The Oracle WebCenter Sites: Web Experience Management (WEM) Framework provides the technology for developing applications and integrating them with Oracle WebCenter Sites. A single administrative interface, WEM Admin, supports centralized application management and user authorization. Single sign-on enables users to log in once and gain access to all applications allowed to them during the session.
This chapter contains the following sections:
The WEM Framework requires a content management platform. In this release, the WEM Framework runs on Oracle WebCenter Sites and ships with the WebCenter Sites Representational State Transfer (REST) API. Objects in the WebCenter Sites database, such as sites, users, and data model map to REST resources in the WEM Framework.
When implemented on the WEM Framework, applications communicate with the WebCenter Sites database through REST services. The applications appear in WEM Admin as list items on the Apps page (Figure 69-1). Administrators authorize users, which involves configuring access to the applications and their resources. To this end, the WEM Admin interface exposes authorization items (along with applications) through links on the menu bar.
Coupling the items as shown in Figure 69-2 enables applications for users.
Once the coupling is complete, users are authorized at the database, REST, and application levels.
Experienced WebCenter Sites developers will recognize that the WEM Framework extends the use of sites and roles to control access to applications. However, unlike WebCenter Sites, the WEM Admin interface does not expose the data model. The REST API does. In this respect, WEM Admin can be thought of as strictly an authorization interface, supported by the WebCenter Sites Admin interface (for configuring ACLs and groups).
Although WEM Admin is seldom used by developers, the concepts behind user authorization can come into play in application development. The next chapters describe the WEM Framework as it relates to application development and provides examples of application code.
Developing an application involves coding the application's logic, deploying the application, and registering the application to expose it in WEM Admin for administrators to manage and make available to other users. This information is not intended to be a tutorial on application development, but a reference to orient experienced application developers to the WEM Framework. Users of these chapters must be expert WebCenter Sites developers with a working knowledge of the technologies listed in this section. Required resources are also listed below.
This section contains the following topics:
Representational State Transfer (REST), used to communicate with the WebCenter Sites platform
Central Authentication Service (CAS), which is deployed during WebCenter Sites installation to support single sign-on for WEM
Java Server Pages Standard Tag Library (JSTL), Java, JavaScript, Jersey, and the Spring MVC framework, in order to follow the code of the "Articles" sample application provided with WEM
Developers must have a working knowledge of:
WebCenter Sites Admin (the WebCenter Sites administrative interface)
WebCenter Sites basic and flex asset models
Asset API
ACLs, which protect database tables and define the types of operations that can be performed on the tables
Concept of sites and roles
To follow this section of the guide you will need this documentation:
Oracle Fusion Middleware WebCenter Sites REST API Resource Reference
Oracle Fusion Middleware WebCenter Sites REST API Bean Reference
Information about ACLs, sites, and roles, and their usage in WebCenter Sites is available in the Oracle Fusion Middleware WebCenter Sites: Administrator's Guide.
The following sample applications are used in this guide:
Articles, a lightweight content management application
SSO sample application, a small authentication application for production sites. The application is packaged as wem-sso-api-cas-sample.war
.
Recommendations, which demonstrates the process of creating REST resources
The Customizable Single Sign-On facility is used in this section of the guide to illustrate customization of login behavior.
WEM Framework ships with sample files to illustrate cross-domain implementations and management of assets over REST using our API.
All sample applications and files are located in the Misc/Samples/WEM Samples
folder in your WebCenter Sites installation directory.
When using this guide, or developing and testing, you will access some or all of the applications listed below:
CAS web application. You will specify its URL in the "Articles" sample application to enable single sign-on:
http://<server>:<port>/<cas_application_context>/login
where <server>
is the host name or IP address of the computer running CAS and <cas_application_context>
is the context path of the CAS web application.
WebCenter Sites Admin interface, if you decide to register applications manually:
http://<server>:<port>/<cs_application_context>/Xcelerate/LoginPage.html
Log in with the credentials of the general administrator that was used during the WebCenter Sites installation process (or an equivalent general admin). The default login credentials are fwadmin/xceladmin
(same for logging in to WEM Admin).
Note:
General administrators on WebCenter Sites systems are specially configured for the WEM Framework. During the installation process, fwadmin
was automatically added to the RestAdmin
group for unrestricted access to REST services, and enabled on AdminSite where the WEM Admin interface runs. More information about WEM-related changes to WebCenter Sites is available in the Oracle Fusion Middleware WebCenter Sites Installation Guide.
WEM Admin, to test the results of your application registration process:
http://<server>:<port>/<cs_application_context>/login
Log in as fwadmin
(or an equivalent user). The sequence of screens is the following:
Login Screen:
Transition screen (if you are logging in for the first time or in to a site that you have never accessed before). Select AdminSite and the first icon, Admin:
WEM Admin Sites page. Registered applications are listed on the Apps page.
The chapters of this section of the guide can be read in any order:
For information about the WEM Framework, see Chapter 70, "WEM Framework: Understanding the Framework and Services."
For a demonstration of the "Articles" application, see Chapter 71, "WEM Framework: The Articles Sample Application."
For information about the "Articles" application code, programmatic application registration, and cross-domain implementations, see Chapter 72, "WEM Framework: Developing Applications." An example of manual application registration is available in Chapter 78, "WEM Framework: Registering Applications Manually."
For information about creating REST resources, see Chapter 73, "WEM Framework: Developing Custom REST Resources."
For a demonstration of the SSO sample application, see Chapter 74, "WEM Framework: Single Sign-On for Production Sites."
For information about system security, see Chapter 75, "WEM Framework: Using REST Resources."
For information about customizing the login behavior for the WEM Framework, see Chapter 76, "WEM Framework: Customizable Single Sign-On Facility."
For information about buffering, see Chapter 77, "WEM Framework: Buffering."