18 Managing the Search Service

This chapter describes how to configure and manage the Search service for WebCenter Spaces and custom WebCenter applications.

WebCenter Search allows users to search WebCenter objects. WebCenter services provide search adapters for objects that they manage, and you can integrate with the Oracle Secure Enterprise Search (SES) adapter to include non-WebCenter objects.

Additionally, with WebCenter Spaces, you can override the default WebCenter search adapters and make the Oracle SES adapter index and search all WebCenter objects. Oracle SES search provides unified ranking results. The results are listed together, instead of being grouped into separate sections for Documents, Discussions, and so on, with the most relevant items appearing first.

This chapter describes both of these modes of searching; that is, using the default WebCenter adapters and using the Oracle SES adapter.

Always use Fusion Middleware Control or the WLST command-line tool to review and configure back-end services for WebCenter applications. Any changes that you make to WebCenter applications, post deployment, are stored in MDS metatdata store as customizations. See Section 1.3.5, "Oracle WebCenter Configuration Considerations."

Note:

Changes that you make to WebCenter services configuration, through Fusion Middleware Control or using WLST, are not dynamic so you must restart the managed server on which the WebCenter application is deployed for your changes to take effect. See Section 8.2, "Starting and Stopping Managed Servers for WebCenter Application Deployments."

This chapter includes the following sections:

Section 18.1, "What You Should Know About WebCenter Search with Oracle SES"
Section 18.2, "WebCenter Search Prerequisites for using Oracle SES"
Section 18.3, "Setting Up Oracle SES Connections"
Section 18.4, "Configuring Oracle SES to Search WebCenter Spaces"
Section 18.5, "Troubleshooting Issues with Search"

Audience

The content of this chapter is intended for Fusion Middleware administrators (users granted the Admin or Operator role through the Oracle WebLogic Server Administration Console). See also, Section 1.8, "Understanding Administrative Operations, Roles, and Tools."

18.1 What You Should Know About WebCenter Search with Oracle SES

You can extend WebCenter searches to external content repositories by connecting the WebCenter application to an Oracle SES instance. Providing that the Oracle SES instance is set up to search external repositories, results from these search sources can appear alongside WebCenter application search results. Supported versions include Oracle SES 10.1.8.4.x. You can register multiple Oracle SES connections but only one of them is active at a time.

Additionally, with WebCenter Spaces, you can override the default search adapters and use Oracle SES to get unified ranking results. This provides a faster, more unified search experience across WebCenter objects. For more information, see Section 18.4, "Configuring Oracle SES to Search WebCenter Spaces."

18.2 WebCenter Search Prerequisites for using Oracle SES

This section includes the following subsections:

Section 18.2.1, "Oracle SES - Installation"
Section 18.2.2, "Oracle SES - Configuration"
Section 18.2.3, "Oracle SES - Security"
Section 18.2.4, "Oracle SES - Limitations"

18.2.1 Oracle SES - Installation

For installation directions, see the section, "Back-End Requirements for the Search Service" in Oracle Fusion Middleware Installation Guide for Oracle WebCenter.

18.2.2 Oracle SES - Configuration

Oracle SES must be configured with an identity management system to validate and authenticate users. This is necessary for secure searches, so searches return only results that the user is allowed to view based on access privileges.

Because WebCenter uses identity propagation when communicating with Oracle SES, WebCenter's user base must match that in Oracle SES. One way this can happen is by configuring WebCenter and Oracle SES to the same identity management system, such as Oracle Internet Directory.

Note:
Oracle SES includes numerous identity plug-ins for identity management systems including Oracle Internet Directory, Oracle Content Server, and Microsoft Active Directory.

Only one identity plug-in can be set up for each Oracle SES instance. If you are using Oracle SES to search WebCenter Spaces and you are using multiple crawler types (WebCenter Spaces crawler, Documents crawler, and Discussions crawler) on your Oracle SES instance, then each of those repositories (WebCenter Spaces, Oracle Content Server, and Oracle WebCenter Discussions) must share the same user base as Oracle SES.

The following example sets up the identity plug-in for Oracle Internet Directory:
1. In the Oracle SES administration tool, navigate to the Global Settings - Identity Management Setup page, select Oracle Internet Directory from the available identity plug-ins, and click Activate.
2. Provide the following values:
  
  Host name: The host name of the computer where Oracle Internet Directory is running
  
  Port: The Oracle Internet Directory port number
  
  Use SSL: true or false based on your preference
  
  Realm: The Oracle Internet Directory realm, for example, dc=us,dc=oracle,dc=com
  
  User name: The Oracle Internet Directory admin username; for example, cn=orcladmin
  
  Password: Admin user password
3. Click Submit.
Each Oracle SES instance must have a trusted entity for allowing WebCenter end users to be securely propagated at query time. (A trusted entity allows the WebCenter application to authenticate itself to Oracle SES and assert its users when making queries on Oracle SES.) This trusted entity can be any user that either exists on the identity management server behind Oracle SES or is created internally in Oracle SES.
1. In the Oracle SES administration tool, navigate to the Global Settings - Federation Trusted Entities page.
2. Enter a name for a trusted entity. This is the name that WebCenter uses to authenticate itself to Oracle SES at query time (before it propagates the end user identity to Oracle SES).
  
  To allow the entity to be authenticated through the active identity plug-in:
  
  - Make sure that the entity name is the name of a user that exists in the identity management system.
  
  - Leave the password field blank.
  
  - Select the Use Identity Plug-in for authentication check box.
  
  - Enter the authentication attribute value corresponding to the Authentication Attribute in your active identity plug-in.
  
  To allow the entity to be authenticated through Oracle SES:
  
  - Enter any user name and password.
  
  - Do not select the Use Identity Plug-in for authentication check box.
For more information, see the online help for that page in Oracle SES.

18.2.3 Oracle SES - Security

Most enterprise deployments require that their HTTP connections be secure. SSL (secure socket layer) is an encryption protocol for securely transmitting private content on the internet. Oracle strongly recommends that you use an SSL-protected channel to transmit password and other secure data over networks.

For instructions, see Section 27.11, "Securing the WebCenter Spaces Connection to Oracle SES with SSL."

18.2.4 Oracle SES - Limitations

There are currently no known limitations.

18.3 Setting Up Oracle SES Connections

This section includes the following subsections:

Section 18.3.1, "Registering Oracle SES Services"
Section 18.3.2, "Choosing the Active Oracle SES Connection"
Section 18.3.3, "Modifying Oracle SES Connection Details"
Section 18.3.4, "Deleting Oracle SES Connections"
Section 18.3.5, "Testing Oracle SES Connections"

18.3.1 Registering Oracle SES Services

You can register multiple Oracle SES connections with a WebCenter application but only one of them is active at a time.

To start using a new (active) Oracle SES connection you must restart the managed server on which the WebCenter application is deployed.

You can register Oracle SES connections using either Fusion Middleware Control or WLST. This section includes the following subsections:

Section 18.3.1.1, "Registering Oracle SES Search Services Using Fusion Middleware Control"
Section 18.3.1.2, "Registering and Modifying Oracle SES Services Using WLST"

18.3.1.1 Registering Oracle SES Search Services Using Fusion Middleware Control

To register an Oracle SES instance with WebCenter applications:

Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the custom WebCenter application. For more information, see:
- Section 6.2, "Navigating to the Home Page for WebCenter Spaces"
- Section 6.3, "Navigating to the Home Page for Custom WebCenter Applications"
Do one of the following:
- For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.
- For custom WebCenter applications - From the Application Deployment menu, choose WebCenter > Service Configuration.
From the list of services on the WebCenter Service Configuration page, select Search.
To connect to a new Oracle SES instance, click Add (Figure 18-1).

Figure 18-1 Configuring Oracle Secure Search Services

Enter a unique name for this connection, and indicate whether this connection is the active (or default) connection for the application (Table 18-1).

Table 18-1 Search Connection - Name

Field	Description
Name	Enter a unique name for the connection. The name must be unique (across all connection types) within the WebCenter application.
Active Connection	Select to use the Oracle SES instance defined on this connection to search repositories outside the WebCenter application and include Oracle SES search results in your result set. While you can register multiple search connections for a WebCenter application, only one connection is used by the Search service—the default (or active) connection.

Field

Description

Name

Enter a unique name for the connection. The name must be unique (across all connection types) within the WebCenter application.

Active Connection

Select to use the Oracle SES instance defined on this connection to search repositories outside the WebCenter application and include Oracle SES search results in your result set.

While you can register multiple search connections for a WebCenter application, only one connection is used by the Search service—the default (or active) connection.

Enter connection details for the Oracle SES instance (Table 18-2).

Table 18-2 Oracle Secure Enterprise Search - Connection Details

Field Description

Field	Description
SOAP URL	Enter the Web Services URL that Oracle SES exposes to enable search requests. Use the format: http://host:port/search/query/OracleSearch For example: http://myHost:7777/search/query/OracleSearch
Federation Trusted Entity Name	Enter the user name of the Oracle SES federation trusted entity created in Section 18.2.2, "Oracle SES - Configuration." Tip: This user is configured in the Oracle SES administration tool, on the Global Settings - Federation Trusted Entities page. The user must be present in both the identity management server configured for your WebCenter application and the identity management server configured for Oracle SES. The WebCenter application must authenticate itself as a trusted application to Oracle SES to perform searches on behalf of WebCenter users. Examples in this chapter use `wpadmin` for this value.
Federation Trusted Entity Password	Enter the password for the federation trusted entity. This is not required if you selected the Use Identity Plug-in for authentication check box when setting up the federation trusted entity.

SOAP URL

Enter the Web Services URL that Oracle SES exposes to enable search requests.

Use the format:

http://host:port/search/query/OracleSearch

For example:

http://myHost:7777/search/query/OracleSearch

Federation Trusted Entity Name

Enter the user name of the Oracle SES federation trusted entity created in Section 18.2.2, "Oracle SES - Configuration."

Tip: This user is configured in the Oracle SES administration tool, on the Global Settings - Federation Trusted Entities page.

The user must be present in both the identity management server configured for your WebCenter application and the identity management server configured for Oracle SES.

The WebCenter application must authenticate itself as a trusted application to Oracle SES to perform searches on behalf of WebCenter users.

Examples in this chapter use wpadmin for this value.

Federation Trusted Entity Password

Enter the password for the federation trusted entity. This is not required if you selected the Use Identity Plug-in for authentication check box when setting up the federation trusted entity.

On Advanced Configuration, enter the Oracle SES data group (also known as a source group) in which to search. This parameter is specific to the Oracle SES search adapter. If a value is not provided, then everything in the Oracle SES instance is searched.

Optionally, configure additional options for the Oracle SES connection (Table 18-3). With the exception of the Oracle Secure Enterprise Data Group parameter, these parameters apply to all search adapters.

Note:

These Oracle SES advanced configuration parameters can be left blank if you are setting up Oracle SES for the first time. You can return here to tune these parameters later.

Table 18-3 Oracle Secure Enterprise Search - Advanced Configuration

Field	Description
Oracle Secure Enterprise Search Data Group	Specify the Oracle SES data group in which to search. If a value is not provided, then everything in the Oracle SES instance is searched.
Execution Timeout	Enter the maximum time that a service is allowed to execute a search (in ms).
Executor Preparation Timeout	Enter the maximum time that a service is allowed to initialize a search (in ms).
Results per Service - Saved Search Task Flows	Enter the number of search results displayed, per service, in a Saved Search task flow.
Results per Service - Search Page	Enter the number of search results displayed, per service, for searches submitted from the main search page. Users can click Show All to see all the results.
Results per Service - Search Toolbar	Enter the number of search results displayed, per service, for searches submitted from the global search toolbar.
Number of Saved Searches in Search Page	Enter the number of saved searches displayed in the Saved Search dropdown list (on the main search page).

Click OK to save this connection.
To start using the new (active) connection you must restart the managed server on which the WebCenter application is deployed. For more information, see Section 8.2, "Starting and Stopping Managed Servers for WebCenter Application Deployments."

18.3.1.2 Registering and Modifying Oracle SES Services Using WLST

Use the WLST command createSESConnection to create an Oracle SES connection. Use setSESConnection to alter an existing Oracle SES connection. For command syntax and examples, see the sections, "createSESConnection" and "setSESConnection" in the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

To configure the WebCenter Search service to actively use a new Oracle SES connection, set default=true. For more information, see Section 18.3.2.2, "Choosing the Active Oracle SES Connection Using WLST."

Use the WLST command setSearchConfig to edit properties relating to the Search service, such as the number of search results displayed. For command syntax and examples, see the section, "setSearchConfig" in the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

For information on how to run WLST commands, see Section 1.12.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands."

Note:

To start using the new (active) connection or settings, you must restart the managed server on which the WebCenter application is deployed. See, "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.

18.3.2 Choosing the Active Oracle SES Connection

You can register multiple Oracle SES connections with a WebCenter application but only one connection is active at a time.

For WebCenter Spaces and any custom WebCenter application, the active connection becomes the back-end search engine.

Note:

These steps in this section are not necessary if you selected the active connection in Section 18.3.1, "Registering Oracle SES Services."

This section includes the following subsections:

Section 18.3.2.1, "Choosing the Active Oracle SES Connection Using Fusion Middleware Control"
Section 18.3.2.2, "Choosing the Active Oracle SES Connection Using WLST"

18.3.2.1 Choosing the Active Oracle SES Connection Using Fusion Middleware Control

To change the active connection:

Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the custom WebCenter application. For more information, see:
- Section 6.2, "Navigating to the Home Page for WebCenter Spaces"
- Section 6.3, "Navigating to the Home Page for Custom WebCenter Applications"
Do one of the following:
- For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.
- For custom WebCenter applications - From the Application Deployment menu, choose WebCenter > Service Configuration.
From the list of services on the WebCenter Services Configuration page, select Search.

The Manage Secure Enterprise Search Connections table indicates the current active connection (if any).
Select the connection you want to make the active (or default) connection, and then click Edit.
Select the Active Connection check box.
Click OK to update the connection.
To start using the new (active) connection you must restart the managed server on which the WebCenter application is deployed. For more information, see Section 8.2, "Starting and Stopping Managed Servers for WebCenter Application Deployments."

18.3.2.2 Choosing the Active Oracle SES Connection Using WLST

Use the WLST command setSESConnection with default=true to activate an existing Oracle SES connection. For command syntax and examples, see the section, "setSESConnection" in the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

To subsequently disable an Oracle SES connection, run the same WLST command with default=false. Connection details are retained but the connection is no longer named as an active connection.

For information on how to run WLST commands, see Section 1.12.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands."

Note:

To start using the active connection you must restart the managed server on which the WebCenter application is deployed. For more information, see the section, "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.

18.3.3 Modifying Oracle SES Connection Details

You can modify Oracle SES connection details at any time.

To start using the updated (active) connection you must restart the managed server on which the WebCenter application is deployed.

Note:

The steps in this section are required only if you want to modify the details configured in Section 18.3.1, "Registering Oracle SES Services."

This section includes the following subsections:

Section 18.3.3.1, "Modifying Oracle SES Connection Details Using Fusion Middleware Control"
Section 18.3.3.2, "Modifying Oracle SES Connection Details Using WLST"

18.3.3.1 Modifying Oracle SES Connection Details Using Fusion Middleware Control

To update connection details for an Oracle SES instance:

Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the custom WebCenter application. For more information, see:
- Section 6.2, "Navigating to the Home Page for WebCenter Spaces"
- Section 6.3, "Navigating to the Home Page for Custom WebCenter Applications"
Do one of the following:
- For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.
- For custom WebCenter applications - From the Application Deployment menu, choose WebCenter > Service Configuration.
From the list of services on the WebCenter Service Configuration page, select Search.
Select the connection name, and click Edit.
Edit connection details, as required. For detailed parameter information, see Table 18-2.
Click OK to save your changes.
To start using the updated (active) connection you must restart the managed server on which the WebCenter application is deployed. For more information, see Section 8.2, "Starting and Stopping Managed Servers for WebCenter Application Deployments."

18.3.3.2 Modifying Oracle SES Connection Details Using WLST

Use the WLST command setSESConnection to edit an existing Oracle SES search connection. For command syntax and examples, see the section, "setSESConnection" in the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

Use the command setSearchSESConfig to set additional Oracle SES connection properties, such as the Oracle SES data group in which to search. For syntax details and examples, see the section, "setSearchSESConfig" in the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

For information on how to run WLST commands, see Section 1.12.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands."

Note:

To start using the updated (active) connection you must restart the managed server on which the WebCenter application is deployed. For more information, see the section, "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.

18.3.4 Deleting Oracle SES Connections

You can delete Oracle SES connections at any time but take care when deleting the active connection. If you delete the active connection, users are not able to search content on external repositories.

This section includes the following subsections:

Section 18.3.4.1, "Deleting Search Connections Using Fusion Middleware Control"
Section 18.3.4.2, "Deleting Search Connections Using WLST"

18.3.4.1 Deleting Search Connections Using Fusion Middleware Control

To delete an Oracle SES server connection:

Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the custom WebCenter application. For more information, see:
- Section 6.2, "Navigating to the Home Page for WebCenter Spaces"
- Section 6.3, "Navigating to the Home Page for Custom WebCenter Applications"
Do one of the following:
- For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.
- For custom WebCenter applications - From the Application Deployment menu, choose WebCenter > Service Configuration.
From the Service Connection drop-down, select Search.
Select the connection name, and click Delete.
To effect this change you must restart the managed server on which the WebCenter application is deployed. For more information, see Section 8.2, "Starting and Stopping Managed Servers for WebCenter Application Deployments."

18.3.4.2 Deleting Search Connections Using WLST

Use the WLST command deleteConnection to remove a search connection. For command syntax and examples, see the section, "deleteConnection" in the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

For information on how to run WLST commands, see Section 1.12.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands."

Restart the managed server on which the WebCenter application is deployed. For more information, see Section 8.2, "Starting and Stopping Managed Servers for WebCenter Application Deployments."

18.3.5 Testing Oracle SES Connections

Confirm the Oracle SES connection by entering in a browser the URL for Oracle SES Web Services operations:

http://host:port/search/query/OracleSearch

If the URL address does not render in the browser, then either the host or port for the Oracle SES server is incorrect, or Oracle SES has not been started.

If the URL address does render in the browser, then click the proxyLogin operation to log in Oracle SES using proxy authentication.

Enter the following parameters:

username: User name that WebCenter uses to authenticate itself to Oracle SES, created in Section 18.2.2, "Oracle SES - Configuration." This user must be a valid trusted entity registered in the federation trusted entities on Oracle SES.
password: Password of this user created in Section 18.2.2, "Oracle SES - Configuration."
searchUser: User name of an end user present in the identity management system used by Oracle SES

When a request is sent for proxyLogin, Oracle SES calls the identity plug-in (which returns the call) to authenticate the entity. Click Invoke to run the operation (Figure 18-2).

Figure 18-2 Web Services API proxyLogin

Description of "Figure 18-2 Web Services API proxyLogin"

If the connection is good, then you should see a response similar to the following:

<?xml version='1.0' encoding='UTF-8'?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<SOAP-ENV:Body>
<ns1:proxyLoginResponse
xmlns:ns1="http://oracle.search.query.webservice/OracleSearchService.wsdl"
SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<return xmlns:ns2="http://oes.oracle.com/OracleSearch" xsi:type="ns2:Status">
<message xsi:type="xsd:string" xsi:nil="true"/>
<status xsi:type="xsd:string">successful</status>
</return>
</ns1:proxyLoginResponse>
 
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

18.4 Configuring Oracle SES to Search WebCenter Spaces

With WebCenter Spaces, you can override the default search adapters and use Oracle SES to get unified ranking results for the following resources:

Documents
Group Spaces
Group Space Announcements
Group Space Discussions
Lists
Pages
People
Wikis and blogs

The results are listed together, instead of being grouped into separate sections for Documents, Discussions, and so on. The most relevant items appear first.

For example, when you run a search for a user name, most likely, you are looking for that person's contact information (that is, the exact user name in the People Connections service), not necessarily documents that the user wrote. The unified ranking results in Oracle SES allow you to see the most relevant results, across all different types of searches, without configuring Search Preferences.

You can create the following crawlers on Oracle SES to crawl WebCenter Spaces resources:

Oracle WebCenter Documents Crawler: This uses the Oracle Content Server source type to crawl documents. The Oracle Content Server source type is provided out-of-the-box in Oracle SES.
Oracle WebCenter Discussions Crawler: This uses the Database source type to crawl discussions and announcements. The Database source type is provided out-of-the-box in Oracle SES.
Oracle WebCenter Spaces Crawler: This uses a Secure RSS source type to crawl the WebCenter Spaces application and certain objects, such as lists, pages, group spaces, wikis and blogs, and people connections profiles. You must create this source type in Oracle SES (one time for each Oracle SES instance).

Note:

Oracle SES crawls information collected as a source. Each source has a type that identifies where the information is stored, such as in a database or a content repository.

All crawlers (Documents, and Discussions, and WebCenter Spaces), must be configured on the same Oracle SES instance.

Even after Oracle SES is configured to search these specific WebCenter Spaces resources, all other non-crawled resources (for example, tags, notes, and events) continue to be returned in search results, in their own grouping.

This section describes the steps necessary to set up Oracle SES to search WebCenter Spaces:

Section 18.4.1, "Setting Up Oracle SES for WebCenter Spaces"
Section 18.4.2, "Setting Up WebCenter Spaces for Oracle SES Search"
Section 18.4.3, "Setting Up Oracle Content Server for Oracle SES Search"
Section 18.4.4, "Setting Up Oracle WebCenter Discussions for Oracle SES Search"
Section 18.4.5, "Setting Up Oracle SES to Search WebCenter Spaces"

18.4.1 Setting Up Oracle SES for WebCenter Spaces

Run the following steps to set up WebCenter Spaces for Oracle SES search.

Verify that you have the latest information on required patches from Oracle SES. These are noted in the section "Back-End Requirements for the Search Service" in Oracle Fusion Middleware Installation Guide for Oracle WebCenter and in the Release Notes.
Verify that a federation trusted identity exists on Oracle SES for WebCenter, as described in Section 18.2.2, "Oracle SES - Configuration" and Section 18.3.5, "Testing Oracle SES Connections."

Get webcenter_search_ses_plugins.zip from the $WC_ORACLE_HOME/ses directory, and put it in the OracleSES_Home directory on the Oracle SES instance.

Note:

OracleSES_Home represents the software location that you specified at the time of installing Oracle SES.

The WebCenter instance and the Oracle SES instance might be on different computers.

Change to the Oracle SES home directory. For example:
```
cd $OracleSES_Home
```
Run the following command to install necessary WebCenter plug-ins:
```
unzip webcenter_search_ses_plugins.zip
```
This adds the following WebCenter jar files to an SES installation:
- OracleSES_Home/search/lib/plugins/webcenter/search-auth-share.jar
- OracleSES_Home/search/lib/plugins/webcenter/search-auth-plugin.jar
- OracleSES_Home/search/lib/plugins/doc/search-crawl-ucm.jar
To use Oracle SES to search group spaces, lists, pages, or wikis, you must first create a crawl admin user in WebCenter Spaces and in your back-end identity management server (for example, mycrawladmin). You only need to create a crawl admin user once.

Note:
See your identity management system documentation for information on creating users.

The following example uses Oracle Directory Services Manager to create the mycrawladmin user.
1. On the Data Browser tab, navigate to the target cn and click Create. This example navigates to "dc=com,dc=oracle,dc=us,cn=Users". In the Add Object Class dialog, select the appropriate object class, and click OK. (Figure 18-3).
  
  Figure 18-3 Oracle Directory Services Manager - Add Object Class
  
  Description of "Figure 18-3 Oracle Directory Services Manager - Add Object Class"
2. Find the distinguished name (DN) path, and click Select (Figure 18-4). This example selects "dc=com,dc=oracle,dc=us,cn=Users".
  
  Figure 18-4 Oracle Directory Services Manager - Select DN Path
  
  Description of "Figure 18-4 Oracle Directory Services Manager - Select DN Path"
3. In the Create New Entry dialog, enter properties, and click Next (Figure 18-5).
  
  Figure 18-5 Oracle Directory Services Manager - Create New Entry
  
  Description of "Figure 18-5 Oracle Directory Services Manager - Create New Entry"
4. When you see that the new entry was created successfully, click Finish. (Figure 18-6)
  
  Figure 18-6 Oracle Directory Services Manager - Status
  
  Description of "Figure 18-6 Oracle Directory Services Manager - Status"

18.4.2 Setting Up WebCenter Spaces for Oracle SES Search

This section describes how to configure WebCenter Spaces to work with Oracle SES, using WLST commands. After completing these steps you must restart the managed server on which WebCenter Spaces is deployed to effect your changes.

Note:

Although some operations in this section can be run using Fusion Middleware Control, for consistency it is best to complete these operations using WLST.

For more information about using WLST, see Section 1.12.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands."

For more information about the WLST commands in this section, see Oracle Fusion Middleware WebLogic Scripting Tool Command Reference:

createSESConnection
setSearchSESConfig
setSearchConfig
listAppRoles
createAppRole
grantPermission
grantAppRole
setSpacesCrawlProperties
getSpacesCrawlProperties
listDocumentsSpacesProperties

Use WLST to configure the connection between WebCenter Spaces and Oracle SES.
1. Use the WLST command createSESConnection to create a connection to Oracle SES, if a connection does not exist yet. For example:
```
createSESConnection(appName='webcenter',
                   name='MySesConnection',
                   url='http://myhost.com:7777/search/query/OracleSearch',              
                   appUser='wpadmin',
                   appPassword='welcome1',
                   default=true)
```
  where appUser is the user name of the Oracle SES federation trusted entity created in Section 18.2.2, "Oracle SES - Configuration."
2. Specify a data group (also known as source group) under which you will be searching Oracle SES. For example:
```
setSearchSESConfig(appName='webcenter',
                   dataGroup='MySources')
```
  where dataGroup is the source group created in Section 18.4.5.5, "Additional Oracle SES Configuration."
  
  For more information on Oracle SES configuration, see Table 18-3.
3. Increase the number of search results displayed in Oracle SES results. (Five is the default setting, but Oracle SES result sets generally are larger than five.) For example:
```
setSearchConfig(appName='webcenter',
                numResultsMain=20,
                numResultsToolbar=20)
```

Create a crawl application role for WebCenter Spaces.

See if the crawl application role exists with the following command:

listAppRoles(appStripe='webcenter')

The list may be very long. Look for 'webcenter#-#defaultcrawl' as a Principal Name in the results. For example:

  [ [Principal Clz Name : 
oracle.security.jps.internal.core.principals.JpsApplicationRoleImpl, 
Principal Name :webcenter#-#defaultcrawl, Type : APP_ROLE], Display Name : 
Crawl Role. This role never gets updated by webcenter UIs., Description : 
null, Guid : DA91B6572AF911DFBF70237926348A3B]

If 'webcenter#-#defaultcrawl' does not exist, then you must create the crawl application role with the following WLST command:

createAppRole(appStripe='webcenter', 
              appRoleName='webcenter#-#defaultcrawl');

Then grant "view" permissions to WebCenter Spaces content as follows:

grantPermission(appStripe="webcenter",
principalClass="oracle.security.jps.service.policystore.ApplicationRole",
principalName="webcenter#-#defaultcrawl",
permClass="oracle.webcenter.community.model.security.CommunityPermission",
permTarget="*", 
permActions="view")
 
grantPermission(appStripe="webcenter",
principalClass="oracle.security.jps.service.policystore.ApplicationRole",
principalName="webcenter#-#defaultcrawl",
permClass="oracle.webcenter.relationship.model.security.RelationshipPermission", 
permTarget="*",
permActions="view")
 
grantPermission(appStripe="webcenter",
principalClass="oracle.security.jps.service.policystore.ApplicationRole",
principalName="webcenter#-#defaultcrawl",
permClass="oracle.webcenter.list.model.security.ListPermission",
permTarget="*", 
permActions="view")
 
grantPermission(appStripe="webcenter",
principalClass="oracle.security.jps.service.policystore.ApplicationRole",
principalName="webcenter#-#defaultcrawl",
permClass="oracle.webcenter.page.model.security.CustomPagePermission",
permTarget="*", 
permActions="view")
 
grantPermission(appStripe="webcenter",
principalClass="oracle.security.jps.service.policystore.ApplicationRole",
principalName="webcenter#-#defaultcrawl",
permClass="oracle.webcenter.page.model.security.PagePermission",
permTarget="*", 
permActions="view")
 
grantPermission(appStripe="webcenter",
principalClass="oracle.security.jps.service.policystore.ApplicationRole",
principalName="webcenter#-#defaultcrawl",
permClass="oracle.webcenter.note.model.security.NotePermission",
permTarget="*",
permActions="view")
 
grantPermission(appStripe="webcenter",
principalClass="oracle.security.jps.service.policystore.ApplicationRole",
principalName="webcenter#-#defaultcrawl",
permClass="oracle.webcenter.collab.calendar.model.security.EventPermission", 
permTarget="*", 
permActions="view")

Grant the crawl application role to the crawl admin user created in Section 18.4.1, "Setting Up Oracle SES for WebCenter Spaces." For example:

grantAppRole(appStripe="webcenter",
             appRoleName="webcenter#-#defaultcrawl",
             principalClass="weblogic.security.principal.WLSUserImpl",
             principalName="mycrawladmin");

Enable the Oracle SES crawlers in WebCenter Spaces.

With the same WLST command, you can set crawler properties (that is, enable/disable the crawlers) and specify an interval between full crawls for the WebCenter Spaces crawler. By default, full crawls for the WebCenter Spaces crawler occur every seven days, but you can specify a different frequency. (Incremental crawls, for all three crawlers, are initiated by the schedule set in Oracle SES.)

For example:

setSpacesCrawlProperties(appName='webcenter', 
                         fullCrawlIntervalInHours=168, 
                         spacesCrawlEnabled = true, 
                         documentCrawlEnabled=true,          
                         discussionsCrawlEnabled=true)

Notes:

You can configure components like Oracle Content Manager and Oracle WebCenter Discussions and still use the default search adapters in WebCenter Spaces by setting documentCrawlEnabled=false or discussionsCrawlEnabled=true.

A clustered instance additionally requires the server parameter; for example, server="WLS_Spaces1".

The following example specifies that WebCenter Spaces runs a full crawl through the WebCenter Spaces crawler every 8 days.

setSpacesCrawlProperties(appName='webcenter',fullCrawlIntervalInHours=192)

You also can use WLST to return the current crawl settings for WebCenter Spaces, such as the number of hours between full crawls (WebCenter Spaces crawler), and which Oracle SES crawlers are enabled (WebCenter Spaces crawler, Discussions crawler, and Document crawler). For example, the following command returns the current crawl settings for WebCenter Spaces.

getSpacesCrawlProperties(appName='webcenter')

WebCenter Spaces Crawl Properties:
-----------------
fullCrawlIntervalInHours: 124
spacesCrawlEnabled:       true
documentCrawlEnabled:     true
discussionsCrawlEnabled:  false

Use the listDocumentsSpacesProperties command to determine the unique name that the back-end Oracle Content Server is using to identify this WebCenter Spaces application and the connection name for the primary Oracle Content Server that WebCenter Spaces is using to store documents. For example:

listDocumentsSpacesProperties('webcenter')

The response should looks something like the following:

The Documents Spaces container is "/WebCenter1109"
The Documents repository administrator is "sysadmin"
The Documents application name is "WC1109"
The Documents primary connection is "stanl18-ucm11g"

Note:

Record the application name and the primary connection returned. These values are required later (in Section 18.4.5.2, "Setting Up Oracle SES to Search Documents") to set up Oracle SES to crawl WebCenter Spaces documents.

Restart the managed server on which the WebCenter Spaces application is deployed. See Section 8.2, "Starting and Stopping Managed Servers for WebCenter Application Deployments."

These steps complete WebCenter Spaces application configuration for Oracle SES. However, for Oracle SES searching to work, you must also configure the following:

Section 18.4.3, "Setting Up Oracle Content Server for Oracle SES Search"
Section 18.4.4, "Setting Up Oracle WebCenter Discussions for Oracle SES Search"
Section 18.4.5, "Setting Up Oracle SES to Search WebCenter Spaces"

18.4.2.1 Enabling Oracle SES Crawlers Using Fusion Middleware Control

In addition to enabling crawlers using WLST commands, you also can enable or disable crawlers anytime using Fusion Middleware Control.

Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces. For more information, see Section 6.2, "Navigating to the Home Page for WebCenter Spaces."
From the WebCenter menu, choose Settings > Application Configuration.
Select the crawlers you want to enable, and click Apply (Figure 18-1).

You can specify an interval between full crawls for the WebCenter Spaces crawler. By default, full crawls for the WebCenter Spaces crawler occur every seven days, but you can specify a different frequency. (Incremental crawls, for all three crawlers, are initiated by the schedule set in Oracle SES.)

You do not need to restart the managed server on which the WebCenter application is deployed.

Figure 18-7 WebCenter Spaces Search Crawlers

18.4.3 Setting Up Oracle Content Server for Oracle SES Search

This section describes how to configure Oracle Content Server to be crawlable by Oracle SES (in particular, the Oracle Content Server that WebCenter Spaces uses for storing documents).

The following steps must be done from within Oracle Content Server.

In the Oracle Content Server console, install the SESCrawlerExport component on the content server, if not already done:
1. Log on to Oracle Content Server as a system administrator. For example: http://host:port/idc.
2. From the Administration dropdown menu, select Admin Server.
3. Click the button with the instance name.
4. Click Component Manager from the menu list on the left pane.
  
  Figure 18-8 Oracle Content Server Component Manager
  
  Description of "Figure 18-8 Oracle Content Server Component Manager"
5. If the SESCrawlerExport is not listed under Enabled Components, then you must install it. In the Download section of the page, select SESCrawlerExport from the dropdown list and click Download. Or, in the Install New Component section, browse to find SESCrawlerExport.zip (generally, this is located in $CONTENT_SERVER_HOME/custom/CS10gR35UpdateBundle/extras), and click Install.
6. Enter configuration parameters. (You can change configuration parameters after installation on the Update Component Configuration page.)
  
  Disable security on authentication and authorization APIs provided by the SESCrawlerExport. (Clear the Disable the security on authentication/authorization APIs provided by the SESCrawlerExport check box.) This lets security provided by the SESCrawlerExport be done internally instead of by the content server.
  
  Additionally, in clustered environments only, the feedLoc parameter must specify a location on the shared disk accessed by the nodes of content server, and they each must reference it the same way; for example, sharedDrive/dir1/dir2. Note that this is not the default location (relative path) provided.
7. Restart Oracle Content Server.
Take a snapshot of the Oracle Content Server repository.
1. Log on to Oracle Content Server as a system administrator. For example: http://host:port/idc.
2. From the Administration dropdown menu, select SES Crawler Export.
3. Select All sources, and click Take Snapshot.
  
  Figure 18-9 Oracle Content Server Snapshot
  
  Description of "Figure 18-9 Oracle Content Server Snapshot"
  
  It is important to take a snapshot before the first crawl or any subsequent full crawl of the source.
  
  The snapshot generates configFile.xml at the location specified during component installation, and feeds are created at the subdirectory with the source name under feedLoc.

For detailed information on Oracle Content Server configuration, see the Deployment Guide.pdf included with the product.

18.4.4 Setting Up Oracle WebCenter Discussions for Oracle SES Search

This section describes how to configure Oracle WebCenter Discussions to be crawlable by Oracle SES (in particular, the Oracle WebCenter Discussions Server that WebCenter Spaces uses for storing discussions and announcements).

Note:

These steps is not required if you have a new installation of WebCenter (with an Oracle database) and Oracle WebCenter Discussions. It is only required if you are using upgraded (patched) instances.

You can find database schema details for the corresponding data sources from your Oracle WebLogic Server console.

Run the Repository Creation Utility (RCU) to confirm that the Discussions Crawler WebCenter component has been installed on the system.

For Oracle and Microsoft SQL Server databases:

Verify that the Oracle WebCenter Discussions back end has been configured properly by noting that the MyPrefix_DISCUSSIONS user is installed in RCU.

Then verify that the Oracle WebCenter Discussions Crawler has been configured properly by noting that the MyPrefix_DISCUSSIONS_CRAWLER user is installed in RCU.

For IBM DB2 databases:

Verify that the Oracle WebCenter Discussions back end has been configured properly by noting that the MyPrefix_DS user is installed in RCU. Then verify that the Oracle WebCenter Discussions Crawler has been configured properly by noting that the MyPrefix_DC user is installed in RCU.

Note:

For IBM DB2 databases, MyPrefix is limited to five characters. IBM DB2 uses operating system users for authentication (that is, the database user is actually an operating system user). Because some operating systems have an eight character limit for user names, this requires an eight character user name.

If the Discussions Crawler component is not installed, then you must install it using RCU, selecting the same prefix that was used for the Oracle WebCenter Discussions component. Also, during the tablespace specification step in RCU, select Prefix_IAS_DISCUSSIONS as the default tablespace. This installs the user for Oracle SES.

For more information, see Chapter 7, "Deploying WebCenter Applications."

Run the following tool to upgrade the data in the Oracle WebCenter Discussions database schema, if you have not run the tool already:

java -jar \
$MW_HOME/discussionserver/discussionserver-upgradeforses.jar \
<command_line_parameters>

where command_line_parameters are the following MDS schema details and discussions database schema details:

-mds_jdbc_user user_id \ 
-mds_jdbc_password password \
-mds_jdbc_url url \
-discussions_jdbc_user user_id \
-discussions_jdbc_password password \
-discussions_jdbc_url url

where mds_jdbc_user, mds_jdbc_password, and mds_jdbc_url are the values to log in to the MDS schema, and discussions_jdbc_user, discussions_jdbc_password, and discussions_jdbc_url are the values to log in to the discussions database schema.

For example:

java -jar $MW_HOME/as11r1wc/discussionserver/discussionserver-upgradeforses.jar\
-mds_jdbc_user foo \ 
-mds_jdbc_password welcome1 \ 
-mds_jdbc_url jdbc:oracle:thin:@host:port:SID \
-discussions_jdbc_user foo \ 
-discussions_jdbc_password welcome1 \ 
-discussions_jdbc_url jdbc:oracle:thin:@host:port:SID

18.4.5 Setting Up Oracle SES to Search WebCenter Spaces

The steps in this section must be performed in the Oracle SES administration tool.

The following steps are required:

Section 18.4.5.1, "Logging on to the Oracle SES Administration Tool"
Section 18.4.5.2, "Setting Up Oracle SES to Search Documents"
Section 18.4.5.3, "Setting Up Oracle SES to Search Discussions and Announcements"
Section 18.4.5.4, "Setting Up Oracle SES to Search Group Spaces, Lists, Pages, People, Wikis and Blogs"
Section 18.4.5.5, "Additional Oracle SES Configuration"

Tip:

For detailed information about Oracle SES configuration steps, see the Oracle SES documentation on the Oracle Fusion Middleware documentation library (in the WebCenter product area).

18.4.5.1 Logging on to the Oracle SES Administration Tool

To open the Oracle SES administration tool:

Open a browser and enter the URL provided after the installation. (This has the form http://host:port/search/admin/index.jsp.)
Log on with the user name eqsys and the password specified during installation.

18.4.5.2 Setting Up Oracle SES to Search Documents

To search WebCenter Spaces documents using Oracle SES, you must first set up a Document Service Manager (with a Document Service Instance and a Document Service Pipeline), and then create an Oracle Content Server source.

Configure the Document Service Manager (one time for each Oracle SES instance).

Note:

Document services are plug-ins involved in the processing of a document when it is being crawled. A document service allows WebCenter to add indexable attributes for documents used in a WebCenter Spaces application.

On the Global Settings - Document Services page, click Create. Select Create New Manager, click Next, and enter the following parameters:

Manager Class Name: oracle.webcenter.search.crawl.ucm.ses.WcUcmDsManager

Manager Jar File Name: search-crawl-ucm.jar

Click Next, and then click Finish.

Create the Documents Service Instance.

Again, on the Global Settings - Document Services page, click Create. This time, select Select From Available Managers with the Secure Enterprise Search WebCenter UCM Plug-in. Click Next, and, in addition to the entering an instance name, enter the following parameters:

WebCenter Application Name: The unique name being used to identify this WebCenter Spaces application in the back-end Oracle Content Server.

Connection Name: The name of the primary Oracle Content Server connection that WebCenter Spaces is using to store group space and personal space documents.

WebCenter URL Prefix: The host and port where the WebCenter Spaces application is running; for example: http://myhost:8888

Note:

Use the listDocumentsSpacesProperties command to determine the application name and connection name for WebCenter Spaces, as described in Section 18.4.2, "Setting Up WebCenter Spaces for Oracle SES Search."

Create the Document Services Pipeline. This invokes the document service instance.

Again, on the Global Settings - Document Services page, under the Document Services Pipelines section, click Create.

Enter a name and select the instance created in the previous step.

Create the Oracle Content Server source for documents.
1. Go to Home > Sources.
2. From the Source Type dropdown list, select Oracle Content Server. Click Create, and enter the following parameters:
  
  Source Name: unique_name
  
  Configuration URL: Content_Server_SES_Crawler_Export_endpoint; for example, http://host:port/idc/idcplg?IdcService=SES_CRAWLER_DOWNLOAD_CONFIG&source=default
  
  Note:
  The source=default parameter denotes the name of the source created in the configuration of the SES Crawler Export. The default one is created automatically and called "default."
  
  Authentication Type:
  
  If Oracle Content Server is not protected by SSO, then enter NATIVE.
  
  If Oracle Content Server is protected by Oracle SSO, then enter ORASSO.
  
  User ID:
  
  If Authentication Type is NATIVE, then enter sysadmin.
  
  If Authentication Type is ORASSO, then enter a user ID (and password) of a user in the identity management server fronted by Oracle SSO. This user must have been granted the same permissions as sysadmin. If it is not possible to grant those permissions, then delete the "remote" user corresponding to this user in Oracle Content Server, and create a "local" version of the user (same name) in Oracle Content Server.
  
  Password: Password for this Oracle Content Server user.
  
  Realm:
  
  If Authentication Type is NATIVE, then enter "Idc Security /idc/idcplg", where /idc/ is the context root you provided when you installing Oracle Content Server.
  
  If Authentication Type is ORASSO, then leave this parameter blank.
  
  Scratch Directory: Specify a directory on the system under which the Oracle SES instance resides.
  
  Oracle SSO Login URL:
  
  If Authentication Type is ORASSO, then specify a value for Oracle SSO. For example: https://login.oracle.com/mysso/signon.jsp?site2pstoretoken=
  
  If Authentication Type is NATIVE, then leave this field blank.
  
  Oracle SSO Action URL:
  
  If Authentication Type is ORASSO, then specify a value for Oracle SSO. For example: https://login.oracle.com/sso/auth
  
  If Authentication Type is NATIVE, then leave this field blank.
  
  Click Next.
3. On the Create User-Defined Source : Step 2 : Authorization page, enter the following parameters in the Authorization Manager section, if not entered by default:
  
  Plug-in Class Name: oracle.search.plugin.security.auth.stellent.StellentAuthManager
  
  Jar File Name: oracleapplications/StellentCrawler.jar
  
  HTTP endpoint for authorization: for example, http://host:port/idc/idcplg
  
  Display URL Prefix: for example, http://host:port/idc
  
  Authentication Type: NATIVE
  
  Administrator User: Crawl admin user you registered in Section 18.4.1, "Setting Up Oracle SES for WebCenter Spaces"; for example, mycrawladmin
  
  Administrator Password: Password for crawl admin user
  
  Authorization User ID Format: Authentication attribute used in the active identity plug-in. To find this value, go to the Global Settings - Identity Management Setup page in Oracle SES. Enter the value of the Authentication Attribute under the Active Plug-in (for example, nickname or username or something else). If you are using the Oracle E-Business Suite R12 identity plug-in, then leave the this parameter blank.
  
  Realm:
  
  If Authentication Type is NATIVE, then enter "Idc Security /idc/idcplg", where /idc/ is the context root you provided when you installing Oracle Content Server.
  
  In Authentication Type is ORASSO, then leave this field blank.
4. Click Create & Customize (or edit a created source) to see other source parameters. On the Crawling Parameters tab, enter the following crawling parameter:
  
  Document Service Pipeline
5. Click Enable and select the pipeline you created.

18.4.5.3 Setting Up Oracle SES to Search Discussions and Announcements

To search WebCenter Spaces discussions and announcements using Oracle SES, you must first set up two Oracle SES Database sources: one for discussions and one for announcements. For example, the discussions source might have the source name GS_Discussions and a View of FORUMCRAWLER_VW, and the announcements source might have the source name GS_Announcements and a View of ANNOUNCEMENTS_VW.

Notes:

There are slightly different steps for Oracle, Microsoft SQL Server, and IBM DB2 databases.

Required for IBM DB2 databases only:
1. Copy the IBM driver files db2jcc.jar and db2jcc_license_cu.jar (obtainable from the IBM DB2 UDB client) into the OracleSES_Home/search/lib/plugins/oracleapplications folder in the Oracle SES instance.
2. Modify the drivers.properties file to include the following line:
```
"db2: com.ibm.db2.jcc.DB2Driver"
```
3. Create a temporary directory called tmp, and then change to that directory and extract the contents of appsjdbc.jar:
```
mkdir search/lib/plugins/oracleapplications/tmp
cd search/lib/plugins/oracleapplications/tmp
jar -xvf ../appsjdbc.jar
```
  Note:
  The jar command comes from the OracleSES_Home/jdk/bin directory.
4. In the directory OracleSES_Home/search/lib/plugins/oracleapplications/tmp, modify META-INF/MANIFEST.MF to change the line "Class-Path: sqljdbc.jar" to the following:
```
"Class-Path: sqljdbc.jar db2jcc.jar db2jcc_license_cu.jar"
```
5. Make sure that no crawlers are running that use the database crawler source. In the Oracle SES administration tool, check the crawler progress and status on the Home - Schedules page. (Click Refresh Status.)
6. Remake the jar:
```
jar cvfm ../appsjdbc.jar META-INF/MANIFEST.MF oracle/
```
Required for Microsoft SQL Server database only:

Copy the Microsoft JDBC driver file sqljdbc.jar into directory OracleSES_Home/search/lib/plugins/oracleapplications in the Oracle SES instance.
Create a Discussions source or an Announcements source.
1. In Oracle SES, go to Home > Sources.
2. From the Source Type dropdown list, select Database. Click Create, and enter the following parameters:
  
  Source Name: unique_name; for example, GS_Discussions to crawl discussions or GS_Announcements to crawl announcements
  
  Database Connection String: Enter one of the following
  
  - For an Oracle database, enter one of the following
  
  jdbc:oracle:thin:@host:port:sid
  
  jdbc:oracle:thin@host:port/serviceId
  
  - For an IBM DB2 database, enter jdbc:db2//host:port/database_name
  
  - For a Microsoft SQL Server database, enter jdbc:sqlserver://host_or_IP_address:port;database_name
  
  User ID: Enter one of the following
  
  - For an Oracle or Microsoft SQL Server database, the user MyPrefix_DISCUSSIONS_CRAWLER created during Oracle WebCenter Discussions installation
  
  - For an IBM DB2 database, the user MyPrefix_DC created during Oracle WebCenter Discussions installation (where MyPrefix is five characters)
  
  Password: Password for this user
  
  View:
  
  For an Oracle database, enter either FORUMCRAWLER_VW or ANNOUNCECRAWLER_VW: Use FORUMCRAWLER_VW for the source crawling discussion forums, and use ANNOUNCECRAWLER_VW for the source crawling announcements.
  
  For a Microsoft SQL Server or IBM DB2 database, leave this parameter blank.
  
  Query:
  
  For an Oracle database, leave this parameter blank.
  
  For a Microsoft SQL Server or IBM DB2 database, enter one of the following queries:
```
SELECT * FROM FORUMCRAWLER_VW
SELECT * FROM ANNOUNCECRAWLER_VW
```
  Use FORUMCRAWLER_VW for the source crawling discussion forums, and use ANNOUNCECRAWLER_VW for the source crawling announcements.
  
  URL Prefix: The URL prefix for the WebCenter Spaces application, including host and port; for example, http://host:port/
  
  Grant Security Attributes: FORUMID
3. Click Next.
4. On the Create User-Defined Source : Step 2 : Authorization page, enter the following parameters (if not prepopulated) in the Authorization Manager section:
  
  Plug-in Class Name: oracle.search.plugin.security.auth.db.DBAuthManager
  
  Jar File Name: oracleapplications/DBCrawler.jar
  
  Authorization Database Connection String: Enter one of the following:
  
  - For an Oracle database, enter one of the following:
  
  jdbc:oracle:thin:@host:port:sid
  
  jdbc:oracle:thin@host:port/serviceId
  
  - For an IBM DB2 database, enter jdbc:db2//host:port/database_name
  
  - For a Microsoft SQL Server database, enter jdbc:sqlserver://host_or_IP_address:port;database_name
  
  User ID: Enter one of the following:
  
  - For an Oracle or Microsoft SQL Server database, enter the user MyPrefix_DISCUSSIONS_CRAWLER
  
  - For an IBM DB2 database, enter the user MyPrefix_DC (where MyPrefix is five characters)
  
  Password: This user password
  
  Single Record Query: false
  
  Authorization Query: Enter the following (on one line):
```
SELECT forumID 
FROM AUTHCRAWLER_FORUM_VW 
WHERE (username = ? or userID=-1) 
UNION SELECT f.forumID 
FROM jiveForum f, AUTHCRAWLER_CATEGORY_VW c 
WHERE f.categoryID = c.categoryID AND (c.username =  ? or userID=-1) 
```
  Authorization User ID Format: Authentication attribute used in the active identity plug-in. To find this value, go to the Global Settings - Identity Management Setup page in Oracle SES. Enter the value of the Authentication Attribute under the Active Plug-in (for example, nickname or username or something else).
  
  If you are using the Oracle E-Business Suite R12 identity plug-in, then leave the this parameter blank.
5. Click Create to complete the source creation.

18.4.5.4 Setting Up Oracle SES to Search Group Spaces, Lists, Pages, People, Wikis and Blogs

In Oracle SES, you must first create the WebCenter source type and then set up a WebCenter source to search WebCenter Spaces objects like group spaces, lists, pages, people, wikis and blogs.

Create the WebCenter (Secure RSS) source type in Oracle SES. This source type only needs to be created one time in the Oracle SES instance.
1. Go to the Global Settings - Source Types page. Click Create, and enter the following:
  
  Name: Enter a name for the source type; for example, SecureWebCenterRss
  
  Plug-in Manager Java Class Name: oracle.search.plugin.rss.RSSSecureCrawlerMgr
  
  Plug-in Jar File Name: oracleapplications/rsscrawler.jar
  
  Note:
  The plug-in collects document attributes and contents to submit to the crawler. The crawler uses this information to index the documents.
2. Click Next, and on the following page click Finish to accept the default values.

Create the WebCenter source.

Go to the Home > Sources page.
From the Source Type dropdown list, select the source type name you entered in the previous step (for example, SecureWebCenterRss). This is the source type you created in the previous step. Click Create, and enter the following source parameters:

Source Name: unique_name

Configuration URL: host:port_of_WebCenterSpaces/rsscrawl; for example, http://myhost:8888/rsscrawl

Authentication Type: BASIC

User ID: Crawl admin user you registered in Section 18.4.1, "Setting Up Oracle SES for WebCenter Spaces"; for example, mycrawladmin

Password: Password for the crawl admin user

Realm: jazn.com

Scratch Directory: Specify a directory on the system under which the Oracle SES instance resides.

Oracle SSO Login URL:

Leave this field blank.

Oracle SSO Action URL:

Leave this field blank.

Click Next.
On the Create User-Defined Source : Step 2 : Authorization page, enter the following parameters in the Authorization Manager section:

Plug-in Class Name: oracle.webcenter.search.auth.plugin.WebCenterAuthManager

Jar File Name: webcenter/search-auth-plugin.jar

Click the Get Parameters button to display the following additional parameters:

Authorization Endpoint: host:port_of_WebCenterSpaces/sesUserAuth; for example, http://myhost:8888/sesUserAuth

Realm: jazn.com

User ID: Crawl admin user you registered Section 18.4.1, "Setting Up Oracle SES for WebCenter Spaces"; for example, mycrawladmin

Password: Password for the crawl admin user

Authorization User ID Format: Authentication attribute used in the active identity plug-in. To find this value, go to the Global Settings - Identity Management Setup page in Oracle SES. Enter the value of the Authentication Attribute under the Active Plug-in (for example, nickname or username or something else). If you are using the Oracle E-Business Suite R12 identity plug-in, then leave the this parameter blank.
Click Create to complete the source creation.

Note:

If WebCenter is fronted with an Oracle HTTP Server, then the Configuration URL and the Authorization Endpoint used in this example would require the following in mod_wl_ohs.conf file.

In a non-clustered environment:

<Location /rsscrawl>
SetHandler weblogic-handler
WebLogicHost host_name
WeblogicPort port
</Location>
 
<Location /sesUserAuth>
SetHandler weblogic-handler
WebLogicHost host_name
WeblogicPort port
</Location>

In a clustered environment:

<Location /rsscrawl>
WebLogicCluster host_name1:port,host_name2:port
SetHandler weblogic-handler
</Location>
 
<Location /sesUserAuth>
WebLogicCluster host_name1:port,host_name2:port
SetHandler weblogic-handler
</Location>

where host_name1 and host_name2 are the cluster nodes, and port is the listening port number of the managed server on which the WebCenter application is deployed.

18.4.5.5 Additional Oracle SES Configuration

Create a source group that includes the names of the Oracle Content Server, Discussions, Announcements, and WebCenter services sources you created.
1. Go to the Search - Source Groups page, and click Create.
2. Enter the same source group name used in Section 18.4.2, "Setting Up WebCenter Spaces for Oracle SES Search."
3. From the Select Source Type dropdown list, select each source type (Database, Oracle Content Server, Secure Rss), and then from the Available Sources listed for each source type, move the source you created for that source type into the Assigned Sources list.
4. Click Finish.
Optionally configure the security filter lifespan. This refreshes the authorization policies for users in the system. It is best to have a short lifespan when user policies change frequently. (This example set up has the Oracle Internet Directory identity plug-in as the security filter.)

For example, on the Global Settings - Query Configuration page, under Secure Search Configuration, enter 0 for Security Filter Lifespan (minutes).

Valid values for the security filter lifespan are between 0 minutes (no cache) and 526500 minutes (cache for one year).

To index everything, you must force a full crawl for each source; that is, you must change the existing incremental crawl schedule for each source to first process ALL documents.

This step is very important, in that searching does not work unless the content is first indexed completely.

Go to the Home - Schedules page, select the source schedule, and click Edit to force a full crawl.

After each source has been crawled, go back to the same page and change the crawl policy back to incremental (index documents that have changed since the previous crawl). Also, in the Frequency section of the page, select a non-manual type for running incremental crawl (for example, weekly or daily).

Note:

Before the first crawl of Oracle Content Server, remember to go to the Oracle Content Server Administration page, select SES Crawler Export, and take a snapshot. For more information, see Section 18.4.3, "Setting Up Oracle Content Server for Oracle SES Search."

18.5 Troubleshooting Issues with Search

This section provides troubleshooting tips on administering the Search service. It includes the following subsections:

Section 18.5.1, "Cannot Grant View Permissions to WebCenter Spaces"
Section 18.5.2, "Oracle SES Cannot Search WebCenter Objects"
Section 18.5.3, "Results Not Currently Available with Oracle SES Results"

18.5.1 Cannot Grant View Permissions to WebCenter Spaces

Problem

You get the following error when granting "view" permissions, as described in Section 18.4.2, "Setting Up WebCenter Spaces for Oracle SES Search."

Command FAILED, Reason: javax.naming.directory.AttributeInUseException: [LDAP: e
rror code 20 - uniquemember attribute has duplicate value.]; remaining name 'orc
lguid=F0CC506017B711DFBFFED9EA6A94EAEC,cn=Permissions,cn=JAAS Policy,cn=webcente
r,cn=wc_domain,cn=JPSContext,cn=jpsroot_webcenter_dadvmc0057'

Solution

This error appears if the permission is granted already. Ignore the error.

18.5.2 Oracle SES Cannot Search WebCenter Objects

Problem

The configuration for using Oracle SES to search WebCenter objects does not work.

Solution

Confirm that you have installed all required patches for Oracle SES. For the latest information on required patches, see "Back-End Requirements for the Search Service" in Oracle Fusion Middleware Installation Guide for Oracle WebCenter and the Release Notes.
Confirm that Oracle SES is configured with an identity management system to validate and authenticate users. Also confirm that WebCenter and Oracle SES use the same identity management system, such as Oracle Internet Directory. If you are using multiple crawler types (WebCenter Spaces crawler, Documents crawler, and Discussions crawler) on your Oracle SES instance, then each of those repositories (WebCenter Spaces, Oracle Content Server, and Oracle WebCenter Discussions) must share the same user base as Oracle SES.

Additionally, for identity propagation to work, the Oracle SES identity management system must contain a user that represents applications or trusted federation entities.

To test the Oracle SES is connection with a federated trusted entity user, see Section 18.3.5, "Testing Oracle SES Connections."
Monitor the crawl process in the Oracle SES administration tool by using a combination of the following:
- Check the crawler progress and status on the Home - Schedules page. (Click Refresh Status.) From the Status page, you can view statistics of the crawl.
- Monitor your crawler statistics on the Home - Schedules - Crawler Progress Summary page and the Home - Statistics page.
- Monitor your search statistics on the Home - General page and the Home - Statistics page.
See the Oracle Secure Enterprise Search Administrator's Guide for tips to tune crawl performance.

18.5.3 Results Not Currently Available with Oracle SES Results

Problem

The "Results Not Currently Available" message appears after a search. This may appear inconsistently, such as after you click the More button on the search results dialog.

Solution

This message appears when the service times out. This largely depends on the load of the system. To alleviate this problem, adjust the Execution Timeout parameter.

For more information, see Section 18.3.1, "Registering Oracle SES Services."