Oracle® Beehive Installation Guide Release 1 (1.4) for Solaris Operating System (SPARC 64-Bit) Part Number E13793-02 |
|
|
View PDF |
Depending on the installation scenario you have chosen, your security requirements, the standards-based clients you want to use with Oracle Beehive, or any other issue particular to your deployment, perform one or more of the following procedures:
Configuring Oracle Beehive to Listen on Ports Less Than 1024
Configuring External Oracle BPEL Process Manager with Oracle Beehive
Configuring Remote Media Server for Oracle Beehive Conferencing
Many of the following post-installation procedures use the Oracle Beehive command-line utility beectl
. For more information about beectl
, refer to "Oracle Beehive Command-Line Utility" in Oracle Beehive Administrator's Reference Guide.
After successfully installing Oracle Beehive, refer to "Oracle Beehive Database Post-Installation Procedures" for tuning recommendations to perform on your Oracle Beehive database.
Follow one of these series of steps to change a port number to which Oracle Beehive listens to a privileged port number (less than 1024):
Follow these steps to change the HTTP port to 80 or HTTPS port to 443 (or any other port less than 1024):
As the root user, change the owner of .apachectl
to the root
user, set its user ID to root
, and give all users permission to execute it::
chown root <Oracle home>/Apache/Apache/bin/.apachectl chmod a+x <Oracle home>/Apache/Apache/bin/.apachectl chmod a+s <Oracle home>/Apache/Apache/bin/.apachectl
Tip:
Alternatively, instead of changing to the root user, you may use thesudo
command instead:
sudo chown root <Oracle home>/Apache/Apache/bin/.apachectl sudo chmod a+x <Oracle home>/Apache/Apache/bin/.apachectl sudo chmod a+s <Oracle home>/Apache/Apache/bin/.apachectl
Determine the name of the listening component and property name of the port you want to change. Run the beectl list_ports
command to list all available ports (the --format option is optional):
beectl list_ports --format xml ... <row> <column name="Protocol">HTTP</column> <column name="Listening Port">7777</column> <column name="Virtual Port">7777</column> <column name="Defining Component">ohs_site1.example.com</column> <column name="Property Name">HttpListenPort</column> <column name="Listening Component">ohs_site1.example.com</column> </row> <row> <column name="Protocol">HTTPS</column> <column name="Listening Port">4443</column> <column name="Virtual Port">4443</column> <column name="Defining Component">ohs_site1.example.com</column> <column name="Property Name">HttpSslListenPort</column> <column name="Listening Component">ohs_site1.example.com</column> </row>
In the previous example, the HTTP (and HTTPS) listening component is ohs_site1.example.com
. The property name of the HTTP port is HttpListenPort
, and the property name of the HTTPS port is HttpSslListenPort
.
Change the listening port with the beectl modify_property
command with the appropriate listening component and property name. The following example changes the HTTP port to 80:
beectl modify_property --component ohs_site1.example.com --name HttpListenPort --value 80
Change the HTTP (or HTTPS) port number in the _VIRTUAL_SERVER component. The following example changes the HTTP port number. (Use the property name HttpSslPort to change the HTTPS port number):
beectl modify_property --component _VIRTUAL_SERVER --name HttpPort --value 80
Activate configuration and commit changes:
beectl activate_configuration beectl modify_local_configuration_files
Note:
Thebeectl modify_local_configuration_files
command will ask you to run this command on all your other instances. Do not run this command on all your other instances at this time. For each instance, perform steps 1 to 3 before running the beectl modify_local_configuration_files
command.Follow these steps to change ports of Oracle Beehive-specific protocols such as BTP/BTPS, IMAP/IMAPS and SMTP.
Note:
If you are changing e-mail port numbers, refer to "Configuring E-Mail with SSL" for additional information about changing the ports that SMTP and IMAP listen to.As the root
user, change the owner of hasbind
to the root
user, set its user ID to root
, and give all users permission to execute it:
chown root <Oracle home>/beehive/bin/hasbind chmod a+x <Oracle home>/beehive/bin/hasbind chmod a+s <Oracle home>/beehive/bin/hasbind
Note:
Forhasbind
to work, ensure that root
only has write permission to the /etc
directory, while all other users and groups have only read permission.As the root
user, create a text file named /etc/cap.ora
(that contains the following, where instuser
is the user who installed Oracle Beehive:
+user instuser: bind port 80
Ensure the owner and user ID of cap.ora
is root
, give root
read and write access to it, and all other users only read access:
chown root /etc/cap.ora chmod 644 /etc/cap.ora
If you have configured your Oracle Beehive deployment with Oracle Beehive DMZ instances, perform the following steps on all your DMZ instances:
As the root user, change the owner of hasbind
to the root user, set its user ID to root, and give all users permission to execute it:
chown root <DMZ home>/beehive/bin/hasbind chmod a+x <DMZ home>/beehive/bin/hasbind chmod a+s <DMZ home>/beehive/bin/hasbind
Note: For hasbind
to work, ensure that root only has write permission to the /etc
directory, while all other users and groups have only read permission.
As the root user, create a text file named /etc/cap.ora
as described in Step 2 of this section.
Restart your Oracle Beehive DMZ instance.
Determine the name of the listening component and property name of the port you want to change. Run the beectl list_ports
command to list all available ports (the --format option is optional):
beectl list_ports --format xml ... <row> <column name="Protocol">BTP</column> <column name="Listening Port">21401</column> <column name="Virtual Port">21401</column> <column name="Defining Component">SitewideBtiConfiguration</column> <column name="Property Name">ClientPort</column> <column name="Listening Component">BTI_site1.example.com</column> </row> <row> <column name="Protocol">BTPS</column> <column name="Listening Port">21451</column> <column name="Virtual Port">21451</column> <column name="Defining Component">SitewideBtiConfiguration</column> <column name="Property Name">SecureClientPort</column> <column name="Listening Component">BTI_site1.example.com</column> </row>
In the previous example, the BTP (and BTPS) listening component is BTI_site1.example.com
. The property name of the BTP port is ClientPort
, and the property name of the BTPS port is SecureClientPort
.
Change the listening port with the beectl modify_property
command with the appropriate listening component and property name. The following example changes the BTP port:
beectl modify_property
--component BTI_site1.example.com --name ClientPort --value <new port number>
Change the appropriate property in the _VIRTUAL_SERVER component to the new port number. The following example changes the BTI port to the new port number (to list the properties of _VIRTUAL_SERVER, run the command beectl list_properties --component _VIRTUAL_SERVER
):
beectl modify_property
--component _VIRTUAL_SERVER
--name BtiClientPort
--value <new port number>
Activate configuration and commit changes:
beectl activate_configuration beectl modify_local_configuration_files
Note:
Thebeectl modify_local_configuration_files
command will ask you to run this command on all your other instances. Do not run this command on all your other instances at this time. For each instance, perform steps 1 to 3 before running the beectl modify_local_configuration_files
command.If you changed the HTTP port number that Oracle Beehive listens to, follow these directions to enable BPEL workflows to use this new port number:
Modify the value element of the following properties in the file <Oracle home>
/bpel/system/config/collaxa-config.xml
to reflect the new HTTP port number:
clusterName
soapCallbackUrl
soapServerUrl
The following is an example:
<property id="clusterName"> <name>Cluster Id</name> <value>www.example.com:80</value> </property> <property id="soapCallbackUrl"> <name>BPEL soap callback URL</name> <value>http://www.example.com:80</value> </property> <property id="soapServerUrl"> <name>BPEL soap server URL</name> <value>http://www.example.com:80</value> </property>
Restart the oc4j_soa
component:
beectl restart --component oc4j_soa_instance1.example.com
Retrieve the component identifier of oc4j_soa
with the beectl status
command.
Re-deploy the SerialWorkflow and ParallelVoteWorkflow sample workflows by copying the jar files from <Oracle home>
/beehive/seed/workflows
into <Oracle home>
/bpel/domains/default/deploy
. Since the BPEL Process Manager is in auto-deploy mode, it will redeploy these processes after a few minutes.
If your Oracle Beehive instance is behind a firewall, ensure that the following ports are open in your firewall to enable FTP connections:
Table 15-1 Ports Required Open
Default Port Number | Property Name | Description |
---|---|---|
2121 |
Port |
The FTP server listens at this port to accept new connections from clients |
2120 |
DefaultDataPort |
Port used by the FTP server in PORT (ACTIVE) mode to make active connections (outbound connections) to clients |
12121 |
DataConnectionPort |
In PASSIVE mode, the FTP server listens on a range of ports starting from DataConnectionPort to create new data connections, which will be used for data transfer operations. The property MaxDCPortCount indicates the number of ports in the range. For example, if the value of DataConnectionPort is 12121 and MaxDCPortCount is 10, then ensure that all the ports from 12121 to 12130 (inclusively) are open in your firewall. |
You may change the value of these ports as well as the value of MaxDCPortCount.
To retrieve a list of all available ports, call the beectl list_ports
command (the --format option is optional):
beectl list_ports --format xml
...
<row>
<column name="Protocol">FTP</column>
<column name="Listening Port">2121</column>
<column name="Virtual Port">2121</column>
<column name="Defining Component">_FtpService</column>
<column name="Property Name">Port</column>
<column name="Listening Component">
BTI_instance1.example.com</column>
</row>
<row>
<column name="Protocol"></column>
<column name="Listening Port">2120</column>
<column name="Virtual Port"></column>
<column name="Defining Component">_FtpService</column>
<column name="Property Name">DefaultDataPort</column>
<column name="Listening Component">
BTI_instance1.example.com</column>
</row>
<row>
<column name="Protocol"></column>
<column name="Listening Port">12121</column>
<column name="Virtual Port"></column>
<column name="Defining Component">_FtpService</column>
<column name="Property Name">DataConnectionPort</column>
<column name="Listening Component">
BTI_instance1.example.com</column>
</row>
...
To retrieve a list of all the properties for the FTP service, call the beectl list_properties
command:
beectl list_properties --component _FtpService
---------------------------+----------------------------------------------------
Property name | Property value
---------------------------+----------------------------------------------------
Alias | _FtpService
---------------------------+----------------------------------------------------
ChannelSecurity | PLAIN_AND_TLS
---------------------------+----------------------------------------------------
DMSInstrumentation | false
---------------------------+----------------------------------------------------
DataConnectionPort | 12121
---------------------------+----------------------------------------------------
DefaultCommandCharacterset | UTF-8
---------------------------+----------------------------------------------------
DefaultDataPort | 2120
---------------------------+----------------------------------------------------
FtpServerEnabled | true
---------------------------+----------------------------------------------------
InternalIP | DEFAULT
---------------------------+----------------------------------------------------
LightweightThreadCount |
---------------------------+----------------------------------------------------
ListeningPoint | DEFAULT
---------------------------+----------------------------------------------------
MaxDCPortCount | 200
---------------------------+----------------------------------------------------
Port | 2121
---------------------------+----------------------------------------------------
ServiceApplication | svcapp_ftp
---------------------------+----------------------------------------------------
ServiceInstances | instance_ftp_BEEAPP_site1.example.com
---------------------------+----------------------------------------------------
SessionTimeout | 900000
---------------------------+----------------------------------------------------
Site | _CURRENT_SITE
---------------------------+----------------------------------------------------
Status | ENABLED
---------------------------+----------------------------------------------------
UploadBufferSize | 260096
---------------------------+----------------------------------------------------
To change a property (such as the Port property), call the beectl modify_property
command on all of your instances:
beectl modify_property
--component _FtpService
--name Port
--value <new port value>
To save the your changes and activate them, call the following command:
beectl activate_configuration
Note:
If thebeectl activate_configuration
command asks you to run the beectl modify_local_configuration_files
command, then run this command. It will then ask you do run the command on all your other instances. Run this command on all your instances.Refer to "Configuring Oracle Beehive Demilitarized Zone Instances" for instructions on how to configure DMZ instances and Oracle Wallet with DMZ instances.
Oracle Beehive user data may be mastered in Oracle Beehive User Directory Service (UDS) or in an external LDAP-based directory, such as Oracle Internet Directory. "Mastered" means that a master source is used as the point of reference to determine the correct value for any user account attribute, and this source is used for making any changes to any account details.
After you have installed and configured Oracle Beehive, you may synchronize your external LDAP-based directory with UDS so that you may continue to manage your users and groups through your LDAP server. For more information, refer to "Integrating and Synchronizing LDAP with Oracle Beehive".
Refer to "Configuring SSL" for information about configuring SSL with Oracle Beehive and DMZ instances.
If you do not want to use SSL with your Oracle Beehive deployment, follow the steps described in "Installing Non-SSL Oracle Beehive Site".
Some services, such as XMPP, require a Transport Layer Security (TLS) encrypted communication channel. Use Oracle Wallet to provide this.
To configure Oracle Beehive with Oracle Wallet so that clients may access it with a TLS connection, refer to "Configuring TLS with Oracle Wallet".
After configuring LDAP and Oracle Wallet with Oracle Beehive, you may configure Oracle Beehive authentication with Certificate Authority verification. For more information, refer to "Configuring SSL for LDAP Integration".
To enable secure Apache JServ Protocol (AJPS), which is used instead of HTTP for communication between Oracle HTTP Server and OC4J, refer to "Enabling AJPS".
The default installation of Oracle Beehive includes a basic configuration of e-mail services. This configuration does not include any filtering, dispatch rules, relay configuration, attachment blocking, or other common settings. For detailed configuration options and procedures, refer to "Managing Oracle Beehive E-Mail" in Oracle Beehive Administrator's Guide.
To secure Oracle Beehive e-mail with SSL, refer to "Configuring E-Mail with SSL". This involves configuring Oracle Beehive and your e-mail client.
Extensible Messaging and Presence Protocol (XMPP) is an open XML technology for presence and real-time communication. For users to authenticate against Oracle Beehive's XMPP Service, you must perform the steps described in "Configuring XMPP" to configure it.
Oracle Beehive can send users notifications as email messages, instant messages, or as mobile messages in the form of SMS. SMS notifications are only possible if the Oracle Beehive SMS delivery channel is enabled and configured to point to an SMS Aggregator.
For more information, refer to the section "Configuring Notifications to use SMS" in "Managing Oracle Beehive Subscriptions and Notifications" in Oracle Beehive Administrator's Guide.
Oracle Secure Enterprise Search 10g is a stand-alone enterprise search solution. It incorporates best-in-class indexing crawling and security capabilities to create a reliable and comprehensive search solution for any organization. Refer to "Configuring Oracle Secure Enterprise Search".
You may register Oracle Beehive as a partner application with Oracle Single Sign-On, which means that you may delegate the authentication function to the single sign-on server. Refer to "Configuring Single Sign-On with Oracle Beehive".
If you have an existing instance of Oracle BPEL Process Manager, you may configure Oracle Beehive to use it instead of the one that is included with Oracle Beehive. Refer to "Configuring External Oracle BPEL Process Manager with Oracle Beehive".
Oracle Beehive Integration for Outlook extends the functionality of Microsoft Outlook by providing Outlook users with unified access to Oracle Beehive-based collaborative features and data in a familiar environment.
Oracle Beehive Integration for Outlook is supported in Windows operating systems with the following versions of Microsoft Outlook:
Microsoft Outlook 2000
Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
Oracle Beehive Integration for Outlook requires installation on the computers of individual users. For information about installing Oracle Beehive Integration for Outlook, refer to "Installing Oracle Beehive Integration for Outlook".
Oracle Beehive Integration for Zimbra is available for Oracle Beehive Release 1 (1.3) and later.
Oracle Beehive Integration for Zimbra is installed in an Oracle home separate from Oracle Beehive. As a result, Oracle Beehive Integration for Zimbra acts like an application tier and should be configured as such.
If you have not configured TLS or SSL for your Oracle Beehive deployment, you do not need to perform any post-installation steps; simply install Oracle Beehive Integration for Zimbra as described in "Installing Oracle Beehive Integration for Zimbra".
If you have configured TLS or SSL for your Oracle Beehive deployment, follow the steps described in "Configuring Oracle Beehive Integration for Zimbra" to install Oracle Beehive Integration for Zimbra (these steps are similar to "Configuring SSL with Self-Signed Certificates During Installation of Oracle Beehive").
Oracle Beehive Conferencing requires a media server for its voice conferencing feature. However, Oracle Beehive for Solaris Operating System (SPARC 64-Bit) does not have a media server.
The following steps describe how to configuring a remote media server for Oracle Beehive for Solaris Operating System (SPARC 64-Bit). It involves using a media server from an Oracle Beehive for Linux x86 instance.
Install Oracle Beehive for Linux x86; use the same database as the one your Oracle Beehive for Solaris Operating System (SPARC 64-Bit) instance uses.
From your Oracle Beehive for Solaris Operating System (SPARC 64-Bit) instance, in the _ConferenceService
component, set the OwcUseRemoteMediaSessions
to true
:
beectl modify_property --component _ConferenceService --name OwcUseRemoteMediaSessions --value true
Activate the configuration:
beectl activate_configuration
Restart the BEEAPP component in both the Linux and Solaris Oracle Beehive instances:
beectl status ------------------------------------------------+-------- Component identifier | Component type | Status ------------------------------------------------+-------- BTI_instance1.example.com | BTI | RUNNING ------------------------------------------------+-------- BEEAPP_instance1.example.com | OC4J | RUNNING ------------------------------------------------+-------- BEEMGMT_instance1.example.com | OC4J | RUNNING ------------------------------------------------+-------- BEECORE_instance1.example.com | OC4J | RUNNING ------------------------------------------------+-------- oc4j_soa_instance1.example.com | OC4J | RUNNING ------------------------------------------------+-------- ohs_instance1.example.com | HTTP_Server | RUNNING -------------------------------+----------------+-------- beectl restart --component BEEAPP_instance1.example.com
Cloning is the process of copying an existing installation to a different location while preserving its configuration. For more information, refer to "Cloning Oracle Beehive Application Tiers and Sites".
Oracle Beekeeper is available for Oracle Beehive Release 1 (1.3) and later.
If you have installed Oracle Beekeeper, perform one or more of the procedures described in "Oracle Beekeeper Post-Installation Procedures", depending on your security requirements or any other issue particular to your deployment.