in RCU.

    • IBM DB2 databases:

      Verify that the Oracle WebCenter Portal's Discussion Server back end has been configured properly by noting that the MyPrefix_DS user is installed in RCU.

      Then verify that the Discussions Crawler has been configured properly by noting that the MyPrefix_DC user is installed in RCU.

      Note:

      For IBM DB2 databases, MyPrefix is limited to five characters. IBM DB2 uses operating system users for authentication (that is, the database user is actually an operating system user). Because some operating systems have an eight character limit for user names, this requires an eight character user name.

    If the Discussions Crawler component is not installed, then you must install it using RCU, selecting the same prefix that was used for the Oracle WebCenter Portal's Discussion Server component. Also, during the tablespace specification step in RCU, select Prefix_IAS_DISCUSSIONS as the default tablespace. This installs the user for Oracle SES.

    For more information, see Chapter 7, "Deploying WebCenter Portal: Framework Applications."

  2. For instances upgraded from WebCenter 11.1.1.1.0, run the following tool to upgrade the data in the Oracle WebCenter Portal's Discussion Server database schema, if you have not run the tool yet:

    Note:

    This step is necessary only if the instance is upgraded from WebCenter 11.1.1.1.0. For instances installed after WebCenter 11.1.1.1.0, this is not required.

    java -jar \
    $MW_HOME/discussionserver/discussionserver-upgradeforses.jar \
    <command_line_parameters>
    

    where command_line_parameters are the following MDS schema details and discussions database schema details:

    -mds_jdbc_user user_id \ 
    -mds_jdbc_password password \
    -mds_jdbc_url url \
    -discussions_jdbc_user user_id \
    -discussions_jdbc_password password \
    -discussions_jdbc_url url
    

    where mds_jdbc_user, mds_jdbc_password, and mds_jdbc_url are the values to log in to the MDS schema, and discussions_jdbc_user, discussions_jdbc_password, and discussions_jdbc_url are the values to log in to the discussions database schema.

    For example:

    java -jar $MW_HOME/as11r1wc/discussionserver/discussionserver-upgradeforses.jar\
    -mds_jdbc_user foo \ 
    -mds_jdbc_password MyPassword1 \ 
    -mds_jdbc_url jdbc:oracle:thin:@host:port:SID \
    -discussions_jdbc_user foo \ 
    -discussions_jdbc_password MyPassword1 \ 
    -discussions_jdbc_url jdbc:oracle:thin:@host:port:SID
    

22.6.4 Setting Up Oracle SES to Search WebCenter Portal

The steps in this section must be performed in the Oracle SES administration tool.

The following steps are required:

  1. Section 22.6.4.1, "Logging on to the Oracle SES Administration Tool"

  2. Section 22.6.4.2, "Setting Up Oracle SES to Search Documents"

  3. Section 22.6.4.3, "Setting Up Oracle SES to Search Discussions and Announcements"

  4. Section 22.6.4.4, "Setting Up Oracle SES to Search Spaces, Lists, Pages, and People"

  5. Section 22.6.4.6, "Additional Oracle SES Configuration"

See Also:

Confirm that you have installed all required patches for Oracle SES. For the latest information on required patches, see "Back-End Requirements for the Search Service" in Oracle Fusion Middleware Installation Guide for Oracle WebCenter Portal and the Release Notes.

For detailed information about Oracle SES configuration, see the Oracle SES documentation included with the product. (This is listed in the WebCenter Portal product area on the Oracle Fusion Middleware documentation library.)

22.6.4.1 Logging on to the Oracle SES Administration Tool

Open the Oracle SES administration tool:

  1. Open a browser and enter the URL provided after the installation. (This has the form http://host:port/search/admin/index.jsp.)

  2. Log on with the Oracle SES admin user name eqsys and the password specified during installation.

22.6.4.2 Setting Up Oracle SES to Search Documents

To search WebCenter Portal documents using Oracle SES, you must first set up a Document Service Manager (with a Document Service Instance and a Document Service Pipeline), and then create a Content Server source.

  1. Configure the Document Service Manager (one time for each Oracle SES instance).

    Note:

    Document services are plug-ins involved in the processing of a document when it is being crawled. A document service allows WebCenter Portal to add indexable attributes for documents used in a WebCenter Portal application.

    Search attribute names must be unique; two attributes cannot have the same name. For example, if an attribute exists with a String data type, and another attribute is discovered by the crawler with the same name but a different data type, then the crawler ignores the second attribute. Before creating new attributes, make sure to check the list of Oracle SES attribute names and types in the Oracle SES documentation.

    1. On the Global Settings - Document Services page, click Create. Select Create New Manager, click Next, and enter the following parameters:

      Manager Class Name: oracle.webcenter.search.crawl.ucm.ses.WcUcmDsManager

      Manager Jar File Name: search-crawl-ucm.jar

      Note:

      The webcenter_search_ses_plugins.zip file installs Oracle_Home/search/lib/plugins/doc/search-crawl-ucm.jar.

      Click Next, and then click Finish (Figure 22-29).

      Figure 22-29 Creating a Document Services Manager in Oracle SES

      Description of Figure 22-29 follows
      Description of "Figure 22-29 Creating a Document Services Manager in Oracle SES"

    2. Create the Document Service Instance.

      Again, on the Global Settings - Document Services page, click Create. This time, select Select From Available Managers with Secure Enterprise Search WebCenter UCM Plugin, and click Next (Figure 22-30).

      Figure 22-30 Create Document Service

      Description of Figure 22-30 follows
      Description of "Figure 22-30 Create Document Service"

      In addition to the entering an instance name, enter the following parameters:

      WebCenter Application Name: The unique name being used to identify this WebCenter Portal application in the back-end Content Server.

      Connection Name: The name of the primary Content Server connection that WebCenter Portal is using to store Space documents.

      WebCenter URL Prefix: The host and port where the WebCenter Portal application is deployed; for example: http://myhost:8888.

      Note:

      Use the listDocumentsSpacesProperties command to determine the application name and connection name for Spaces, as described in Section 22.6.1, "Setting Up WebCenter Portal: Spaces for Oracle SES."

    3. Create the Document Services Pipeline. This invokes the document service instance. Again, on the Global Settings - Document Services page, under the Document Services Pipelines section, click Create.

      Enter a name and select the instance created in the previous step.

  2. Create the Content Server source for documents.

    See Also:

    Section 22.6.5, "Configuring Search Crawlers Using WLST" for an alternative way to create the Content Server source

    1. Go to Home > Sources.

    2. From the Source Type dropdown list, select Oracle Content Server, and click Create (Figure 22-31).

      Figure 22-31 Create Oracle Content Server Source

      Description of Figure 22-31 follows
      Description of "Figure 22-31 Create Oracle Content Server Source"

    3. Enter the following parameters:

      Source Name: unique_name

      Configuration URL: Content_Server_SES_Crawler_Export_endpoint; for example, http://host:port/cs/idcplg?IdcService=SES_CRAWLER_DOWNLOAD_CONFIG&source=default

      Note:

      The source=default parameter denotes the name of the source created in the configuration of the SES Crawler Export. The default one is created automatically and called "default."

      Authentication Type:

      If the Content Server is not protected by SSO, then enter NATIVE.

      If the Content Server is protected by Oracle SSO, then enter ORASSO.

      User ID: The user to crawl the Content Server must have the sceCrawlerRole role defined. The sceCrawlerRole is a configuration parameter in SESCrawlerExport. Typically, administrators create a special role, assign it no privileges to view content, then create a user account that has this role.

      If you do not set up a specific sceCrawlerRole, then admin credentials are required to crawl. The sysadmin user ID works by default.

      If Authentication Type is ORASSO, then enter a user ID (and password) of a user in the identity management server fronted by Oracle SSO. This user must have been granted the same permissions as sysadmin. If it is not possible to grant those permissions, then delete the "remote" user corresponding to this user in the Content Server, and create a "local" version of the user (same name) in the Content Server.

      Password: Password for this Content Server user.

      Realm:

      If Authentication Type is NATIVE, then enter Idc Security /cs/idcplg, where /cs/ is the context root you provided when you installing the Content Server.

      If Authentication Type is ORASSO, then leave this parameter blank.

      Scratch Directory: Optional. Specify a directory on the system under which the Oracle SES instance resides.

      Oracle SSO Login URL:

      If Authentication Type is ORASSO, then specify a value for Oracle SSO. For example: https://login.example.com/mysso/signon.jsp?site2pstoretoken=

      If Authentication Type is NATIVE, then leave this field blank.

      Oracle SSO Action URL:

      If Authentication Type is ORASSO, then specify a value for Oracle SSO. For example: https://login.example.com/sso/auth

      If Authentication Type is NATIVE, then leave this field blank.

      Click Next (Figure 22-32).

      Figure 22-32 Oracle Content Server Source Parameters

      Description of Figure 22-32 follows
      Description of "Figure 22-32 Oracle Content Server Source Parameters"

    4. On the Create User-Defined Source : Step 2 : Authorization page, enter the following parameters in the Authorization Manager section, if not entered by default:

      Plug-in Class Name: oracle.search.plugin.security.auth.stellent.StellentAuthManager

      Jar File Name: oracleapplications/StellentCrawler.jar

      HTTP endpoint for authorization: for example, http://host:port/cs/idcplg

      Display URL Prefix: for example, http://host:port/cs

      Authentication Type: NATIVE or ORASSO

      Administrator User: The user to crawl the Content Server must have the sceCrawlerRole role defined. The sceCrawlerRole is a configuration parameter in SESCrawlerExport. Typically, administrators create a special role, assign it no privileges to view content, then create a user account that has this role.If you do not set up a specific sceCrawlerRole, then admin credentials are required to crawl. The sysadmin user ID works by default.

      If Authentication Type is ORASSO, then enter a user ID (and password) of a user in the identity management server fronted by Oracle SSO. This user must have been granted the same permissions as sysadmin. If it is not possible to grant those permissions, then delete the "remote" user corresponding to this user in the Content Server, and create a "local" version of the user (same name) in the Content Server.

      Administrator Password: Password for crawl admin user

      Authorization User ID Format: Authentication attribute used in the active identity plug-in. To find this value, go to the Global Settings - Identity Management Setup page in Oracle SES. Enter the value of the Authentication Attribute under the Active Plug-in (for example, nickname or username or something else). If you are using the Oracle E-Business Suite R12 identity plug-in, then leave the this parameter blank.

      Realm:

      If Authentication Type is NATIVE, then enter Idc Security /cs/idcplg, where /cs/ is the context root you provided when you installing the Content Server.

      In Authentication Type is ORASSO, then leave this field blank.

    5. Click Create & Customize (or edit a created source) to see other source parameters. On the Crawling Parameters tab, enter the following crawling parameter: Document Service Pipeline.

    6. Click Enable and select the pipeline you created.

22.6.4.3 Setting Up Oracle SES to Search Discussions and Announcements

To search WebCenter Portal discussions and announcements using Oracle SES, you must first set up two Oracle SES Database sources: one for discussions and one for announcements. For example, the discussions source could have the source name GS_Discussions and a View of FORUMCRAWLER_VW, and the announcements source might have the source name GS_Announcements and a View of ANNOUNCEMENTS_VW.

Note:

There are slightly different steps for Oracle, Microsoft SQL Server, and IBM DB2 databases.

  1. Configure the JDBC driver:

    1. To crawl a Microsoft SQL Server or IBM DB2 database, download the appropriate JDBC driver jar files into the ORACLE_HOME/search/lib/plugins/oracleapplications directory in Oracle SES.

      Note:

      • For Microsoft SQL Server: Copy the Microsoft JDBC driver files sqljdbc.jar and sqljdbc4.jar.

      • DB2: Copy the IBM driver files db2jcc.jar and db2jcc_license_cu.jar (obtainable from the IBM DB2 UDB client).

      If the JDBC drivers for JRE 1.5 and JRE 1.6 are different, (for example: sqljdbc.jar works for JRE 1.5 and sqljdbc4.jar works for JRE 1.6), then perform the following:

      - Download both the driver jars into the ORACLE_HOME/search/lib/plugins/oracleapplications directory in Oracle SES.

      - Add an entry for the JRE 1.6 version (sqljdbc4.jar for SQLServer) of the driver jar to the CLASSPATH element of ORACLE_HOME/search/config/searchctl.conf.

      - Restart the middle tier.

    2. Update the drivers.properties file with the following information: DatabaseName:DriverClassName.

    3. Add the JRE 1.5 JDBC driver jar file name to the classpath in META-INF/MANIFEST.MF of appsjdbc.jar and DBCrawler.jar.

      For example, change:

      Class-Path:  sqljdbc.jar rsscrawler.jar  ../../pluginmessages.jar
      

      to

      Class-Path:  db2jcc.jar sqljdbc.jar rsscrawler.jar  ../../pluginmessages.jar
      

      and change:

      Class-Path: appsjdbc.jar
      

      to

      Class-Path: db2jcc.jar appsjdbc.jar
      

    For a key attribute that is not named KEY, change the JDBC driver information in the drivers.properties file to specify the key attribute name: database_name: driver_class_name, key_attribute_name

    For example, for a key attribute named ID:

    oracle : oracle.jdbc.driver.OracleDriver, ID
    

    In the crawling query, use key_attribute_name as the alias for the key value column name. In this example, ID is the alias for KEYVAL:

    SELECT keyval id, content, url, lastmodifieddate, lang FROM sales_only
    

    Oracle and SQL Server databases: The following default drivers are used if none is specified in drivers.properties:

    • Oracle: oracle.jdbc.driver.OracleDriver

    • SQL Server: com.microsoft.sqlserver.jdbc.SQLServerDriver

  2. Required for IBM DB2 databases only:

    1. Make sure that no crawlers are running that use the database crawler source. In the Oracle SES administration tool, check the crawler progress and status on the Home - Schedules page. (Click Refresh Status.)

    2. Remake the appsjdbc.jar file and the DBCrawler.jar file. Ensure that the META-INF/MANIFEST.MF was updated correctly; otherwise, the crawler fails with the following error in the crawler log file:

      EQP-80406: Loading JDBC driver failed
      
    3. Modify the Oracle_Home/search/lib/plugins/oracleapplications/drivers.properties file to include the following line:

      db2: com.ibm.db2.jcc.DB2Driver
      
    4. Include the driver jar (db2jcc.jar) to the CLASSPATH element of ORACLE_HOME/search/config/searchctl.conf. For example:

      #CLASS PATH
      CLASSPATH=ORACLE_HOME/search/webapp/config:ORACLE_HOME/search/webapp/
      SESAuthenticator.jar:ORACLE_HOME/search/lib/plugins/commons-plugins-
      stubs.jar :ORACLE_HOME /search/lib/plugins/oracleapplications/db2jcc.jar
      
    5. Edit JVM_OPTIONS in the $ORACLE_HOME/search/config/searchctl.conf file to add the system property "-Doracle.home=ORACLE_HOME/search". For example:

      JVM_OPTIONS= -Djava.awt.headless=true
      -Dweblogic.RootDirectory=ORACLE_HOME/search/base_domain
      -Doracle.home=ORACLE_HOME/search
      
    6. Copy the $ORACLE_HOME/search/lib/plugins/oracleapplications/pluginmessages.jar file to the $ORACLE_HOME/search/lib directory.

    7. Create the database source. Make sure to enter the correct authorization query and confirm that the attribute name used in Grant Security Attributes matches the one used in the authorization query; otherwise, users do not get any results when searching for documents.

  3. Create a Discussions source or an Announcements source.

    See Also:

    Section 22.6.5, "Configuring Search Crawlers Using WLST" for an alternative way to create these sources

    1. In Oracle SES, go to Home > Sources.

    2. From the Source Type dropdown list, select Database, and click Create (Figure 22-33).

      Figure 22-33 Create Database Source

      Description of Figure 22-33 follows
      Description of "Figure 22-33 Create Database Source"

    3. Enter the following parameters:

      Source Name: unique_name; for example, GS_Discussions to crawl discussions (or GS_Announcements to crawl announcements)

      Database Connection String: Enter one of the following

      - Oracle database: Enter one of the following

      jdbc:oracle:thin:@host:port:sid

      jdbc:oracle:thin@host:port/serviceId

      - IBM DB2 database: Enter jdbc:db2://host:port/database_name

      - Microsoft SQL Server database: Enter jdbc:sqlserver://host_or_IP_address:port;database_name

      User ID: Enter one of the following

      - Oracle database: The user MyPrefix_DISCUSSIONS_CRAWLER created during Oracle WebCenter Portal's Discussions Server installation

      - Microsoft SQL Server database: The user MyPrefix_DISCUSSIONS_CRAWLER created during Oracle WebCenter Portal's Discussions Server installation

      - IBM DB2 database: The user MyPrefix_DC created during Oracle WebCenter Portal's Discussions Server installation (where MyPrefix is five characters)

      Password: Password for this user

      Query: Enter one of the following queries:

      SELECT * FROM FORUMCRAWLER_VW
      SELECT * FROM ANNOUNCECRAWLER_VW
      

      Use FORUMCRAWLER_VW for the source crawling discussion forums.

      Use ANNOUNCECRAWLER_VW for the source crawling announcements.

      URL Prefix: The URL prefix for the WebCenter Portal application, including host, port, and application name. For example, http://host:port/webcenter for Webcenter Portal: Spaces.

      Grant Security Attributes: WCSECATTR

      Note:

      Previous releases of Content Server used FORUMID for Grant Security Attributes.

    4. Click Next.

    5. On the Create User-Defined Source : Step 2 : Authorization page, enter the following parameters (if not prepopulated) in the Authorization Manager section:

      Plug-in Class Name: oracle.search.plugin.security.auth.db.DBAuthManager

      Jar File Name: oracleapplications/DBCrawler.jar

      Authorization Database Connection String: Enter one of the following:

      - Oracle database: Enter one of the following:

      jdbc:oracle:thin:@host:port:sid

      jdbc:oracle:thin@host:port/serviceId

      - IBM DB2 database: Enter jdbc:db2://host:port/database_name

      - Microsoft SQL Server database: Enter jdbc:sqlserver://host_or_IP_address:port;database_name

      User ID: Enter one of the following:

      - Oracle database: Enter the user MyPrefix_DISCUSSIONS_CRAWLER

      - Microsoft SQL Server database: Enter the user MyPrefix_DISCUSSIONS_CRAWLER

      - IBM DB2 database: Enter the user MyPrefix_DC (where MyPrefix is five characters)

      Password: This user password

      Single Record Query: false

      Authorization Query: Enter the following (on one line):

      SELECT DISTINCT forumID as WCSECATTR 
      FROM AUTHCRAWLER_FORUM_VW 
      WHERE username = LOWER(?) UNION SELECT DISTINCT -1 as WCSECATTR
      FROM AUTHCRAWLER_FORUM_VW
      

      Note:

      Previous releases of Content Server used the following authorization query:

      SELECT forumID 
      FROM AUTHCRAWLER_FORUM_VW 
      WHERE (username = ? or userID=-1) 
      UNION SELECT f.forumID 
      FROM jiveForum f, AUTHCRAWLER_CATEGORY_VW c 
      WHERE f.categoryID = c.categoryID AND (c.username =  ? or userID=-1) 
      

      Authorization User ID Format: Authentication attribute used in the active identity plug-in. To find this value, go to the Global Settings - Identity Management Setup page in Oracle SES. Enter the value of the Authentication Attribute under the Active Plug-in (for example, nickname or username or something else).

      If you are using the Oracle E-Business Suite R12 identity plug-in, then leave the this parameter blank.

    6. Click Create to complete the source creation.

22.6.4.4 Setting Up Oracle SES to Search Spaces, Lists, Pages, and People

This section describes how to create the Oracle WebCenter source.

See Also:

Section 22.6.5, "Configuring Search Crawlers Using WLST" for an alternative way to create the Oracle WebCenter source

  1. Go to the Home > Sources page.

  2. From the Source Type dropdown list, select the Oracle WebCenter source type, and click Create (Figure 22-34).

    Figure 22-34 Create Oracle WebCenter Source

    Description of Figure 22-34 follows
    Description of "Figure 22-34 Create Oracle WebCenter Source"

  3. Enter the following source parameters:

    Note:

    If WebCenter Portal is fronted with an Oracle HTTP Server, then the Configuration URL used in this step requires the following in mod_wl_ohs.conf file.

    In a non-clustered environment:

    <Location /rsscrawl>
    SetHandler weblogic-handler
    WebLogicHost host_name
    WeblogicPort port
    </Location>
     
    <Location /sesUserAuth>
    SetHandler weblogic-handler
    WebLogicHost host_name
    WeblogicPort port
    </Location>
    

    In a clustered environment:

    <Location /rsscrawl>
    WebLogicCluster host_name1:port,host_name2:port
    SetHandler weblogic-handler
    </Location>
     
    <Location /sesUserAuth>
    WebLogicCluster host_name1:port,host_name2:port
    SetHandler weblogic-handler
    </Location>
    

    where host_name1 and host_name2 are the cluster nodes, and port is the listening port number of the managed server on which the WebCenter Portal application is deployed.

    See Also:

    Section 32.2.3.1, "Installing and Configuring OAM 11g R1" for detailed information about using WebCenter Portal with Oracle Access Manager.

    Source Name: unique_name

    Configuration URL: host:port_of_WebCenterSpaces/rsscrawl; for example, http://myhost:8888/rsscrawl

    Authentication Type: BASIC

    User ID: Crawl admin user you registered in Section 22.3.2, "Oracle SES - Configuration"; for example, mycrawladmin

    Password: Password for the crawl admin user

    Realm: jazn.com

    Oracle SSO Login URL: Leave this field blank.

    Oracle SSO Action URL: Leave this field blank.

    Scratch Directory: Optional. Specify a directory on the system under which the Oracle SES instance resides.

    Number of connection attempts: Maximum number of connection attempts to access data feed or upload status feed.

    Click Next (Figure 22-35).

    Figure 22-35 Oracle WebCenter Source Parameters

    Description of Figure 22-35 follows
    Description of "Figure 22-35 Oracle WebCenter Source Parameters"

  4. On the Create User-Defined Source : Step 2 : Authorization page, the Plug-in Class Name, Jar File Name, and Authorization Endpoint are prepopulated on the page.

    Enter the following plug-in parameters:

    Realm: jazn.com

    User ID: Crawl admin user you registered Section 22.3.2, "Oracle SES - Configuration"; for example, mycrawladmin

    Password: Password for the crawl admin user

    Authorization User ID Format: Authentication attribute used in the active identity plug-in. To find this value, go to the Global Settings - Identity Management Setup page in Oracle SES. Enter the value of the Authentication Attribute under the Active Plug-in (for example, nickname or username or something else). If you are using the Oracle E-Business Suite R12 identity plug-in, then leave the this parameter blank.

  5. Click Create to complete the source creation.

22.6.4.5 Excluding Services from the Spaces Crawler

The Spaces Crawler collects data for searching the following services:

  • oracle.webcenter.peopleconnections.profile (People Connections)

  • oracle.webcenter.community (Spaces)

  • oracle.webcenter.page (Pages)

  • oracle.webcenter.list (Lists)

Use the URL parameter ?excludedServiceIds to disable search for any of these services. Add ?excludedServiceIds after /rsscrawl when setting up the Oracle WebCenter source on Oracle SES. Set this parameter equal to the comma-delimited list of service IDs to exclude when crawling Spaces.

Example 22-10 Disable Crawling of People Connections

/rsscrawl?excludedServiceIds=oracle.webcenter.peopleconnections.profile

Example 22-11 Disable Crawling of Pages

/rsscrawl?excludedServiceIds=oracle.webcenter.page

Example 22-12 Disable Crawling of People Connections and Pages

/rsscrawl?excludedServiceIds=oracle.webcenter.peopleconnections.profile,oracle.webcenter.page

22.6.4.6 Additional Oracle SES Configuration

This section describes the required steps in the Oracle SES administration tool.

  1. Create a source group that includes the names of the Content Server, Discussions, Announcements, and WebCenter Portal services sources you created.

    1. Go to the Search - Source Groups page, and click Create.

    2. Enter the same source group name entered in Section 22.6.1, "Setting Up WebCenter Portal: Spaces for Oracle SES."

    3. From the Select Source Type dropdown list, select each source type (Database, Oracle Content Server, Oracle WebCenter), and then from the Available Sources listed for each source type, move the source you created for that source type into the Assigned Sources list.

    4. Click Finish.

  2. Optionally configure the security filter lifespan. This refreshes the authorization policies for users in the system. It is best to have a short lifespan when user policies change frequently. (This chapter uses Oracle Internet Directory identity plug-in as the example.)

    For example, on the Global Settings - Query Configuration page, under Secure Search Configuration, enter 0 for Security Filter Lifespan (minutes).

    Valid values for the security filter lifespan are between 0 minutes (no cache) and 526500 minutes (cache for one year).

  3. To index everything, you must force a full crawl for each source; that is, you must change the existing incremental crawl schedule for each source to first process ALL documents.

    This step is very important, in that searching does not work unless the content is first indexed completely.

    Note:

    You can set the schedule for the Spaces Crawler with the fullCrawlIntervalInHours parameter in WLST or the Full Crawl Interval parameter in Fusion Middleware Control.

    Go to the Home - Schedules page, select the source schedule, and click Edit to force a full crawl.

    After each source has been crawled, go back to the same page and change the crawl policy back to incremental (index documents that have changed since the previous crawl). Also, in the Frequency section of the page, select a non-manual type for running incremental crawl (for example, weekly or daily).

    Note:

    Before the first crawl of the Content Server, remember to go to the Content Server Administration page, select SES Crawler Export, and take a snapshot. For more information, see Section 22.6.2, "Setting Up Oracle WebCenter Portal: Content Server for Oracle SES."

22.6.5 Configuring Search Crawlers Using WLST

You can use WLST commands to create crawlers and to start, stop and delete crawler schedules. These commands let you crawl new data in Oracle SES or delete old crawlers if the configuration data changes.

The following examples show some of these commands. For more information, see the section, "Search - Oracle SES Search Crawlers" in Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

Example 22-13 Create a Spaces Crawler in WLST

createSpacesCrawler(
'webcenter', 'webcenter_host', 'webcenter_port',
'http://ses-host:ses-port/search/api/admin/AdminService', 'ses-admin-pw',
'webcenter-crawl-user', 'webcenter-crawl-user-pw', '/tmp', 'authentication-id-format', 'ACCEPT_ALL', 'PROCESS_ALL', 'MANUAL', 1, 1, 
'MONDAY', 1, 1, 1, 1)

where:

  • webcenter_host = WebCenter Portal host name

  • webcenter_port = WebCenter Portal port number

  • ses-host = Oracle SES host name

  • ses-port = Oracle SES port number

  • ses-admin-pw = Oracle SES admin user password

  • webcenter-crawl-user = WebCenter Portal crawl user name

  • webcenter-crawl-user-pw = WebCenter Portal crawl user password

  • authentication-id-format = Use 'nickname' if the Identity Management plug-in on Oracle SES is set to Oracle Internet Directory; otherwise, use the value of the Authentication Attribute parameter on the Identity Management plug-in on Oracle SES.

Example 22-14 Create a Documents Crawler in WLST

createDocumentsCrawler(
'portal', 'portal_host', 'portal_port',
'http://ses-host:ses-port/search/api/admin/AdminService', 'ses-admin-pw',
'http://ucm-host:ucm-port/cs/idcplg?IdcService=
SES_CRAWLER_DOWNLOAD_CONFIG&source=default', 'ucm-crawl-user',
'ucm-crawl-user-pw', '/tmp',
'http://ucm-host:ucm-port/cs/idcplg', 'http://ucm-host:ucm-port/cs',
'Idc Security /cs/idcplg', 'authentication-id-format', 'Document-pipeline',
'ACCEPT_ALL', 'PROCESS_CHANGED', 'MANUAL', 1, 1, 'MONDAY', 1, 1, 1, 1)

where:

  • portal = Name of the WebCenter Portal application in which to perform this operation

  • portal_host = Host name of the system where the application is running

  • portal_port = Port number used to access the application

  • ses-host = Oracle SES host name

  • ses-port = Oracle SES port number

  • ses-admin-pw = Oracle SES admin user password

  • ucm-host = Content Server host name

  • ucm-port = Content Server port number

  • ucm-crawl-user = Content Server crawl user name

  • ucm-crawl-user-pw = Content Server crawl user password

  • authentication-id-format = Use 'nickname' if the Identity Management plug-in on Oracle SES is set to Oracle Internet Directory; otherwise, use the value of the Authentication Attribute parameter on the Identity Management plug-in on Oracle SES

  • Document-pipeline = Document pipeline on Oracle SES created for this WebCenter Portal instance

Example 22-15 Create a Discussions Crawler in WLST

createDiscussionsCrawler(
'webcenter','webcenter_host','webcenter_port',
'http://ses-host:ses-port/search/api/admin/AdminService', 'ses-admin-pw',
'jdbc:oracle:thin:@database-host:database-port:database-sid',
'Jive-crawler-schema','Jive-crawler-schema-pw', 'authentication-id-format',
'ACCEPT_ALL', 'PROCESS_ALL', 'MANUAL', 1, 1, 'MONDAY', 1, 1, 1, 1)

where:

  • webcenter_host = WebCenter Portal host name

  • webcenter_port = WebCenter Portal port number

  • ses-host = Oracle SES host name

  • ses-port = Oracle SES port number

  • ses-admin-pw = Oracle SES admin user password

  • database-host = Oracle WebCenter Portal's Discussion Server database host name

  • database-port = Discussions server database port number

  • database-sid = Discussions database name or SID

  • Jive-crawler-schema = Discussions server crawler schema name. Determine the prefix from RCU, and use rcu-prefix_DISCUSSION_CRAWLER.

  • Jive-crawler-schema-pw = Oracle WebCenter Portal's Discussions Server crawler schema password

  • authentication-id-format = Use 'nickname' if the Identity Management plug-in on Oracle SES is set to Oracle Internet Directory; otherwise, use the value of the Authentication Attribute parameter on the Identity Management plug-in on Oracle SES.

Note:

To effect WLST changes, you must restart the managed server on which the application is deployed (by default, WC_Spaces). For more information, see the section "Starting and Stopping WebLogic Managed Servers Using the Command Line" in Oracle Fusion Middleware Administrator's Guide.

22.6.6 Configuring Oracle SES for Spaces Using Python Script

A sample Python script runs the steps done using WLST commands in Section 22.6, "Configuring Oracle SES to Search Spaces Applications." The sample script performs the following tasks:

  • Create Federation Trusted Entity on Oracle SES

  • Create crawl user with crawl role in WebCenter Portal

  • Create connection to Oracle SES in WebCenter Portal

  • Create WebCenter Portal crawl source in Oracle SES

  • Create Content Server source in Oracle SES

  • Create Discussions source and Announcements source in Oracle SES

Note:

This script is supported only on Oracle SES 11.1.2 and above.

This sample script has the following prerequisites:

The sample Python script file and its properties file are in the $WC_ORACLE_HOME/webcenter/scripts/ses_11.1.2/ directory.

Follow these steps to use the sample Python script:

  1. Set a environment variable to reference the directory. For example:

    setenv SESDIR Oracle_WC1/webcenter/scripts/ses_11.1.2/
    
  2. Update the ConfigureSES.properties file with appropriate values.

  3. Set default directory to the directory of wlst.sh script. For example:

    cd Oracle_WC1/oracle/as11gr1wc/common/bin/
    
  4. Run the ConfigureSES.py script with ConfigureSES.properties. For example:

    ./wlst.sh $SESDIR/ConfigureSES.py $SESDIR/ConfigureSES.properties
    
  5. Restart WebCenter Portal after successful completion of the Python script.

22.6.7 Tips for Crawling Page Contents

To crawl page contents in a Framework application, follow these guidelines:

  • In page templates, render pages as links using go links (af:goLink) instead of command links (af:commandLink).

  • Disable iterative development in JDeveloper during crawling. Iterative development lets you make changes to your application while it is running and immediately see the effect of those changes by refreshing the page in your browser. The iterative development feature works by disabling certain optimization features.

    Iterative development is enabled by default. To turn it off:

    1. In JDeveloper, from the Application menu, select Application Properties.

    2. Along the left side of the Application Properties dialog, expand the Run node.

    3. Select WebCenter Portal.

    4. Deselect Enable Iterative Development.

    5. Click OK.

22.7 Troubleshooting Issues with Oracle SES

This section provides troubleshooting tips on administering Oracle SES. It includes the following subsections:

22.7.1 No Search Results Found

Problem

No search results are found.

Solution

Check the following:

22.7.1.1 Oracle SES Connection

Confirm that you can access the Oracle SES SOAP URL and that connection properties to Oracle SES are correct.

For more information, see Section 22.4.1, "Testing the Connection to Oracle SES."

22.7.1.2 Documents and Discussions Connections

Confirm that connections exist in WebCenter Portal to the Content Server and the discussions server.

The Oracle SES log shows if a WebCenter Portal service is excluded from the search. Locate the search log file on the Oracle SES instance and check the log file for totalSearchTime.

No service excluded (that is, Oracle SES is enabled for all WebCenter Portal services) looks similar to the following:

req=Search userName=vicki totalSearchTime=1150ms userQuery=0712>

Service excluded (that is, Oracle SES is not enabled for Documents, Discussions, and Announcements) looks similar to the following:

req=Search userName=vicki totalSearchTime=1133ms userQuery=0712
-wc_serviceId:oracle.webcenter.doclib
-wc_serviceId:oracle.webcenter.collab.forum
-wc_serviceId:oracle.webcenter.collab.announcement>

22.7.1.3 WebCenter Portal Crawl Configuration

Use Fusion Middleware Control or WLST to confirm that Oracle SES is enabled in WebCenter Portal, as described in Section 22.6.1, "Setting Up WebCenter Portal: Spaces for Oracle SES."

22.7.1.4 Oracle SES Configuration

  1. Confirm that you have installed all required patches for Oracle SES. For the latest information on required patches, see "Back-End Requirements for the Search Service" in Oracle Fusion Middleware Installation Guide for Oracle WebCenter Portal and the Release Notes.

  2. Confirm that Oracle SES is configured with an identity management system to validate and authenticate users. Also confirm that WebCenter Portal and Oracle SES use the same identity management system, such as Oracle Internet Directory. All repositories you are using (such as WebCenter Portal: Spaces, WebCenter Portal Content: Content Server, and Oracle WebCenter Portal's Discussion Server) must share the same user base as Oracle SES.

    Additionally, each Oracle SES instance must have a trusted entity for allowing WebCenter Portal end users to be securely propagated at search time. For more information, see Section 22.3.2, "Oracle SES - Configuration."

    To test the Oracle SES is connection with a federated trusted entity user, see Section 22.4.1, "Testing the Connection to Oracle SES."

22.7.1.5 User Authentication

Confirm that the user exists (that is, confirm that the user can log on) in WebCenter Portal identity plug-ins, Oracle SES, and all configured data repositories, such as the Content Server and the discussions server.

An Oracle SES proxy login error in the WebCenter Portal diagnostic log looks similar to the following:

Received status "failed" during proxy login with application entity "weblogic" to
Oracle SES at [http://host:port/search/query/OracleSearch], as search user
"vicki". Defaulting to public.

22.7.1.6 Oracle SES Crawling

Confirm that Oracle SES crawled successfully in all sources.

  1. In the Oracle SES administration tool, go to the Home - Schedules tab. Click the Log File icon to display the log file for the source. To obtain the location of the full log, click the Status link. The Crawler Progress Summary and Log Files by Source section displays the full path to the log file.

  2. If Oracle SES fails to log in to the Content Server crawl endpoint due to an authentication error, then the following errors are logged:

    EQP-60303: Exiting saxthread due to errors
    
    EQP-80330: Unrecognized QName <http://schemas.xmlsoap.org/soap/envelope/>:Envelope oracle.search.sdk.crawler.PluginException       
    
  3. For the Oracle WebCenter source, verify if the rsscrawl servlet is unavailable. For example:

    FATAL      main            EQP-80309: Exception while opening a stream to the URI: https://example.com:port/rsscrawl?command=GetControl
    
  4. For the Content Server source, verify if the password is invalid. For example:

    -1 Admin credentials passed in were not valid - Rejecting request.
    
  5. Monitor the crawl process in the Oracle SES administration tool with a combination of the following:

    1. Check the crawler progress and status on the Home - Schedules page. (Click Refresh Status.) From the Status page, you can view statistics of the crawl.

    2. Monitor your crawler statistics on the Home - Schedules - Crawler Progress Summary page and the Home - Statistics page.

    3. Monitor your search statistics on the Home - General page and the Home - Statistics page.

    See Oracle Secure Enterprise Search Administrator's Guide for tips to tune crawl performance.

  6. Additionally, examine snapshots and datafeeds on the Content Server instance, and examine the Oracle WebCenter Portal's Discussions Server database.

22.7.1.7 Oracle SES Authorization

  1. In the Oracle SES administration tool, go to the Home - Sources tab.

  2. Click the Edit icon for each source to see source configuration tabs.

  3. Click the Authorization tab to confirm the authorization connection string, user name, password, and authorization user ID format.

  4. Examine the Oracle SES log file (described in a previous step). Look for phrases including a URL value. For example, the URIHandler initialized for the URI:

    http://host:8888/sesUserAuth?userId=someone 
    

For detailed information on the Oracle SES administration tool, see the Oracle SES documentation included with the product. (This is listed in the WebCenter Portal product area on the Oracle Fusion Middleware documentation library.)

22.7.2 Search Failure Errors

Problem

Search failure messages may appear inconsistently after a search. For example, when connecting to database jdbc:oracle:thin:@host:1521/sid, user: PREFIX_DISCUSSIONS_CRAWLER:

Search failure: time out error
Search failure: problem preparing search executor
Search failure: problem with execution

Solution

Wait a moment, and try the search again. These messages appear when the service times out, which largely depends on the system load. If the time out error persists, adjust the executionTimeout parameter in the setSearchConfig command.

For command syntax and examples, see the section, "setSearchConfig" in Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

22.7.3 Cannot Grant View Permissions to WebCenter Portal

Problem

You get the following error when granting "view" permissions, as described in Section 22.6.1, "Setting Up WebCenter Portal: Spaces for Oracle SES."

Command FAILED, Reason: javax.naming.directory.AttributeInUseException: [LDAP: e
rror code 20 - uniquemember attribute has duplicate value.]; remaining name 'orc
lguid=F0CC506017B711DFBFFED9EA6A94EAEC,cn=Permissions,cn=JAAS Policy,cn=webcente
r,cn=wc_domain,cn=JPSContext,cn=jpsroot_webcenter_dadvmc0057'

Solution

This error appears if the permission is granted. Ignore the error.

22.7.4 Restricting Oracle SES Results by Source Group or Source Type

Problem

You want to restrict search results by source group or source type.

Solution

In the Oracle SES admin tool, navigate to the Home - Sources - Customize Federated Source - Search Restrictions page to set search restrictions.Alternatively, use filters, where each filter is a restriction on search result.

For detailed information about using Oracle SES, see the Oracle SES documentation on the Oracle Fusion Middleware documentation library (in the WebCenter Portal product area).

22.7.5 Search Results Do Not Include Secured Resources

Problem

Search results do not include secured resources. One cause is that the proxy login of WebCenter Portal users failed in Oracle SES. An Oracle SES proxy login error in the WebCenter Portal diagnostic log looks similar to the following:

Received status "failed" during proxy login with application entity "weblogic" to Oracle SES at http://host:port/search/query/OracleSearch, as search user "vicki". Defaulting to public.

Solution

Confirm that Oracle SES is configured with an identity management system to validate and authenticate users.

Also confirm that WebCenter Portal and Oracle SES use the same identity management system, such as Oracle Internet Directory. All repositories (such as WebCenter Portal: Spaces, WebCenter Portal Content: Content Server, and Oracle WebCenter Portal Discussions Server) must share the same user base as Oracle SES.

Additionally, each Oracle SES instance must have a trusted entity for allowing WebCenter Portal end users to be securely propagated at search time.

Problem

Search results do not include secured resources. Another cause is that authorization endpoints are not configured correctly. Locate the search log file on the Oracle SES instance. Look for phrases including the URL value. For example:

EQP-80309: Exception while opening a stream to the URI:
http://<host>:<port>/sesUserAuth?userId=<end-user-name>

QueryFilterPlugin returned null or empty array value for security attribute
"WCSECATTR". Values required for all security attributes.

Solution

  1. In the Oracle SES administration tool, go to the Home - Sources tab.

  2. Click the Edit icon for the source to see source configuration tabs.

  3. Click the Authorization tab to confirm the authorization connection string, user name, password, and authorization user ID format.

Problem

Search results do not include secured resources. Yet another cause is that authorization endpoints are not returning authorization data.

Locate the search log file on the Oracle SES instance. Look for phrases including a URL value. For example, the URIHandler initialized for the URI:

http://host:8888/sesUserAuth?userId=someone 

Solution

Reduce the number of crawl sources.

22.7.6 Search Results Do Not Include Documents

Problem

Search results do not include documents. Crawling of Content Server documents fails.

Solution

  1. In the Oracle SES administration tool, go to the Home - Schedules tab.

  2. Click the Log File icon to display the log file for the source. To obtain the location of the full log, click the Status link.

  3. The Crawler Progress Summary and Log Files by Source section display the full path to the log file. If Oracle SES fails to log in to the Content Server crawl endpoint due to an authentication error, then the following errors are logged:

    EQP-60303: Exiting saxthread due to errors, 
    EQP-80330: Unrecognized QName 
    <http://schemas.xmlsoap.org/soap/envelope/>:Envelope 
    oracle.search.sdk.crawler.PluginException
    
  4. Update the configuration parameters of the Content Server crawl source.

22.7.7 Search Results Do Not Include Discussions and Announcements

Problem

In the crawl source, the Single Record Query parameter is set to true on the Authorization tab.

Solution

Set the Single Record Query parameter to false.

Problem

The identity management system uses mixed case user name, but Oracle WebCenter Portal's Discussions Server (Jive) database uses all lowercase user name. The authorization query for the crawl source must apply the LOWER() function to user name parameters.

Solution

Confirm that the authorization query looks like the following statement:

SELECT forumID as WCSECATTR FROM AUTHCRAWLER_FORUM_VW WHERE (username) = LOWER(?) UNION SELECT DISTINCT -1 as WCSECATTR FROM AUTHCRAWLER_FORUM_VW

Note:

it is not recommended to convert the actual user name column to lowercase in the query; for example, WHERE LOWER(username) = LOWER(?). Adding a function to a possibly indexed column could affect performance.

22.7.8 Search Results Do Not Include Recently Added Resources

Problem

A new resource was created recently, but search results do not include the new resource.

Solution

New resources must be crawled and indexed before they can be returned in search results. Crawl schedules are run periodically to index new content. If new resources are created often, then increase the frequency of the crawl schedule. If new resources need to be crawled immediately, then start that crawl schedule manually.

22.7.9 Search Results Do Not Reflect Authorization Changes

Problem

Some resources are accessible to more users due to authorization changes in WebCenter Portal. For example, resources in a space are now accessible to all authenticated users. The affected users cannot search for those resources.

Solution

Authorization data is cached in Oracle SES. The cache is invalidated according to the Security Filter Lifespan global setting in Oracle SES. The default value is 1 day or 1440 minutes. Adjust the value according to the general frequency of changes to authorization data.

22.7.10 Search Results Do Not Include Resources Available to Wide Audience

Problem

A WebCenter Portal space is publicly accessible, but unauthenticated users cannot see space resources in search results.

Solution

By default, view access of resources is granted to space members only, even if the space is accessible to the public. View access of resources must be granted to non-members explicitly. Go to the space settings page, select the Role tab and the intended role, and check view access to resources.