An external application is any application that implements its own authentication process. Specifically, it is an application that does not take part the single sign-on process for your WebCenter Portal application.
Application administrators can register and manage external applications using Fusion Middleware Control or the WLST command-line tool, or at runtime through out-of-the-box administration pages or using external application task flows.
All external application changes that you make for WebCenter Portal post deployment, are stored in the MDS repository as customizations.
Note:
External application configuration is dynamic. Configuration changes are immediately reflected in WebCenter Portal; it is not necessary to restart the application or the managed server.
This chapter includes the following topics:
Permissions
To perform the tasks in this chapter, you must be granted the WebLogic Server Admin
role through the Oracle WebLogic Server Administration Console and the Administrator
role granted through WebCenter Portal Administration.
For more information about roles and permissions, see Understanding Administrative Operations, Roles, and Tools.
If WebCenter Portal interacts with an application that handles its own authentication, you can associate that application with an external application definition to allow for credential provisioning. In doing so, you use an external application definition to provide a means of accessing content from these independently authenticated applications.
To replicate a single sign-on experience from the end user's perspective, the external application service captures the user name and password, and any other credentials for the external application, and supplies it to the WebCenter Portal tool or application requiring the credentials. The WebCenter Portal tool or other application then uses this information to log in on behalf of the end user. This username and password combination is securely stored in a credential store configured for the WebLogic domain where the application is deployed.
Note:
When logging in to an external application, if you clear the Remember My Login Information check box, then the credentials provisioned for that user session are lost in the event of a failover in a high availability (HA) environment. You are prompted to specify the credentials again if you try to access the external application content in the same user session.
Figure 20-1 Add External Application Connection
You can register external applications for WebCenter Portal through Fusion Middleware Control or using WLST commands.
Before registering an external application, access the application's login page and examine the HTML source for the application's login form. All the registration details you require are located in the <form tag>
.
For example, the underlying code for the Yahoo! Mail login form looks something like this:
<form method=post action="https://login.yahoo.com/config/login?" autocomplete="off" name="login_form"> ... <td><input name="login" size="17"</td> ... <td><input name="passwd" size="17"</td> ...
In this example, to provide WebCenter Portal users with a direct link to the Yahoo! Mail application, the following sample registration information is required:
Registration Information | Sample Value | HTML Source |
---|---|---|
Login URL |
|
|
User Name / User ID Field |
|
|
Password Field Name: |
|
|
Authentication Method |
|
|
Note:
External application configuration is dynamic. New external applications and updates to existing applications are immediately available; there is no need to restart WebCenter Portal.
This section includes the steps for:
For information about registering external applications through WebCenter Portal Administration, see Configuring Tools and Services for WebCenter Portal.
To register an external application:
Use the WLST command createExtAppConnection
to create an external application connection. For command syntax and examples, see createExtAppConnection
in WebCenter WLST Command Reference.
Use the WLST command addExtAppCredential
to add shared or public credentials for an existing external application connection. For more information, see addExtAppCredential
in WebCenter WLST Command Reference.
Use the WLST command addExtAppField
to define additional login criteria for an existing external application connection. For more information, see addExtAppField
in WebCenter WLST Command Reference.
For information on how to run WLST commands, see Running Oracle WebLogic Scripting Tool (WLST) Commands.
This section shows you how to modify the external application connection details by:
To update external application connection details:
Use the WLST command setExtAppConnection
to edit existing external application connection details. For command syntax and examples, see setExtAppConnection
in WebCenter WLST Command Reference.
Note:
To edit details relating to an additional login field, use setExtAppField
. To edit existing shared or public credentials, use setExtAppCredential
.
To delete an additional login field, use removeExtAppField
. To delete shared or public credentials, use removeExtAppField
.
For information on how to run WLST commands, see Running Oracle WebLogic Scripting Tool (WLST) Commands.
For information about modifying external applications in WebCenter Portal, see Editing External Application Connection Details in Using Oracle WebCenter Portal.
An external application is any application that implements its own authentication process. Specifically, it is an application that does not take part in the WebCenter Portal application's single sign-on process. If your WebCenter Portal application interacts with an application that handles its own authentication, you can register an external application to allow for credential provisioning.
By default, users with the Administrator
role have the AppConnectionManager
role; and therefore, application administrators can configure external applications through the WebCenter Portal Administration Console. Application administrators can register, edit, and delete external applications for WebCenter Portal at runtime, through the WebCenter Portal Administration Console. For more information on AppConnectionManager
role, see Default Application Roles.
This section includes the following topics:
For external applications that are created using login URLs, ensure that their login URLs are accessible. For information about direct URLs, see Automated Single Sign-On in Developing WebCenter Portal Assets and Custom Components with Oracle JDeveloper.
Take care when deleting an external application connection as users in WebCenter Portal will no longer have access to that external application, and any tools or services dependent on the external application may not function correctly.
This section includes the following topics:
To delete an external application connection:
Use the WLST command deleteConnection
to remove an external application connection. For command syntax and examples, see deleteConnection
in WebCenter WLST Command Reference.
Note:
To delete an additional login field, use removeExtAppField
. To delete shared or public credentials, use removeExtAppCredential
.
For information on how to run WLST commands, see Running Oracle WebLogic Scripting Tool (WLST) Commands.