34 Web Experience Management Framework
This chapter provides an overview of the Oracle WebCenter Sites: Web Experience Management (WEM) Framework and its administrators.
This chapter includes the following sections:
34.1 Overview
Oracle WebCenter Sites: Web Experience Management (WEM) Framework provides the technology for developing applications and integrating them with Oracle WebCenter Sites. A single administrative interface, WEM Admin, supports centralized application management and user authorization. Single sign-on enables users to log in once and gain access to all applications allowed to them during the session.
The WEM Framework requires a content management platform. In this release, the Framework runs on Oracle WebCenter Sites and ships with the WebCenter Sites Representational State Transfer (REST) API. Objects in the WebCenter Sites database, such as sites, users, and data model map to REST resources in the WEM Framework.
When implemented on the WEM Framework, applications communicate with the WebCenter Sites database through REST services (Figure 34-1). The applications appear in WEM Admin as list items on the Apps page (Figure 34-2). Administrators authorize users, which involves configuring access to applications and their resources. To this end, the WEM Admin interface exposes authorization items (along with applications) through links to Sites, Apps Users and Roles on the menu bar.
Coupling the items as shown in Figure 34-3 enables applications for users.
Once the coupling is complete, users are authorized at the database, REST, and application levels.
Experienced WebCenter Sites administrators will recognize that the WEM Admin interface extends the use of sites and roles to control access to applications. Roles can also be used within applications to protect interface functions (as in WebCenter Sites) and therefore regulate access to the applications' content.
Unlike WebCenter Sites, WEM Admin does not expose the data model. The REST API does. In this respect, WEM Admin can be thought of as strictly an authorization interface, supported by the WebCenter Sites Admin interface (for configuring ACLs and groups). The rest of this guide provides instructions for creating and authorizing users, as well as guidelines for managing sites.
34.2 Administrative Roles and Permissions
The WEM Framework supports two types of administrators: general and site administrators.
This section contains the following topics:
34.2.1 General Administrator
A general administrator has complete control of the system and full permissions to the WEM Admin interface: Sites, Apps, Users, and Roles. Using WEM Admin, general administrators can add and delete sites, applications, users, and roles; modify their details; and perform authorization tasks.
A general administrator in the WEM Framework is a WebCenter Sites general administrator who is also specially configured for the WEM Framework. During the WebCenter Sites installation process, the default general administrator (fwadmin) was automatically assigned to the RestAdmin group for unrestricted access to REST services, and enabled on AdminSite where the WEM Admin application runs by default. The default general administrator must not be deleted.
You can create equivalent general administrators, as many as necessary, and you must modify pre-existing general administrators by adding them to the RestAdmin group and AdminSite (via the GeneralAdmin role). Instructions are available in Chapter 36, "Creating and Authorizing Users." For more information about WEM-related changes to WebCenter Sites, see the Oracle Fusion Middleware WebCenter Sites Installation Guide.
34.2.2 Site Administrator
Site administrators are assigned by general administrators to selected sites, where they manage site users and applications. When users are assigned the SiteAdmin role in a site other than AdminSite they are implicitly assigned the SiteAdmin role in AdminSite. Users cannot be assigned the SiteAdmin role in only AdminSite. In the WEM Admin interface, site administrators can access only the Sites form. They can perform the following operations on the sites to which they are assigned:
-
Assign and remove users to and from sites
-
Assign and remove applications to and from sites
-
Modify the role assignments of site users
-
Modify the role assignments of applications on the sites
A site admin cannot create, modify, or delete sites, users, and roles. (Your permissions determine which forms and interface functions WEM Admin displays to you.)
Site administrators on WebCenter Sites systems running the WEM Framework must be specially configured for WEM. They must be assigned to the SiteAdmin_AdminSite group, a default REST security group configured in the WebCenter Sites Admin interface. Instructions are available in Chapter 36, "Creating Users."
34.2.3 All Administrators
All WEM Framework administrators must be experienced WebCenter Sites users.
34.3 WebCenter Sites Applications
The WebCenter Sites Contributor and Admin interfaces are registered applications. They are listed on the Apps page of the WEM Admin interface. WebCenter Sites users can access the applications from the WEM Framework once they are authorized at the application level. They can also continue accessing the WebCenter Sites applications directly, at the usual URL. The login dialog is the following:
Figure 34-5 WebCenter Sites Application Login
Description of ''Figure 34-5 WebCenter Sites Application Login''
34.4 Sample Sites
Your WebCenter Sites system may have been installed with sample sites, in which case they are listed in the WEM Admin interface, along with your custom sites. The sample sites are:
-
FirstSiteII
-
avisports