| Oracle® Content Database Administrator's Guide 10g Release 1 (10.2) Part Number B31268-02 |
|
|
View PDF |
| Oracle® Content Database Administrator's Guide 10g Release 1 (10.2) Part Number B31268-02 |
|
|
View PDF |
Oracle Content DB provides the basic infrastructure required by any shared, network-accessible system, including authentication and authorization. This chapter describes the architecture and configuration of security in Oracle Content DB.
This chapter provides information about the following topics:
|
Note: Do not make any configuration changes to your Oracle Content DB deployment beyond those described in the documentation or required by the support team. Making undocumented changes to your system could have serious security implications. |
Authentication is a process in which a user provides some proof of identity (called a credential, which is often constructed from a user's password by means of a hashing or encryption algorithm) before that user can attempt to access objects in the system. Oracle Content DB uses Oracle Internet Directory, Oracle's LDAP-compliant directory service, for authentication.
Users provide their user name and password to the client software. These are passed to the Oracle Content DB protocol servers, which, in turn, pass them to Oracle Content DB for authentication. Then, Oracle Content DB passes the user name and password to Oracle Internet Directory. Oracle Internet Directory determines whether the user name and password are valid for the user.
|
Note: The information provided in this section is a high-level, simplified description and may not include all the interaction that occurs. See Oracle Internet Directory Administrator's Guide for more information about how Oracle Internet Directory handles user authentication. |
This section describes the security considerations for protocol servers and contains the following topics:
|
Note: The defined behavior of some industry-standard protocols is not inherently secure. Oracle has no control over the defined behavior of these protocols, and these security issues do not represent defects in Oracle software. |
The File Transfer Protocol (FTP) sends unencrypted user passwords across the network, which means that if one of these passwords is intercepted, then it could provide access to all systems controlled by Oracle Internet Directory for that user. To provide more security, users must create an FTP password (separate from their single sign-on password) to authenticate against FTP. Users should not use the same value for their FTP password and their single sign-on password.
The FTP password is stored in Oracle Internet Directory and is different from and in addition to the regular Oracle Internet Directory password. Each user can have only one FTP password in one Oracle Content DB domain. FTP requires users to log in with an FTP password rather than an Oracle Internet Directory password.
Users can set their FTP password on the User Preferences page in Oracle Content DB. Users can also use the Oracle Internet Directory Self-Service Console to set their FTP password, by setting the content password entry that appears in the Application Passwords section of the Change Password page.
As an alternative, users can use FTPS. FTPS is FTP with the added option of Secure Socket Layer (SSL) security. FTPS does not require an FTP password.
By default, the FTP and FTPS servers are disabled in Oracle Content DB. See "Using FTP with Oracle Content DB" for full information about FTP and FTPS.
The HTTP and WebDAV protocols allow digest (hashed challenge/response) and persistent cookie (if the domain and then the user enables the feature) authentication. Whether HTTP and WebDAV use SSL depends on the configuration of Oracle HTTP Server and on whether Oracle Content DB has been configured for SSL.
Oracle Drive is a desktop client that uses the WebDAV protocol to access Oracle Content DB. After it is installed, Oracle Drive appears as a mapped drive in Windows Explorer. Oracle Drive also provides file synchronization capabilities between your local computer and Oracle Content DB.
The FTP, HTTP, and WebDAV protocols do not encrypt the network channel by default. This means that files transferred using these protocols are susceptible to interception. If you are unwilling to accept this behavior, then you should disable these protocols or configure them to use SSL.
See "SSL Configuration for Oracle Content DB" for more information.
Because user quota is managed asynchronously through the Quota Agent, it is possible for a malicious user to upload a very large file for filling up disk space. To prevent such attacks, you can limit the size of any single file uploaded to Oracle Content DB by setting the IFS.DOMAIN.MEDIA.CONTENTTRANSFER. ContentLimit domain property. If you try to upload a file beyond the specified limit, then the upload fails. This limit does not apply to administrators.
When this property is set to 0, the default value, the content limit is disabled. You will be able to upload any file whose size is within the last calculated available quota, as of the beginning of the upload.
If you choose to set this limit, make sure the value you specify is not too low so that regular users do not encounter upload failures when uploading large files.
See "Changing Domain Properties" for more information about setting the IFS.DOMAIN.MEDIA.CONTENTTRANSFER.ContentLimit property.
The client session timeout period is the number of minutes of idle time after which a Web user interface session expires. By default, the client session timeout for Oracle Content DB is set to 30 minutes. To change this value, perform the following steps:
Access the Application Server Control and go to the Application Server Home page.
Select OC4J_Content and click Stop.
Click OC4J_Content to go to the OC4J_Content Home page.
Click Applications, then click content in the Deployed Applications table.
On the Applications: content page, click content in the Web Modules table.
On the Web Module: content page, in the Administration section, click General under the Properties heading.
In the Session Configuration section, change the value for Session Timeout (minutes).
Click Apply, then click OK on the Confirmation page.
Return to the Application Server Home page, select OC4J_Content, and click Start.
If you have enabled Oracle Records DB, then you can also set the client session timeout period for Oracle Records DB. Repeat these steps for OC4J_RM to change the client session timeout period for Oracle Records DB.
You must configure Oracle HTTP Server to use SSL before configuring Oracle Content DB for SSL. See Oracle Application Server Administrator's Guide for more information.
After configuring Oracle HTTP Server for SSL, follow these steps to configure Oracle Content DB for SSL:
Connect to the Application Server Control and go to the Content DB Home page.
In the Administration section, click Domain Properties.
Click IFS.DOMAIN.APPLICATION.ApplicationPort.
Update the value to the Oracle HTTP Server SSL port and click OK.
Click IFS.DOMAIN.APPLICATION.ApplicationUseHttps.
Set the value to true and click OK.
Return to the Content DB Home page and click Restart Domain.
Before you can configure Oracle Content DB to use SSL to connect to Oracle Internet Directory, Oracle Internet Directory must be configured for SSL. See Oracle Internet Directory Administrator's Guide for more information.
To configure Oracle Content DB to use SSL to connect to Oracle Internet Directory:
Connect to the Application Server Control and go to the Content DB Home page.
In the Administration section, click Service Configurations.
Click the name of the service configuration you are using (for example, LargeServiceConfiguration).
In the Properties section, click IFS.SERVICE.CREDENTIALMANAGER. Oid.OidSsl. You may need to move to the next page to find this property, or you can use the Search field.
Set the Value to true and click OK.
Click IFS.SERVICE.CREDENTIALMANAGER.Oid.OidUrl.
Change the port number listed in the URL to be the SSL-enabled Oracle Internet Directory port, typically 636 or 4031, and click OK.
Click OK on the Edit Service Configuration page.
Return to the Content DB Home page and click Restart Domain.
The Oracle Content DB schema password is stored in the following locations:
Oracle Database
Oracle Internet Directory
Any Oracle Content DB middle tier where you are running repository metrics
You can use the Application Server Control to change the Oracle Content DB schema password. The password will be changed in Oracle Internet Directory, as well as:
On the current middle tier, if you are running repository metrics on this middle tier
In the Oracle Database, if you select Change in Database
You should only change the schema password from the middle tier on which repository metrics are being collected. If you are collecting repository metrics on more than one middle tier, you must change the schema password on all middle tiers where repository metrics are collected. If you are not collecting any repository metrics, it does not matter which middle tier you choose to use. See "Monitoring Domain Performance" for more information about repository metrics.
To change the Oracle Content DB schema password:
Connect to the Application Server Control on the middle tier where you want to change the schema password.
Go to the Content DB Home page.
Click Stop Domain.
In the Administration section, click Change Schema Password. You will not be able to access the Change Schema Password page unless all Oracle Content DB processes have been stopped.
In the Password field, enter the new password. Then, in the Confirm Password field, enter the password again.
If the schema password has not yet been changed in the database, you can choose to change the database schema password at this time. To do this, select Change in Database and provide the database SYS password.
Click OK.
Return to the Content DB Home page and click Start Domain.
Oracle Records DB is a records management application that ships with Oracle Content DB.
When you install Oracle Content DB, Oracle Records DB is installed automatically, but the application is disabled by default. You can use the Application Server Control to enable Oracle Records DB. You can also configure metrics related to Oracle Records DB. See "Setting Up Oracle Records DB" for more information.
Oracle Content DB provides retention hardware capabilities through partnerships with Network Appliance and EMC. You can use the Application Server Control to integrate Oracle Content DB with Network Appliance SnapLock or EMC Centera.
To integrate Oracle Content DB with a records management retention device, you must first install the hardware (either EMC Centera or Network Appliance SnapLock). Then, you must specify credential information for the hardware and set retention-related domain properties using the Application Server Control. See "Integrating with Solutions for Records Management Retention" for more information.
Once you have created a file plan and defined retention policies in Oracle Records DB, Oracle Content DB will designate appropriate content as records to be stored in a records management retention device.
