11 Managing Content Repositories

Oracle WebCenter enables content integration through:

This chapter describes how to configure and manage content repositories used by WebCenter applications. For more information about managing and including content in WebCenter applications, see:

Note:

Content repository configuration changes that you make through Fusion Middleware Control or using WLST are not dynamic; you need to restart the managed server on which the WebCenter application is deployed for your changes to take effect. See Section 8.2, "Starting and Stopping Managed Servers for WebCenter Application Deployments".

This chapter contains the following sections:

Audience

The content of this chapter is intended for Fusion Middleware administrators (users granted the Admin or Operator role through the Oracle WebLogic Server Administration Console). See Section 1.8, "Understanding Administrative Operations, Roles, and Tools".

11.1 What You Should Know About Content Repository Connections

Oracle WebCenter's support of the JCR 1.0 open document standard enables integration with multiple back-end content stores. Oracle WebCenter supports the following content repositories: Oracle Content Server, Microsoft SharePoint, Oracle Portal, and the file system.

Prerequisites for each content repository are described in the following sections:

WebCenter users need to store, publish, and share files. The Documents service provides content management and storage capabilities for WebCenter applications, including content upload, file and folder creation and management, file check out, versioning, and so on. To do this, the Documents service requires at least one content repository connection (WebCenter applications can support multiple content repository connections) to be made active (default):

  • WebCenter Spaces - In WebCenter Spaces, every Home Space has its own document folder, unique to its parent space. Spaces that have the Documents service provisioned also have their own document folder. The back-end service providing this functionality is Oracle Content Server. When a content repository is made active (see Section 11.7, "Changing the Active (or Default) Content Repository Connection"), it becomes the default content repository and additional properties become available for configuration. WebCenter Spaces requires the default content repository to be Oracle Content Server. Additionally, administrators may connect WebCenter Spaces to other content repositories that WebCenter Spaces may use.

  • Other WebCenter applications - When a content repository is made active (see Section 11.7, "Changing the Active (or Default) Content Repository Connection"), Documents service task flows use that content repository in instances where no specific connection details are provided. There is no particular requirement on the default content repository used.

When Oracle Content Server is the content repository (required for WebCenter Spaces), the Documents service and Oracle Content Server must be connected to the same identity store that is used by WebCenter Spaces.

Just like other service connections, post-deployment content repository connections are registered and managed through Fusion Middleware Control or using the WLST command-line tool. Connection information is stored in configuration files and in the MDS repository. For more information, see Section 1.3.5, "WebCenter Configuration Considerations."

Always use Fusion Middleware Control or the WLST command-line tool to review and configure back-end services for WebCenter applications. Any changes that you make to WebCenter applications, post-deployment, are stored in the Oracle Metadata Service (MDS) repository as customizations.

Once connection details are defined, WebCenter users can expose the content of the connected content repositories through several ADF Faces components, such as <af:image>, <af:inlineFrame>, and <af:goLink>, and built-in Documents service task flows (Document Manager, Folder Viewer, and Recent Documents). For more information, see "Working with Page Content" and "Working with the Documents Service" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

11.2 Oracle Content Server Prerequisites

This section discusses the prerequisites for an Oracle Content Server content repository in the following subsections:

11.2.1 Configuration Roadmaps for Oracle Content Server

Use the roadmaps in this section as an administrator's guide through the configuration process:

11.2.1.1 Roadmap - Configuring Oracle Content Server for WebCenter Spaces

The flow chart in Figure 11-1 provides an overview of the prerequisites and tasks required to get Oracle Content Server working in WebCenter Spaces.

Figure 11-1 Configuring Oracle Content Server for WebCenter Spaces

Description of Figure 11-1 follows Configure Oracle Content Server (OCS) for WebCenter Enable the Folders_g component Enable the WebCenterConfigure component Configure the Dynamic Converter component Configure the Inbound Refinery component Enable the WebCenterConversions component Configure FileStore Provider Configure the WebCenter SES crawler Set up Site Studio Enable Oracle Text Search Configure Item Level Security Create content profiles Configure Oracle HTTP Server Configure SSL Configure WebCenter keystore Configure OCS keystore Verify signatures Configure SSL on Oracle Content Server Configure a connection between OCS and the WebCenter application Configure a connection for WebCenter Spaces Configure a connection for WebCenter Portal applications
Description of "Figure 11-1 Configuring Oracle Content Server for WebCenter Spaces"

11.2.1.2 Roadmap - Configuring Oracle Content Server for WebCenter Portal Applications

The flow chart in Figure 11-2 provides an overview of the prerequisites and tasks required to get Oracle Content Server working in WebCenter Portal applications.

Figure 11-2 Configuring Oracle Content Server for WebCenter Portal Applications

Description of Figure 11-2 follows Configure Oracle Content Server for WebCenter Enable the Folders_g component Enable the WebCenterConfigure component Configure the Dynamic Converter component Configure the Inbound Refinery component Enable the WebCenterConversions component Configure FileStore Provider Configure the WebCenter SES crawler Set up Site Studio Enable Oracle Text Search Configure Item Level Security Create content profiles Configure Oracle HTTP Server Configure SSL Configure WebCenter keystore Configure OCS keystore Verify signatures Configure SSL on Oracle Content Server Configure a connection between OCS and the WebCenter application Use JDeveloper Use Fusion Middleware Control Use WLST Use WLS Admin Console Add/modify connection parameters
Description of "Figure 11-2 Configuring Oracle Content Server for WebCenter Portal Applications"

11.2.2 Oracle Content Server 11g - Installation

Oracle Content Server 11g is installed as a part of Oracle Universal Content Management (Oracle UCM). Oracle UCM is a product of Oracle Enterprise Content Management Suite, which is an Oracle Fusion Middleware component. For information about upgrading Oracle Content 10g release 3 to Oracle Content Server 11g, see the Oracle Fusion Middleware Upgrade Guide for Oracle Enterprise Content Management Suite at http://download.oracle.com/docs/cd/E14571_01/doc.1111/e16451/upgrade_ecm.htm.

While installing Oracle Content Server, you may also install Oracle Inbound Refinery (Oracle IBR). Oracle IBR is a conversion server that manages file conversions for electronic assets such as documents, digital images, and motion videos. It also provides thumbnail functionality for documents and images and storyboarding for videos. You can use Oracle IBR to convert content items stored in Oracle Content Server.

For information about installing Oracle Content Server, see the section "Oracle Content Server - Installation" in Oracle Fusion Middleware Installation Guide for Oracle WebCenter.

11.2.3 Oracle Content Server 11g - Configuration

This section includes the following subsections:

11.2.3.1 Configuring Oracle Content Server 11g for All WebCenter Applications

After installing Oracle Content Server 11g, perform the configuration tasks listed in Table 11-1. These tasks are common for both WebCenter Portal applications and WebCenter Spaces. This section also includes the following sections to which the tasks in Table 11-1 refer:

Table 11-1 Oracle WebCenter-Specific Postinstallation Configuration Tasks for Oracle Content Server

Task Description Documentation

Enable the Folders_g component

This component provides hierarchical folder interface to content in Oracle Content Server.

This task is mandatory.

For information, see the section "Enabling and Disabling a Component" in the Oracle Fusion Middleware System Administrator's Guide for Universal Content Management.

Enable the DynamicConverter component

This component enables HTML renditions. Slide Previewer is available in WebCenter when both DynamicConverter and the WebCenterConfigure components are installed. (This component must be installed before installing the WebCenterConfigure component.)

This task is optional but recommended.

For information, see the section "Enabling and Disabling a Component" in the Oracle Fusion Middleware System Administrator's Guide for Universal Content Management.

Enable the WebCenterConfigure component

This component configures an instance of Oracle Content Server for WebCenter applications. It sets configuration settings and adds services among other things. (This component must be installed after installing the DynamicConverter component.)

This task is mandatory.

For information about the tasks this component performs, see Section 11.2.3.1.3, "What You Should Know About the WebCenterConfigure Component."

For information, see the section "Enabling and Disabling a Component" in the Oracle Fusion Middleware System Administrator's Guide for Universal Content Management.

Configure Oracle Inbound Refinery (IBR)

This is a conversion server that manages file conversions for electronic assets such as documents, digital images, and motion videos. It also provides thumbnail functionality for documents and images and storyboarding for videos. You can use Oracle IBR to convert content items stored in Oracle Content Server.

This task is optional. However, thumbnails or renditions in WebCenter applications do not display if Oracle IBR is not configured.

For information, see the chapter "Configuring Oracle Inbound Refinery" in the Oracle Fusion Middleware Installation Guide for Oracle Enterprise Content Management Suite.

Configure FileStore Provider

This is required to store content files in the database.

This task is optional.

For information, see the section "FileStore Provider Information Page" in the appendix "System Properties and Settings Interface" in the Oracle Fusion Middleware System Administrator's Guide for Universal Content Management.

Configure Oracle Content Server to use an LDAP-based identity store

Oracle Content Server must be configured to use the same identity store LDAP server as Oracle WebCenter Spaces.

In a production environment, Oracle Content Server must use an external LDAP-based identity store.

For information, see Section 11.2.3.3, "Configuring Security Between Oracle Content Server 11g and WebCenter Portal Applications" and "Configuring the LDAP Identity Store Service" in the Oracle Fusion Middleware Security Guide.

Configure Secure Sockets Layer (SSL)

SSL is required only when the type of Oracle Content Server connection is socketssl.

This task is optional.

For information, see Section 31.7, "Securing the WebCenter Spaces Connection to Oracle Content Server with SSL."

Configure Oracle HTTP Server (OHS)

Configure OHS for Single-Sign On to function properly between Site Studio and Oracle Content Server UI.

This task is optional. However if OHS is not configured, certain functionality will not be available, such as Document Manager document rendition support, advanced metadata edit, the IFRAME functionality, and so on.

For information, see Appendix B, "Oracle HTTP Server Configuration for WebCenter" and the section "Configuring the mod_wl_ohs Module" in Oracle Fusion Middleware Administrator's Guide for Oracle HTTP Server.

Configure SES Crawler

You can override the default search adapters and use Oracle SES to get unified ranking results for WebCenter resources such as, documents, pages, people, and so on.

This task is optional.

For information, see Section 21.6.2, "Setting Up Oracle Content Server for Oracle SES Search."

Enable Site Studio components (Site Studio, Site Studio External Applications)

Enabling the Site Studio components allows the use of Site Studio to create and use Site Studio assets (region definitions and display templates) in Content Presenter.

This task is optional.

For information, see the section "Enabling and Disabling a Component" in Oracle Fusion Middleware System Administrator's Guide for Universal Content Management and the section "Publishing Content in Content Presenter" in Oracle Fusion Middleware User's Guide for Oracle WebCenter. See also Oracle Fusion Middleware Administrator and Manager's Guide for Site Studio.

Enable OracleTextSearch

By default, the database used by Oracle Content Server is set up to provide metadata-only searching and indexing capabilities. However, you can modify the default configuration of the database to additionally support full-text searching and indexing. Configuring full-text searching and indexing capabilities is optional, but advisable. For full-text search, it is recommended that you use the OracleTextSearch option.

OracleTextSearch index must always be in an Oracle database, regardless of the database type used for the main schema.

This task is optional but recommended.

For information, see the section "Configuring Oracle Text Search for Oracle Content Server" in Oracle Fusion Middleware Installation Guide for Oracle Enterprise Content Management Suite and the section "Site Studio Integration" in Oracle Fusion Middleware Application Administrator's Guide for Content Server.

Enable the WebCenterConversions component

This component lets users convert wikis and blogs into PDFs. It requires OpenOffice's integration with IBR.

See Section 11.2.3.1.1, "Enabling the Conversion of Wikis and Blogs into PDFs."

For information about setting up OpenOffice with IBR, see chapters "Managing Conversions" and "Working with PDF Conversions" in Oracle Fusion Middleware Administrator's Guide for Conversion.

Configure Item Level Security

The Documents service has the ability to use Item Level Security (ILS) to override the default Spaces document security model or to expose Oracle Content Server document security in a WebCenter Portal application. Using ILS allows Oracle Content Server folders (and their children) or individual documents to have unique security permissions. To enable the Documents service to support ILS, some parameters are set in Oracle Content Server. For example, RoleEntityACL. For information about how to set their values, see Section 11.2.3.2, "Configuring Oracle Content Server 11g to Support Item Level Security in All WebCenter Applications." See also, "Setting Security Options on a Folder or File" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

This task is optional.

For information, see Section 11.2.3.2.1, "What You Should Know About Item Level Security" and Section 11.2.3.2, "Configuring Oracle Content Server 11g to Support Item Level Security in All WebCenter Applications."

Create Content Profiles

WebCenter enables Oracle Content Server profiles to be used in a number of places within WebCenter applications:

  • When uploading content, a profile can be selected to check in the document through the Oracle Content Server UI that is launched by IFRAME.

  • During content uploads, a content profile can be selected to associate with a new document.

  • During a document manager search, a content profile can be used as part of an advanced search criteria.

  • During a document advanced properties edit, the associated metadata fields for a given content profile can be exposed for edit /update through the Document Manager task flow.

  • In the Content Presenter task flow, a content profile can be used as part of query search to select the content to display.

  • When creating a custom Content Presenter template, the metadata fields associated with a content profile can be used for rendering by the template.

This task is optional.

For important considerations, see Section 11.2.3.1.4, "What You Should Know About Creating Content Profiles in Oracle Content Server."

For information about creating content profiles, see the chapter "Managing Metadata" in the Oracle Fusion Middleware Application Administrator's Guide for Content Server.

For information about mandatory fields for check-in, see the chapter "Checking In Files" in the Oracle Fusion Middleware User's Guide for Content Server.


11.2.3.1.1 Enabling the Conversion of Wikis and Blogs into PDFs

Before You Begin Before you can enable the conversion of wikis and blogs into PDFs in WebCenter applications, you must first:

How to Enable Conversion through OpenOffice As described in this section, enabling the conversion of wikis and blogs into PDFs requires you to first install the WebCenterConversions component, then configure OpenOffice, which converts HTMLs to PDFs, in the Inbound Refinery server and Oracle Content Server respectively.

To install the WebCenterConversion component:

  1. Log in to the Inbound Refinery server.

  2. Expand the Administration node, then select Admin Server.

    This displays the Oracle Content Admin Server page.

  3. In the Component Manager, click the advanced component manager link.

    This displays the Advanced Component Manager page.

  4. In the Install New Component section, select WebCenterConversions.zip from the companion CD, then click Install.

    The OpenOfficeConversion displays in the Disabled Components box.

  5. Select OpenOfficeConversion and click Enable.

  6. Restart the Inbound Refinery server.

To configure OpenOffice in Inbound Refinery:

  1. In the Inbound Refinery server, under Conversion Settings, click the Conversion Listing link.

    This displays the Conversion Listing page.

  2. In the Conversions table, select the Accept checkbox for HtmToPDFOpenOffice, as shown in Figure 11-3, and click Update.

    Figure 11-3 HtmToPDFOpenOffice Selected in Inbound Refinery Server

    Description of Figure 11-3 follows
    Description of "Figure 11-3 HtmToPDFOpenOffice Selected in Inbound Refinery Server"

The HtmToPDFOpenOffice option that you just enabled in IBR will now display in the associated Oracle Content Server instance.

To enable OpenOffice in Oracle Content Server:

  1. Log in to Oracle Content Server.

  2. Expand the Administration node, then Refinery Administration, and then click File Formats Wizard.

  3. Under Select File Types, select the checkbox for Convert HTM to PDF with OpenOffice (HtmToPDFOpenOffice), as shown in Figure 11-4, and click Update.

    Figure 11-4 HtmToPDFOpenOffice Option Selected in Oracle Content Server

    Description of Figure 11-4 follows
    Description of "Figure 11-4 HtmToPDFOpenOffice Option Selected in Oracle Content Server"

11.2.3.1.2 Disabling Undesirable Site Asset Categories in Oracle Site Studio

You can disable or hide Site Asset categories that the Site Studio users may not require when designing region display templates. The following are the Site Asset categories that are not needed for typical Content Presenter implementations, and therefore, can be removed:

  • Placeholder Definitions

  • Page Templates

  • Subtemplates

  • Native Documents

  • Other Media

  • Manager Configuration Settings

  • Conversion Definitions

To remove Site Asset categories for each site:

  1. Run the Site Studio Designer and log into the site for which you want to disable these categories.

  2. Click Edit Site Asset Categories, as shown in Figure 11-5.

    Figure 11-5 Edit Site Asset Categories Button in Site Studio Designer

    Description of Figure 11-5 follows
    Description of "Figure 11-5 Edit Site Asset Categories Button in Site Studio Designer"

  3. In the Site Asset Categories dialog, select a category that is not required by the users, and click X, as shown in Figure 11-6.

    Figure 11-6 Site Asset Categories Dialog

    Description of Figure 11-6 follows
    Description of "Figure 11-6 Site Asset Categories Dialog"

11.2.3.1.3 What You Should Know About the WebCenterConfigure Component

Consider the following when working with the WebCenterConfigure component (Table 11-1) of Oracle Content Server:

  • When a WebCenter application starts up, if the active connection is to an Oracle Content Server 11.1.1.4.0, or higher, and the WebCenterConfigure component is enabled, the following Workflows are seeded:

    applicationNameWCAllApprover 
    applicationNameWCAllReviewer 
    applicationNameWCSingleApprover 
    

    where applicationName is the application name specified in the Document Properties. For example, the following workflows will be seeded for an application named myOCSapp:

     myOCSappWCAllApprover
     myOCSappWCAllReviewer
     myOCSappWCSingleApprover
    

    Note:

    If the application name is longer than 14 characters, it is truncated to 14 characters (losing the characters off the end) before adding to the workflow names. For example if the application name is WebCenterApplicationName, the workflow names will be: WebCenterAppliWCAllApprover, WebCenterAppliWCAllReviewer, and WebCenterAppliWCSingleApprover.
  • Enabling the WebCenterConfigure component allows for the following tasks (Table 11-2) in the Oracle Content Server:

    Table 11-2 Tasks Associated with the WebCenterConfigure Component

    Tasks Pointers to Verify the Completion of Tasks

    Enables accounts

    Oracle Content Server > Administration > Admin Server > General Configuration > Enable Accounts checkbox

    or

    FMW_HOME/user_projects/domains/ucm_domain/ucm/cs/config/config.cfg file. The setting in this file is UseAccounts=1.

    Allows updates to documents that are yet to be released

    Oracle Content Server > Administration > Admin Server > General Configuration > Additional Configuration Variables

    or

    FMW_HOME/user_projects/domains/ucm_domain/ucm/cs/config/config.cfg

    The setting is AllowUpdateForGenwww=1

    Disables the cache for folders

    CollectionUseCache is set to false by the WebCenterConfigure component each time the server starts up. This setting is visible in Administration > System Audit Information > Configuration Entry Information > Click All Environment Keys > shows all environment settings.

    or

    See the FMW_HOME/user_projects/domains/ucm_domain/ucm/cs/config/config.cfg file.The setting is CollectionUseCache=1.

    Adds metadata fields:

    • xWCTags

    • xWCPageId

    • xWCWorkflowAssignment

    • xWCWorkflowApproverUserList

    You can view, edit, and add metadata fields here: Oracle Content Server > Administration > Admin Applets > Configuration Manager > Information Fields tab.

    Sets Folder settings

    • System Default Information Field Configuration: Doc Type = Document

    • Information Field Inherit Configuration


      xWCWorkflowAssignment
      xWCWorkflowApproverUserList

    Oracle Content Server > Administration > Folder Configuration > System Default Information Field Configuration

    Oracle Content Server > Administration > Folder Configuration > Information Field Inherit Configuration

    Adds the WCWorkflowApproverUserToken workflow token

    Oracle Content Server > Administration > Admin Applets > Workflow Admin > Options > Tokens menu

    Adds three DynamicConverter templates

    If the DynamicConverter component is enabled, the DynamicConverter service is called to create the three DynamicConverter templates.

    Overrides certain behavior of the Site Studio Switch Content wizard to make Site Studio work in the WebCenter environment

    This provides access to the Site Studio Switch Content wizard and the Site Studio Contributor editor from within Content Presenter to allow for adding and editing Site Studio documents from WebCenter.

    • The contentwizard.hcsp and contentwizard.js files are copied from the /WebCenterConfigure.zip/component/WebCenterConfigure/publish/contentwizard/ directory to the OCS_HOME/cs/weblayout/resources/wcm/custom/sitestudio/contentwizard/webcenter/ directory.

    • The wcm.sitestudio.form.js file is copied from the /WebCenterConfigure.zip/component/WebCenterConfigure/publish/contentwizard/directory to the OCS_HOME/cs/weblayout/resources/wcm/custom/sitestudio/ directory.


11.2.3.1.4 What You Should Know About Creating Content Profiles in Oracle Content Server

The fields described in the section "Content Check-In Form" (see the table) in the "User Interface" appendix in the Oracle Fusion Middleware User's Guide for Content Server are mandatory for Oracle Content Server. All content profiles must include them, otherwise the check-in will fail.

To ensure that upload using profiles is successful in all WebCenter applications, additional fields listed in Table 11-3 are mandatory for Oracle Content Server profiles. As indicated in this table, some fields can be added as hidden or information fields to the profile. They can also be added as a separate rule to be included in other profiles as needed.

Table 11-3 Required Fields for Profiles

Field Display Name Field Name Recommended Field Permissions Setting Comments

Title

dDocTitle

EDIT

User must enter a title.

Content ID

dDocName

INFO

Set to EDIT if you want to allow users to enter their own Content ID names.

Folder

xCollectionID

INFO

Set to EDIT if you want to allow users to override folder location.

Type

dDocType

EDIT

Recommend EDIT to allow for end user document type selection.

Profile

xIdcProfile

INFO

Used to store profile that is associated with the content file. Do not set this field to Edit.

Revision

dRevLabel

INFO

Recommend setting it to INFO. Oracle Content Server auto-assigns the edit revision number.

Security Group

dSecurityGroup

INFO

Recommend setting it to INFO. WebCenter Spaces auto-assigns this value.

Account

dDocAccount

EDIT

Although Spaces auto-assigns this value, it is recommended that this field is editable or hidden to avoid errors.

WorkflowAssignment

xWCWorkflowAssignement

INFO

Must be set to INFO. Spaces manages this value.

WorkflowApprover

xWCWorkflowApproverUserList

INFO

Must be set to INFO. Spaces manages this value.

Web Site Object Type

xWebsiteObjectType

INFO

Must be set to INFO, or it should be hidden. Used by Content Presenter during SiteStudio contributor data file creation.

Region Definition

xRegionDefinition

INFO

Must be set to INFO, or it should be hidden only. Used by Content Presenter during SiteStudio contributor data file creation.

Tags

xWCTags

INFO

Recommend setting it to INFO. Spaces manages this value.

Page ID

xWCPageID

INFO

Recommend setting it to INFO. Spaces manages this value.


11.2.3.2 Configuring Oracle Content Server 11g to Support Item Level Security in All WebCenter Applications

This section includes the following sections:

11.2.3.2.1 What You Should Know About Item Level Security

Oracle WebCenter allows custom permissions to be set on a file or a folder. This feature is referred to as Item level Security (ILS). Once configured, the feature can be accessed from the File menu > Security option when viewing a file or folder (See Section 34.6.1, "Managing Content").

Note:

In WebCenter Spaces, using ILS as the primary security mechanism for a Space may become difficult to administer when the number of users grow. Moreover, ILS may not be as efficient as the Space security model. Therefore, Oracle recommends using ILS only to define security for the documents or folders that do not fit within the Space security model. For example, documents and folders to which only a restricted set of users have access. For information about security, see the section "Managing Roles and Permissions for a Space" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

ILS can be used to replace the existing file or folder security with a custom set of permissions.

  • When applied to a file, the custom permissions affect only that file.

  • When applied to a folder, the updated security is propagated to all child files and folders recursively, stopping when a folder is encountered with its own custom permissions. The propagation does not affect a file with its own custom permissions, if already set.

Note:

ILS cannot be applied to the root folder of a Space in the WebCenter Spaces application. This is so that the Space's security can be correctly restored on a file or folder when its item level security is removed.

Within the Oracle Content Server, ILS is implemented as a combination of ACL, account, and other metadata field settings. Oracle Content Server must be correctly configured to enable ILS. See, Section 11.2.3.2, "Configuring Oracle Content Server 11g to Support Item Level Security in All WebCenter Applications" and Section 11.2.3.3, "Configuring Security Between Oracle Content Server 11g and WebCenter Portal Applications."

What Happens in Oracle Content Server on Setting Custom Permissions The following occurs in Oracle Content Server on setting custom permissions for a file or folder from the Item Level Security dialog:

  • The account is changed to account WCILS/original_account.

    All users are by default granted RWDA on account WCILS. Changing the account to WCILS/original_account ensures that only the custom permissions determine the security on the content.

  • The ACL content metadata fields, xClbraUserList and xClbraRoleList are updated with the custom permissions.

  • The content metadata field, xInhibitUpdate is set to true, to prevent ILS from overwriting an item's own custom security with a parent folder's custom permissions.

What Happens in Oracle Content Server on Removing Custom Permissions Removing custom permissions from a folder or file attempts to revert the security on that item to the security set on the item's parent folder. When you remove custom permissions, the following changes take place within Oracle Content Server:

  • The item's account is changed to be the account of its parent folder.

  • The item's ACL content metadata fields, xClbraUserList and xClbraRoleList are cleared.

  • The content metadata field, xInhibitUpdate is set to false.

These changes are propagated in the same way as when the item level security is set.

Prerequisites for Using Item Level Security in a WebCenter Portal Applications For a WebCenter Portal application, the Item Level Security (ILS) feature is supported only if the application's Oracle Content Server security configuration meets certain prerequisities. In most scenarios ILS is not required, and therefore, it should not be enabled unless explicitly needed. Typical reasons for using ILS are application situations when the Oracle Content Server security models need to be overridden or supplemented to handle exception cases to security policies for individual users or groups of users, on a per document basis. Please be aware that there are performance impacts and additional administrative overhead when using ILS.

Note:

Oracle recommends using the Oracle Content Server security because it is efficient and scales easily for a large number of users and content objects compared with item level security. From an administrative perspective, Oracle Content Server's security is also easier to maintain. For information about configuring the security, see Section 11.2.3.3, "Configuring Security Between Oracle Content Server 11g and WebCenter Portal Applications."

The following are the Oracle Content Server security ILS prerequisites for a WebCenter Portal application:

  • Security is based on Oracle Content Server Accounts alone.

    Since all content must also have a security group, this means all application users must have RWD permissions granted to the application's security group. This is necessary because of how ILS works, that is, on setting the custom permissions, the account automatically changes to WCILS/original_account, which is an account all users have RWDA granted to. This is so that the custom permissions alone determine the security on the document or folder.

  • The content metadata field, xForceFolderSecurity is set to true for the entire application content. That is, Folder security settings are enforced on child folders and documents. This is necessary to support the propagation of custom permissions.

11.2.3.2.2 How to Configure Item Level Security

To configure Item Level Security (ILS):

  1. Log on to your Oracle Content Server instance.

  2. From the Administration menu, choose Admin Server to open Component Manager.

  3. In the Component Manager section, click the Advanced Component Manager link.

  4. In the Advanced Component Manager page, scroll down to the Disabled Components list, select RoleEntityACL, as shown in Figure 11-7, and then click Enable.

    Figure 11-7 Advanced Component Manager - RoleEntityACL Component

    Description of Figure 11-7 follows
    Description of "Figure 11-7 Advanced Component Manager - RoleEntityACL Component"

  5. From the Options pane on left, select General Configuration.

  6. Under the General Configuration page, in the Additional Configuration Variables box, add the following parameters:

    UseEntitySecurity=1
    SpecialAuthGroups=PersonalSpaces,applicationName
    

    where:

    SpecialAuthGroups is a comma separated list (no spaces allowed between values) of security groups. The ILS option is enabled only on content in these security groups.

    For WebCenter Spaces, the name of the application, in which all Space content is created, defines the name of a security group. You can find the application name using either Fusion Middleware Control or WLST.

    In Fusion Middleware Control, the application name is displayed as part of the Oracle Content Server default connection in the WebCenter Spaces connections.

    In WLST, the application name is shown using the listDocumentsSpacesProperties command, for example:

    listDocumentsSpacesProperties('webcenter')
    
    The Documents Spaces container is "/myspacesroot"
    The Documents repository administrator is "weblogic"
    The Documents application name is "myspacesapp" <- applicationName
    The Documents primary connection is "myucm"
    

    For WebCenter Portal applications, the applicationName is the name of the security group in which content is created.

  7. Restart Oracle Content Server.

11.2.3.2.3 How to Configure Additional Settings for WebCenter Portal Applications

For a WebCenter Portal application, in addition to the steps described in Section 11.2.3.2.2, "How to Configure Item Level Security", ensure that all users by default are granted RWDA on the WCILS account. To do this, use the SET_DEFAULT_ATTRIBUTES service. For information about the SET_DEFAULT_ATTRIBUTES service, see the section "SET_DEFAULT_ATTRIBUTES" in Oracle Fusion Middleware Services Reference Guide for Universal Content Management.

To run the SET_DEFAULT_ATTRIBUTES service through a browser:

  1. From a browser, log into Oracle Content Server as an administrative user.

  2. View the source for the page, and find the value of the idcToken.

  3. While in the same browser window, enter the URL in the format:

    http://host:port/cs/idcplg?IdcService=SET_DEFAULT_ATTRIBUTES&dECPropSubKey=<Security Group>&dDefAttribs=account,WCILS,15&idcToken=<idcToken>&IsSoap=1
    

    For example:

    http://myhost.com:4444/cs/idcplg?IdcService=SET_DEFAULT_ATTRIBUTES&dECPropSubKey=Custom&dDefAttribs=account,WCILS,15&idcToken=1291297336399:6E324367FC9D2F8BE525F4CEBF4463FC&IsSoap=1
    

11.2.3.3 Configuring Security Between Oracle Content Server 11g and WebCenter Portal Applications

To configure Oracle Content Server 11g to work with a WebCenter Portal application, you must first set up content security and users in a development environment and then migrate them to a production environment. For detailed information about security, see also the chapter "Managing Security and User Access" in Oracle Fusion Middleware System Administrator's Guide for Universal Content Management.

This section describes the following mandatory steps:

The procedures described in this section apply to the Documents service (including wikis and blogs) and Content Presenter.

11.2.3.3.1 How to Create a Security Group using the Oracle Content Server Console

To create a security group:

  1. Log into the Oracle Content Server Console as an administrator.

  2. From the Administration menu, choose Admin Applets.

  3. On the Administration Applet page, click User Admin to display the User Admin dialog.

  4. From the Security menu, choose Permissions by Group.

  5. In the Permission By Group dialog, click Add Group.

  6. In the Add New Group dialog, enter a group name, for example, WikiBlog.

  7. Click OK.

This security group will be assigned to the Security folder that you will create in the next section.

11.2.3.3.2 How to Create a Folder using the Oracle Content Server Console

To create a folder:

  1. Log into the Oracle Content Server Console as an administrator.

  2. From the Browse Content menu, choose Contribution Folders to display the root directory in which you will create a folder.

  3. On the Contribution Folders page, from the New Item menu, choose New Folder to display the Hierarchy Folder Configuration page.

  4. In the Virtual Folder Name field, enter a meaningful name, for example WikiBlog.

  5. Under the Folder Information section, in the Title field, enter a meaningful title, for example, WikiBlog.

  6. From the Security Group dropdown, select WikiBlog that you created as described in Section 11.2.3.3.1, "How to Create a Security Group using the Oracle Content Server Console".

    All items in this folder will inherit the security from this security group.

    Figure 11-8 Folder and Security Group

    Description of Figure 11-8 follows
    Description of "Figure 11-8 Folder and Security Group"

  7. Click Save.

11.2.3.3.3 How to Create Roles using the Oracle Content Server Console

To create roles:

  1. Log into the Oracle Content Server Console as an administrator.

  2. From the Administration menu, choose Admin Applets.

  3. On the Administration Applet page, click User Admin to display the User Admin dialog.

  4. From the Security menu, choose Permissions by Role.

  5. In the Permission By Group dialog, click Add New Role.

  6. In the Add New Role dialog, enter a name, for example, WikiBlog.

  7. Click OK. This displays the Permission By Role dialog.

  8. In the Groups/Rights column, select the security group that you created earlier (for example, WikiBlog), as described in Section 11.2.3.3.1, "How to Create a Security Group using the Oracle Content Server Console."

  9. Click Edit Permissions.

  10. In the Edit Permissions dialog, select all checkboxes: Read, Write, Delete, and Admin, and click OK.

    The RWDA access is enabled, as shown in Figure 11-9.

    Figure 11-9 RWDA Permissions

    Description of Figure 11-9 follows
    Description of "Figure 11-9 RWDA Permissions"

  11. Create another role, for example WikiBlogRO, by performing steps 4 to 7.

  12. Enable the Read permission for this role by following steps 8 to 10 and selecting the Read checkbox in the Edit Permissions dialog.

11.2.3.3.4 How to Create Roles (Groups) using the Fusion Middleware Control Console

In this section you will create two roles: a role with read access and another role with full (read, write, delete, administer) access.

To create roles (groups):

  1. Log into the Fusion Middleware Control Console as an administrator.

  2. Under Domain Structure, click Security Realms.

  3. In the table under the Summary of Security Realms section, click myrealm, for example.

    IMPORTANT: myrealm uses the integrated LDAP that ships with Oracle WebCenter. For your enterprise implementation there may be a different LDAP, and therefore, you must use that instead of this integrated LDAP.

  4. Select the Users and Groups tab and then the Groups subtab.

  5. Under the Groups section, click New to display the Create a New Group section.

  6. In the Name field, enter the name of the role to which you granted full access in Oracle Content Server (for example, WikiBlog), as described in Section 11.2.3.3.3, "How to Create Roles using the Oracle Content Server Console", and click OK.

  7. Create a role or group with the read permission (for example, WikiBlogRO) by performing steps 5 and 6. The name of this role must match that you specified in Oracle Content Server, as described in Section 11.2.3.3.3, "How to Create Roles using the Oracle Content Server Console."

11.2.3.3.5 How to Create Users using the Fusion Middleware Control Console

In this section you will create two users: a user for the read role and another for the full access (read, write, delete, administer) role.

To create users:

  1. Log into the Fusion Middleware Control Console as an administrator.

  2. Under Domain Structure, click Security Realms.

  3. In the table under the Summary of Security Realms section, click myrealm, the built-in realm that works with the integrated LDAP.

  4. Select the Users and Groups tab and then the Users subtab.

  5. Under the Users section, click New to display the Create a New User section.

  6. In the Name field, specify a name, for example Joe.

  7. In the Password field, specify a password.

  8. In the Confirm Password field, enter the password again, and then click OK.

  9. Create another user by performing steps 4 to 8.

11.2.3.3.6 How to Grant a Role to a User using the Fusion Middleware Control Console

In this section you will grant the roles you created in Section 11.2.3.3.4, "How to Create Roles (Groups) using the Fusion Middleware Control Console" to the users you created in Section 11.2.3.3.5, "How to Create Users using the Fusion Middleware Control Console".

To grant a role to a user:

  1. Log into the Fusion Middleware Control Console as an administrator.

  2. Under Domain Structure, click Security Realms.

  3. In the table under the Summary of Security Realms section, click myrealm, the built-in realm that works with the integrated LDAP.

  4. Select the Users and Groups tab and then the Users subtab.

  5. In the table under the Users section, click the name of the user you created in Section 11.2.3.3.5, "How to Create Users using the Fusion Middleware Control Console", to display the settings section.

  6. Select the Groups tab.

  7. Under Parent Groups, in the Available column, select the role with the read permission (for example, WikiBlogRO) that you created in Section 11.2.3.3.4, "How to Create Roles (Groups) using the Fusion Middleware Control Console".

  8. Move this role to the Chosen column and click Save.

  9. Repeat steps 5 to 8 and grant the role with the full access permission to another user you created.

11.2.3.3.7 How to Migrate Security to a Production Environment

For information about migrating security from a development environment to a production environment, see Section 27.2.5, "Post-deployment Security Configuration Tasks."

11.2.4 Oracle Content Server - Security Considerations

Please consider the following while configuring security for Oracle Content Server:

11.2.5 Oracle Content Server - Limitations in WebCenter

None.

11.3 Microsoft SharePoint Prerequisites

If you want to access a Microsoft SharePoint content repository from a WebCenter Portal application, you must install the Oracle WebCenter adapter for Microsoft Sharepoint.The Oracle WebCenter adapter for Microsoft SharePoint supports the following features:

  • Reading content and metadata from the Microsoft SharePoint repository

  • Writing files and folders to the SharePoint document libraries

  • Running queries on the Microsoft SharePoint system

  • Enabling SharePoint security settings for the accessed content by leveraging native Microsoft SharePoint authentication and authorization

All features are implemented using native Microsoft SharePoint web services as the interface to Microsoft SharePoint content and services.

This section discusses prerequisites for connecting WebCenter Portal applications to Microsoft SharePoint:

Note:

To enable Microsoft SharePoint connections in WebCenter Spaces, read the whitepaper "Integrating the SharePoint 2007 Adapter with WebCenter Spaces" available from Oracle Technology Network at http://www.oracle.com/technetwork/middleware/webcenter/overview/index.html.

11.3.1 Microsoft SharePoint - Installation

This section includes the following:

11.3.1.1 What You Should Know About Microsoft SharePoint Server Installation

Oracle WebCenter supports the following Microsoft SharePoint versions:

  • Microsoft Office SharePoint Server (MOSS) 2007 SP2

  • Microsoft Windows SharePoint Services (WSS) version 3 SP2

Note:

A Microsoft SharePoint site configured for anonymous access is not supported by the adapter.

Refer to the appropriate Microsoft SharePoint documentation for installation information.

Oracle WebCenter supports the following Microsoft SharePoint 2007 Document Library version settings:

  • Require Check Out: No

  • Content Approval: No

  • Document Version History: No versioning

If any other version settings are configured, Oracle WebCenter adapter for Microsoft SharePoint does not function correctly. For example, if Require CheckOut is set to yes, upload operations fail. Similarly, if document version history or content approval is enabled, new versions or documents have restricted visibility.

11.3.1.2 Installing Oracle WebCenter Adapter for Microsoft SharePoint

The files for Oracle WebCenter adapter for Microsoft SharePoint are located in the Oracle WebCenter Companion DVD in the ofm_wc_generic_jcr_sharepoint_adapter_11.1.1.4.0.zip file. When you extract this ZIP file to a temporary location, you will find the adapter files in the TEMP_LOCATION/WebCenter/services/content/adapters directory.

Before You Begin:

WebCenter adapter for Microsoft SharePoint must be installed in the same managed server as your WebCenter Portal application. If you have not done so already, create a managed server suitable for WebCenter Portal application deployments as described in Section 7.1.4, "Creating a Managed Server" and Section 7.1.5, "Creating and Registering the Metadata Service Repository."

To install WebCenter adapter for Microsoft SharePoint for a WebCenter Portal application:

  1. Log in to the WLS Administration Console.

    For information on logging into the WLS Administration Console, see Section 1.13.2, "Oracle WebLogic Server Administration Console."

  2. Navigate to the WLS Administration Console's Home page.

  3. From the Domain Structure pane, click Deployments.

  4. In the Summary of Deployments section, under Control, click Install.

  5. In Install Application Assistant, in Note, click the upload your file(s) link in the body of the text.

  6. Click Browse next to Deployment Archive, select the oracle.webcenter.content.jcr.sharepoint.ear file from the TEMP_LOCATION/WebCenter/services/content/adapters directory. This is the temporary directory in which you extracted the contents of the ofm_wc_generic_jcr_sharepoint_adapter_11.1.1.4.0.zip file from the Oracle WebCenter Companion DVD. Click Next.

  7. After you see the message that the EAR file has been uploaded successfully, as shown in Figure 11-10, click Next.

    Figure 11-10 Install Application Assistant

    Description of Figure 11-10 follows
    Description of "Figure 11-10 Install Application Assistant"

  8. Select Install this deployment as a library, if not already selected, and click Next.

  9. In Select deployment targets, select the managed server on which the WebCenter Portal application will be deployed. This must be a custom managed server (based on the Custom Portal template), not one of WebCenter's out-of-the-box managed servers. For details, see the section "Using Templates to Create Custom Managed Servers" in Oracle Fusion Middleware Installation Guide for Oracle WebCenter.

  10. Click Next.

  11. In Optional Settings, accept the defaults and click Finish.

11.3.1.3 Installing WLST Command Scripts for Managing Microsoft SharePoint Connections

  1. Extract the files DocLibSharePointWLST.py and DocLibGenericWLST.py from the ofm_wc_generic_jcr_sharepoint_adapter_11.1.1.4.0.zip file located in the Oracle WebCenter Companion DVD. These files are in the /WebCenter/services/content/adapters directory.

  2. Copy the extracted DocLibSharePointWLST.py and DocLibGenericWLST.py files and paste them in the ORACLE_HOME/common/wlst directory.

  3. To run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands."

For information about managing connections using WLST, see Section 11.13, "Managing Microsoft SharePoint Connections Using WLST."

11.3.2 Microsoft SharePoint - Configuration

You must perform the following tasks to enable Microsoft SharePoint connections in WebCenter Portal applications:

  1. Install Oracle WebCenter adapter for Microsoft SharePoint in the same managed server where you plan to deploy your WebCenter Portal application.

  2. In JDeveloper, configure a connection to your Microsoft SharePoint repository. This must be an application connection created in Application Resources in the Application Navigator.

  3. (Optional) In JDeveloper, include a Documents task flow that uses the Microsoft SharePoint repository connection.

  4. Deploy your WebCenter Portal application.

    After deployment, you can access the Microsoft SharePoint repository that you configured in JDeveloper from your WebCenter Portal application.

  5. (Optional) Reconfigure Microsoft SharePoint connection details postdeployment, if required.

    1. Install WLST command scripts for managing Microsoft SharePoint connections postdeployment.

    2. Modify the existing connection details (setJCRSharePointConnection) or create a new Microsoft SharePoint repository connection (createJCRSharePointConnection).

    Note:

    To enable Microsoft SharePoint connections in WebCenter Spaces, read the whitepaper "Integrating the SharePoint 2007 Adapter with WebCenter Spaces" available from Oracle Technology Network at http://www.oracle.com/technetwork/middleware/webcenter/overview/index.html.

11.3.3 Microsoft SharePoint - Security Considerations

Authentication through identity propagation is not supported on Microsoft SharePoint connections. However, you can use an external application to authenticate users against the Microsoft SharePoint repository. Use the WLST argument extAppId to specify the external application to use. For details, see Section 11.13.1, "createJCRSharePointConnection."

11.3.4 Microsoft SharePoint - Limitations in WebCenter

WebCenter Spaces does not support Microsoft SharePoint as the primary document store, and therefore, you must use Oracle Universal Content Management (UCM) instead.

11.4 Oracle Portal Prerequisites

This section discusses the prerequisites for an Oracle Portal content repository in the following subsections:

11.4.1 Oracle Portal - Installation

For information on installing Oracle Portal, see Oracle Fusion Middleware Installation Guide for Oracle Portal, Forms, Reports and Discoverer.

11.4.2 Oracle Portal - Configuration

Oracle Portal must be up-to-date with all the latest patches. For additional information about patches, see the product release notes. See also Oracle Fusion Middleware Administrator's Guide for Oracle Portal.

11.4.3 Oracle Portal - Security Considerations

None.

11.4.4 Oracle Portal - Limitations in WebCenter

Oracle Portal integration with Oracle WebCenter is read-only. It is not possible to create content in the portal from Oracle WebCenter.

You can expose Oracle Portal pages in WebCenter through the Federated Portal Adapter by publishing them as portlets in Oracle Portal. The following are not returned by the Federated Portal Adapter, and thus are not visible in Oracle WebCenter:

  • Seeded page groups:

    • Oracle Portal repository.

    • Oracle Portal design-time pages.

  • Pages of the following types:

    • Mobile.

    • URL.

    • Navigation pages.

  • Items of the following types:

    • Navigation items.

    • PLSQL items.

    • Portlet.

    • Portlet instance.

    • URL items.

    • Mobile items.

    • Page links.

    • Item links.

  • Items defined as:

    • Expired.

    • Hidden.

11.5 File System Prerequisites

This section discusses the prerequisites for a file system content repository in the following subsections:

Caution:

File system connections must not be used in production or enterprise application deployments. This feature is provided for development purposes only. Connections created through the file system adapter can be used during the development of WebCenter Portal applications using Oracle JDeveloper.

WebCenter Spaces applications do not support file system connections.

11.5.1 File System - Security Considerations

All operations are executed as the system user under which the JVM is running and therefore inherit its permissions.

11.5.2 File System - Limitations in WebCenter

File system connections must not be used in production or enterprise application deployments, and search capabilities are limited and slow due to the absence of an index. This feature is provided for development purposes only.

11.6 Registering Content Repositories

This section contains the following subsections:

11.6.1 What You Should Know About Registering Content Repositories for WebCenter Spaces

Consider the following when registering Oracle Content Server repositories for WebCenter Spaces:

  • At start up, WebCenter Spaces creates seed data (if it does not already exist) in the primary/active/default repository for WebCenter Spaces.

  • For WebCenter Spaces, an Oracle Content Server repository connection must always be provided as a primary connection, even if another repository such as Microsoft SharePoint is made available.

  • A user name with administrative rights for the Oracle Content Server instance is required (Content Administrator). This user will be used to create and maintain folders for WebCenter Spaces content and manage content access rights. The default content administrator is sysadmin.

    Administrative privileges are required for this connection so that operations can be performed on behalf of WebCenter users.

  • Root Folder and Application Name values:

    • Oracle does not recommend changing the Root Folder and Application Name values. However, if you change the Root Folder value after configuring and running WebCenter Spaces, then you must also change the Application Name value, and vice versa. That is, you must change both values (Root Folder and Application Name) to unique values if the WebCenter Spaces application already contains the seed data.

      When you change these values, the existing seed data is not renamed in the Oracle Content Server repository. Instead, new seed data is created using the new values, when you start the application. Once the application is started, new WebCenter Spaces data is created under the new Root Folder and existing data under the old Root Folder is no longer available. This means that the Documents service will now be disabled in Spaces where the Documents service was previously enabled, prior to changing the Root Folder.

      Note:

      Although the Root Folder and Application Name values change, the old root content repository folder still appears in search results, like any other root folder in Oracle Content Server.
    • For the active connection in WebCenter Spaces, the Root Folder and Application Name values are used to create the seed data in the WebCenter Spaces repository, to enable storage of the Space-related data.

    • The Root Folder value is used as the name for the root folder within the content repository under which all Spaces content is stored. For the Root Folder value, you must specify a content repository folder that does not yet exist. Use the format: /foldername. For example: /MyWebCenterSpaces. The Root Folder cannot be /, the root itself, and it must be unique across different WebCenter applications. The folder specified is created for you when the WebCenter application starts up. Invalid entries include: /, /foldername/, /foldername/subfolder.

    • The WebCenter Spaces application within this content repository must have a unique name. For example: MyWCS. The name must begin with an alphabetical character, followed by any combination of alphanumeric characters or the underscore character. The name specified here is also used to name document-related workflows, as follows: <applicationName><WorkflowName> and <applicationName><WorkflowStepName>. When naming workflows, only the first 14 characters of the Application Name are used.

      The Application Name value is used for the following:

      • To separate data when multiple WebCenter Spaces applications share the same content repository and should be unique across applications.

      • As the prefix to the seeded workflow and workflow steps.

      • The Application Name is also used as the prefix to the seeded workflow and workflow steps.

      • As the name of the security group.

      • As the prefix for the role (the name format is applicationNameUser)

      • To stripe users permissions on accounts for the particular WebCenter Spaces application.

      • To stripe default attributes for the particular WebCenter Spaces application.

      For information about security groups and roles, see Managing Security and User Access for Content Server. For information about folders, see Folders and WebDav Administration Guide. These guides are available at http://download.oracle.com/docs/cd/E10316_01/owc.htm.

11.6.2 Registering Content Repositories Using Fusion Middleware Control

To register an Oracle Content Server, Oracle Portal, and file system content repository:

  1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application:

  2. Do one of the following:

    • For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.

    • For WebCenter Portal applications - From the Application Deployment menu, choose WebCenter > Service Configuration.

  3. From the list of services on the WebCenter Service Configuration page, select Content Repository.

  4. To connect to a new content repository, click Add (Figure 11-11).

    Figure 11-11 Configuring Content Repository Connections

    Configuring a Content Repository
  5. Enter a unique name for this connection, specify the content repository type, and indicate whether this connection is the active (or default) connection for the application. See Table 11-4.

    Table 11-4 Manage Content Repository Connections

    Field Description

    Connection Name

    Enter a unique name for this content repository connection. The name must be unique (across all connection types) within the WebCenter application.

    Repository Type

    Choose the type of repository you want to connect to. Select one of the following:

    (WebCenter Spaces) If you are setting up the back-end content repository for WebCenter Spaces, that is, the repository used by WebCenter Spaces to store Space-related documents, you must select Oracle Content Server.

    Active Connection

    Select to make this the default or primary content repository for your WebCenter application.

    You can connect your WebCenter application to multiple content repositories; all connections are used. One connection must be designated the default (or active) connection. Do one of the following:

    • For WebCenter Spaces:

      Select to make this the active connection, that is, the back-end repository that WebCenter Spaces uses to store Space-related documents. The active connection must be to an Oracle Content Server.

      If this is the active connection for WebCenter Spaces, some additional configuration is required -- see Section 11.6.1, "What You Should Know About Registering Content Repositories for WebCenter Spaces."

    • For WebCenter Portal applications:

      Select to make this the active connection; that is, the default connection for Content Presenter, Document Manager, Document List Viewer, and Recent Documents task flows. When no specific connection details are provided for these task flows, this default (also called primary, active) connection is used.

    Deselecting this option does not disable the content repository connection. If a content repository is no longer required, you must delete the connection.


  6. (For the active connection in WebCenter Spaces only.) Enter additional details for the WebCenter Spaces repository. For information, see Section 11.6.1, "What You Should Know About Registering Content Repositories for WebCenter Spaces."

  7. Enter connection details for the content repository. For detailed parameter information, see:

    Table 11-5 Oracle Content Server Connection Parameters

    Field Description

    RIDC Socket Type

    Specify whether Oracle Content Server connects on the content server listener port or the Web server filter, and whether the listener port is SSL enabled. Choose from:

    • Socket - Uses an intradoc socket connection to connect to the Oracle Content Server. The client IP address must be added to the list of authorized addresses in the Oracle Content Server. In this case, the client is the machine on which Oracle WebCenter is running.

    • Socket SSL - Uses an intradoc socket connection to connect to the Oracle Content Server that is secured using the SSL protocol. The client's certificates must be imported in the server's trust store for the connection to be allowed. This is the most secure option, and the recommended option whenever identity propagation is required (for example, in WebCenter Spaces).

    • Web - Uses an HTTP(S) connection to connect to the Oracle Content Server.

    • JAX-WS - Uses an HTTP(S) connection to connect to the Oracle Content Server.

    For WebCenter Spaces, the Web option is not suitable for the active connection, that is, the back-end Oracle Content Server repository that is being used to store Space-related documents because it does not allow identity propagation.

    Server Host

    Enter the host name of the machine where the Oracle Content Server is running.

    For example: mycontentserver.mycompany.com

    Server Host is required when the RIDC Socket Type is set to Socket or Socket SSL.

    Server Port

    Enter the port on which the Oracle Content Server listens:

    • Socket - Port specified for the incoming provider in the server.

    • Socket SSL - Port specified for the sslincoming provider in the server.

    This property corresponds to the IntradocServerPort setting in the Content Server configuration file, which defaults to port 4444.

    Server Port is required when the RIDC Socket Type is set to Socket or Socket SSL.

    Web URL

    Enter the Web server URL for the Oracle Content Server.

    Use the format: http://hostname:portnumber/web_root/plugin_root

    For example: http://mycontentserver/cms/idcplg

    Web URL is applicable when the RIDC Socket Type is set to Web.

    Web Service URL

    Enter the Web service URL required to connect to Oracle Content Server when using the JAX-WS protocol.

    Use the format: http://hostname:port/web_root

    For example: http://myhost.com:9044/idcnativews

    Web Service URL is applicable when RIDC Socket Type is set to JAX-WS.

    Connection Timeout (ms)

    Specify the length of time allowed to log in to Oracle Content Server (in milliseconds) before issuing a connection timeout message. If no timeout is set, there is no time limit for the login operation.

    Authentication Method

    Choose from:

    • Identity Propagation - Oracle Content Server and the WebCenter application use the same identity store to authenticate users.

      (WebCenter Spaces) Identity propagation is required on the active connection for WebCenter Spaces, that is, for the content repository being used to store Space-related documents.

    • External Application - An external application authenticates users against the Oracle Content Server. Select this option if you want to use public, shared, or mapped credentials. See also, "Setting Security for the Documents Service" in the Oracle Fusion Middleware Developer's Guide for Oracle WebCenter.

    If an external application is used for authentication, use the Associated External Application drop down list to identify the application. If the application you want is not listed, select Create New to define the external application now.

    Web Server Context Root

    Enter the Web server context root for Oracle Content Server. Use the format /<context_root>. For example, /cs.

    When specified, several Oracle Universal Content Management (UCM) features based on iFrame are available in the WebCenter application. This includes:

    • Associating a content profile with files when uploading new or updated files to Oracle Content Server.

      For more information, see "Uploading New Files" and "Uploading a New Version of an Existing File" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

    • Using the document review functionality available in Oracle AutoVue.

      For more information, see "Reviewing and Collaborating on Documents Using AutoVue" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

    • Editing advanced document properties.

      For more information, see "Working with File Properties" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

    • Viewing folder and file workflow details.

      For more information, see “Viewing Workflow Assignments" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

    • Previewing files in a slide viewer.

      For more information, see "Opening a File" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

    • Site Studio integration

      Without OHS (and WebContextRoot configuration), it is still possible to create or edit Site Studio content from within Content Presenter, but the create and edit actions launch new browser windows (or tabs) rather than opening within the Content Presenter task flow. For more information, see "Using Content Presenter to Create or Edit Oracle Site Studio Content" in Oracle Fusion Middleware User's Guide for Oracle WebCenter.

    The Web Server Context Root property is only applicable when the Authentication Method is set to Identity Propagation.

    Note: Specifying the Web Server Context Root is an indicator that the WebCenter application is front-ended by OHS. If you specify the Web Server Context Root and do not connect through OHS, a 404 error occurs while you attempt to edit the advanced metadata in the Document Viewer, upload using a profile, or click Details for a content item in a workflow in a Space. For information about setting up OHS to front-end WebCenter applications, see Appendix B, "Oracle HTTP Server Configuration for WebCenter".

    If your WebCenter application is connected to multiple UCM servers, Oracle recommends that each UCM server has a unique Web Server Context Root so that OHS re-direction works correctly.

    Associated External Application

    Select the external application used to authenticate users against the Oracle Content Server.

    Associated External Application is applicable when RIDC Socket Type is set to Web and also when the RIDC Socket Type is Socket or Socket SSL (with Authentication Method set to External Application).

    Client Security Policy

    Enter the client security policy to be used when the RIDC Socket Type is JAX-WS. For example: oracle/wss11_saml_token_with_message_protection_service_policy

    Leave this field blank if your environment supports Global Policy Attachments (GPA).

    Administrator User Name

    Enter a user name with administrative rights for this Oracle Content Server instance. This user will be used to fetch content type information based on profiles and track document changes for cache invalidation purpose.

    Defaults to sysadmin.

    Administrator Password

    Enter the password for the Oracle Content Server administrator.

    Key Store Location

    Specify the location of key store that contains the private key used to sign the security assertions. The key store location must be an absolute path.

    For example: D:\keys\keystore.xyz

    Key Store Location is required when the RIDC Socket Type is set to Socket SSL.

    Key Store Password

    Enter the password required to access the keystore.

    For example: T0PS3CR3T

    Key Store Password is required when the RIDC Socket Type is set to Socket SSL.

    Private Key Alias

    Enter the client private key alias in the keystore. The key is used to sign messages to the server. The public key corresponding to this private key must be imported in the server keystore.

    Ensure that the alias does not contain special characters or white space. For example: enigma

    Private Key Alias is required when the RIDC Socket Type is set to Socket SSL.

    Private Key Password

    Enter the password to be used with the private key alias in the key store.

    For example: c0d3bR3ak3R

    Private Key Password is required when the RIDC Socket Type is set to Socket SSL.


    Table 11-6 Connection Details - Oracle Content Server - Cache Details

    Element Description

    Cache Invalidation Interval (minutes)

    Specify the frequency between checks for external Oracle Content Server content changes (in minutes). WebCenter automatically clears items that have changed from the cache.

    The default is 0 which means that cache invalidation is disabled.

    The minimum interval is 2 minutes.

    Maximum Cached Document Size (bytes)

    Enter a maximum cacheable size (in bytes) for Oracle Content Server binary documents. Documents larger than this size are not cached by WebCenter.

    The default is 102400 bytes (100K).

    Tune this value based on your machine's memory configuration and the types of binary documents that you expect to cache.


    Table 11-7 Oracle Portal Connection Parameters

    Field Description

    Data Source Name

    Enter the JNDI DataSource location used to connect to the portal.

    For example: jdbc/MyPortalDS

    The datasource must be on the server where the WebCenter application is deployed.

    Connection Timeout (ms)

    Specify the length of time allowed to log in to Oracle Portal (in milliseconds) before issuing a connection timeout message. If no timeout is set, there is no time limit for the login operation.

    Authentication Method

    Specify how to authenticate users against Oracle Portal. Choose from:

    • Identity Propagation - Select this option when the WebCenter application and Oracle Portal both use the same user identity store.

    • External Application - Use an external application to authenticate users against Oracle Portal. Select this option if you want to use public, shared, or mapped credentials.

    If an external application is used for authentication, use the Associated External Application dropdown list to identify the application.

    Associated External Application

    Associate Oracle Portal with an external application. External application credential information is used to authenticate Oracle Portal users.You can select an existing external application from the dropdown list, or click Create New to configure a new external application now.


    Table 11-8 File System Connection Parameters

    Field Description

    Base Path

    Enter the full path to a folder on a local file system in which your content is placed. For example: C:\MyContent

    Caution: File system content must not be used in production or enterprise application deployments. This feature is provided for development purposes only.


  8. Click OK to save this connection.

  9. Click Test to verify if the connection you created works. For a successful connection, the Test Status message displays the advice that to start using the new (active) connection, you must restart the managed server on which the WebCenter application is deployed.

The registered connections are now available to Documents service and Content Presenter task flows, which you can add to pages in WebCenter Spaces or WebCenter Portal applications. See also, "Working with the Documents Service" in the Oracle Fusion Middleware User's Guide for Oracle WebCenter.

11.6.3 Registering Content Repositories Using WLST

Use the following WLST commands to register new content repository connections:

For command syntax and examples, see the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

To configure a particular connection as the default connection, set isPrimary='1'. See Section 11.7, "Changing the Active (or Default) Content Repository Connection".

For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands".

Note:

To start using the new (active) connection you must restart the managed server on which the WebCenter application is deployed. See "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.

11.7 Changing the Active (or Default) Content Repository Connection

WebCenter applications support multiple content repository connections but only one content repository connection can be designated the active (or default) connection.

In WebCenter Spaces, the active connection becomes the default back-end repository for Space and Home Space documents and the repository must be an Oracle Content Server. The active connection is also used as the default connection for the Documents service and Content Presenter task flows.

For other WebCenter applications, the active connection becomes the default connection for Content Presenter, Document Manager, Document List Viewer, and Recent Documents, and so on. When no specific connection details are provided for these task flows, the default (active) connection is used.

This section contains the following subsections:

11.7.1 Changing the Active (or Default) Content Repository Connection Using Fusion Middleware Control

To change the active (or default) content repository connection:

  1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application:

  2. Do one of the following:

    • For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.

    • For WebCenter Portal applications - From the Application Deployment menu, choose WebCenter > Service Configuration.

  3. From the list of services on the WebCenter Services Configuration page, select Content Repository.

    The Manage Content Repository Connections table indicates the current active connection (if any).

  4. Select the connection you want to become the active (or default) connection, and then click Edit.

  5. Select the Active Connection checkbox.

  6. Click OK to update the connection.

  7. Click Test to verify if the connection you activated works. For a successfully activated connection, the Test Status message displays the advice that to start using the updated connection you must restart the managed server on which the WebCenter application is deployed.

11.7.2 Changing the Active (or Default) Content Repository Connection Using WLST

Use the following WLST commands with isPrimary='1' to designate an existing content repository connection as the default connection:

For command syntax and examples, see the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

To subsequently disable a default content repository connection, run the same WLST command with isPrimary='false'. Connection details are retained but the connection is no longer named as the primary connection in adf-config.xml.

For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands".

Note:

To start using the new (active) connection you must restart the managed server on which the WebCenter application is deployed. See, "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.

11.8 Modifying Content Repository Connection Details

This section contains the following subsections:

11.8.1 Modifying Content Repository Connection Details Using Fusion Middleware Control

To update content repository connection details:

  1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application:

  2. Do one of the following:

    • For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.

    • For WebCenter Portal applications - From the Application Deployment menu, choose WebCenter > Service Configuration.

  3. From the list of services on the WebCenter Services Configuration page, choose Content Repository.

  4. Select the connection name, and click Edit.

  5. Edit connection details, as required. For detailed parameter information, see:

  6. Click OK to save your changes.

  7. Click Test to verify if the updated connection works. For a successfully updated connection, the Test Status message displays the advice that to start using the updated connection, you must restart the managed server on which the WebCenter application is deployed.

11.8.2 Modifying Content Repository Connection Details Using WLST

Use the following WLST commands to edit content repository connections:

For command syntax and examples, see the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

To configure a particular connection as the active (or default) connection, set isPrimary='1'. See Section 11.7, "Changing the Active (or Default) Content Repository Connection".

For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands".

Note:

To start using the updated (active) connection details, you must restart the managed server on which the WebCenter application is deployed. See "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.

11.8.3 Modifying Cache Settings for Content Presenter

The content management code for Content Presenter, the Content Management Interoperability Services (CMIS) REST APIs, and so on, are shipped out of the box with local (in-memory) caches. This code does not use Coherence. You can enable Coherence for caches in the content-coherence-cache-config.xml file. For WebCenter Spaces this file is stored in the ORACLE_HOME/user_projects/applications/wc_domain/custom.webcenter.spaces.fwk/APP-INF/classes/ directory. For WebCenter Portal applications, developers must create the content-coherence-cache-config.xml file in the application (EAR) classpath or server's system classpath.

A sample Coherence configuration file, as shown in Example 11-1, is provided within the content-app-lib.ear file. This EAR file is located at: ORACLE_HOME/as11gr1wc/webcenter/modules/oracle.webcenter.content.integration_11.1.1/content-app-lib.ear). The sample file location is: /content-app-lib.ear/APP-INF/classes/sample-content-coherence-cache-config.xml file. You can copy this file and rename it to content-coherence-cache-config.xml, and then set the values to meet customer's deployment needs. Table 11-9 describes the cache entries in this file.

Example 11-1 Sample Coherence Configuration File

<!DOCTYPE cache-config SYSTEM "cache-config.dtd">
<cache-config>
  <caching-scheme-mapping>
    <cache-mapping>
      <cache-name>repo.ucm.nodeUidCache.*</cache-name>
      <scheme-name>ContentNodeCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name>repo.ucm.nodePathToUidCache.*</cache-name>
      <scheme-name>ContentNodeCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name>repo.ucm.securityInfoCache.*</cache-name>
      <scheme-name>ContentNodeCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name>repo.ucm.typeNameCache.*</cache-name>
      <scheme-name>ContentTypeCaches</scheme-name>
    </cache-mapping>
   <cache-mapping>
      <cache-name>repo.ucm.typeNamesCache.*</cache-name>
      <scheme-name>ContentTypeCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name>binaryCache.*</cache-name>
      <scheme-name>ContentBinaryCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name>repo.ucm.searchCriteriaCache.*</cache-name>
      <scheme-name>ContentSearchCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name> repo.ucm.indexedFieldsCache.*</cache-name>
      <scheme-name>ContentSearchCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name>repo.ucm.securityUserCache.*</cache-name>
      <scheme-name>ContentSecurityCaches</scheme-name>
    </cache-mapping>
    <cache-mapping>
      <cache-name>repo.ucm.profileTriggerValueCache.*</cache-name>
      <scheme-name>ContentProfileCaches</scheme-name>
    </cache-mapping>
  </caching-scheme-mapping>
  <caching-schemes>
<!--    The following schemes are all local.  For a clustered deployment,
    a distributed, replcated, or other clustered scheme is recommended.
    See Coherence documentation for more information.
    -->
    <local-scheme>
      <scheme-name>ContentNodeCaches</scheme-name>
      <expiry-delay>1m</expiry-delay>
      <high-units>100</high-units>
    </local-scheme>
    <local-scheme>
      <scheme-name>ContentTypeCaches</scheme-name>
      <expiry-delay>30m</expiry-delay>
      <high-units>50</high-units>
    </local-scheme>
    <local-scheme>
      <scheme-name>ContentBinaryCaches</scheme-name>
      <expiry-delay>1m</expiry-delay>
      <high-units>100000</high-units>
      <unit-calculator>
        <class-scheme>
          <class-name>com.tangosol.net.cache.SimpleMemoryCalculator</class-name>
        </class-scheme>
      </unit-calculator>
    </local-scheme>
    <local-scheme>
      <scheme-name>ContentSearchCaches</scheme-name>
      <expiry-delay>5m</expiry-delay>
      <high-units>50</high-units>
    </local-scheme>
   <local-scheme>
      <scheme-name>ContentSecurityCaches</scheme-name>
      <expiry-delay>10m</expiry-delay>
      <high-units>50</high-units>
    </local-scheme>
   <local-scheme>
      <scheme-name>ContentProfileCaches</scheme-name>
      <expiry-delay>1h</expiry-delay>
      <high-units>100</high-units>
    </local-scheme>
    <!--
    <class-scheme>
      <scheme-name>ContentDisabledCaches</scheme-name>
      <class-name>com.tangosol.util.NullImplementation$NullMap</class-name>
    </class-scheme>
    -->
  </caching-schemes>
</cache-config>

Table 11-9 Cache Entries in content-coherence-cache-config.xml

Cache Entry Name Description

repo.ucm.nodeUidCache.*

Stores a list of nodes for a repository based on an ID. The size of this cache entry depends upon the number of nodes in the active repository.This cache expires based on when the node data is refreshed and how many times the data is modified from another application. Key - Node UID - String

Value - A UCM Node object

repo.ucm.nodePathToUidCache.*

Stores a list of nodes for a repository based on a path. The size of this cache depends upon the number of nodes in the active repository.This cache entry expires based on when the node data is refreshed and how many times the data is modified from another application. The size and expiration time must be the same as that of nodeUidCache.

Key - Node path - String

Value - Node UID - String

repo.ucm.securityInfoCache.*

Stores cached security information for a node. The size of this cache depends upon the number of nodes in the repository. This cache expires based on the frequency of node security data updates.

Key - Node UID - String

Value - Security information for a node

repo.ucm.typeNameCache.*

Caches Content Type information. The size of this cache depends upon the number of types in the repository. This cache expires based on when the type information is refreshed and how many times the types are modified from another application.

Key - Content Type UID - String

Value - A ContentType object

repo.ucm.typeNamesCache.*

Caches all the type names known to UCM. All type names are cached together (one key), and thus all expire at the same time.

This cache expires based on the frequency of new types being created or removed.

Key - There is only one key to this cache: "typeNames"

Value - An ArrayList<String> of the type names

binaryCache.*

Caches binary property data. Only binaries that are smaller than the repository configuration property BinaryCacheMaxEntrySize are cached.

The size of this cache either depends on the number and frequency of the smaller binary properties (smaller than the BinaryCacheMaxEntrySize setting) usage, or it is based on the total amount of memory to be used for binary caches.

This cache expires based on when the binary data is refreshed and how many times this data is modified from another application.

Key - The Node UID and binary Property UID (nodeUid.propUid) - String

Value - The binary stream data - byte[]

repo.ucm.searchCriteriaCache.*

Caches a set of search query to parameters based on the UCM search grammar. The size of this cache depends upon the number of unique searches expected to be repeatedly performed.

The expiration must be set to eventually expire unused searches and save on the cache memory.

Key - A set of search query parameters.

Value - A set of search query parameters, in UCM terms.

repo.ucm.indexedFieldsCache.*

Holds the indexed (searchable) system properties for the repository. There are three keys in this cache:

  • "indexedFields" holds all UCM indexed fields.

  • "indexedFolderProps" holds indexed system properties for folders.

  • "indexedDocProps" holds indexed system properties for documents.

This cache expires based on the frequency of the indexed fields changes.

Key - String

Value - Map<String,Boolean> holds a key for each indexed property name, and a boolean indicating if that property is also sortable.

repo.ucm.securityUserCache.*

Caches the mapping between local user names (current application) and the name of the same user in UCM. The size of this cache depends upon the number of simultaneous and/or frequent users.

This cache expires based on the frequency of user identity mapping updates.

Key - Local user Id - String

Value - UCM user Id - String

repo.ucm.profileTriggerValueCache.*

Caches the profile trigger value for a given profile, so it is available when documents are created. The maximum number of entries in this cache is implicitly limited to the maximum number of profiles on the UCM server. The cache entry size is small. The primary entry to vary is the expiration, which depends upon how often the profile trigger field values are modified in UCM. These values change rarely once a profile is configured on the UCM system. Therefore, the expiration should be set appropriately.

Key - The UCM profile name - String

Value - The UCM profile trigger value - String


11.9 Deleting Content Repository Connections

This section contains the following subsections:

Caution:

Delete a content repository connection only if it is not in use. If a connection is marked as active, it should first be removed from the active list, and then deleted.

11.9.1 Deleting Content Repository Connections Using Fusion Middleware Control

To delete a content repository connection:

  1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application:

  2. Do one of the following:

    • For WebCenter Spaces - From the WebCenter menu, choose Settings > Service Configuration.

    • For WebCenter Portal applications - From the Application Deployment menu, choose WebCenter > Service Configuration.

  3. From the list of services on the WebCenter Services Configuration page, choose Content Repository.

  4. Select the connection name, and click Delete.

  5. To effect this change you must restart the managed server on which the WebCenter application is deployed.

11.9.2 Deleting Content Repository Connections Using WLST

Use the WLST command deleteConnection to remove a content repository connection. For command syntax and examples, see "deleteConnection" in the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands".

Note:

To effect this change you must restart the managed server on which the WebCenter application is deployed. See, "Starting and Stopping WebLogic Managed Servers Using the Command Line" in the Oracle Fusion Middleware Administrator's Guide.

11.10 Setting Connection Properties for the WebCenter Spaces Content Repository

You can view, modify, and delete connection properties for the back-end Oracle Content Server repository that is being used by WebCenter Spaces to store Space and Home Space documents. Specifically, you can define the root folder under which Space content is stored, the name of the content repository administrator, and a unique application identifier for separating application data on the Oracle Content Server.

This section contains the following subsections:

11.10.1 Setting Connection Properties for the WebCenter Spaces Content Repository Using Fusion Middleware Control

To set content repository connection properties:

  1. Log in to Fusion Middleware Control and navigate to the home page for WebCenter Spaces or the WebCenter Portal application. See Section 6.2, "Navigating to the Home Page for WebCenter Spaces".

  2. From the WebCenter menu, choose Settings > Service Configuration.

  3. From the list of services on the WebCenter Services Configuration page, choose Content Repository.

  4. Select the connection name, and click Edit.

  5. (For the active connection in WebCenter Spaces only.) Set connection properties for the WebCenter Spaces repository. For information, see Section 11.6.1, "What You Should Know About Registering Content Repositories for WebCenter Spaces."

  6. Click OK to save your changes.

  7. To start using the updated (active) connection properties, you must restart the managed server on which the WebCenter application is deployed.

11.10.2 Setting Connection Properties for the WebCenter Spaces Content Repository Using WLST

The following commands are valid only for the WebCenter Spaces application to view, set, and delete properties for the Oracle Content Server repository that is being used by WebCenter Spaces to store Space and Home Space documents:

For command syntax and detailed examples, see the Oracle Fusion Middleware WebLogic Scripting Tool Command Reference.

For information on how to run WLST commands, see Section 1.13.3.1, "Running Oracle WebLogic Scripting Tool (WLST) Commands."

11.11 Testing Content Repository Connections

After setting up content repository connections, you can test them to make sure that you can access the content repository, as described in the following sections:

11.11.1 Testing Oracle Content Server Connections

To verify a connection of the socket type web, log in to the Web interface of Oracle Content Server as administrator. You can obtain the URL of a socket type connection through Fusion Middleware Control as follows:

  1. In Fusion Middleware Control, from the WebCenter menu, choose Settings and select Service Configuration (Figure 11-12).

    Figure 11-12 Fusion Middleware Control WebCenter Menu

    Fusion Middleware Control WebCenter Menu
  2. On the Manage Content Repository Connections page, select the connection and click Edit (Figure 11-13).

    Figure 11-13 Manage Content Repository Connections Page

    Manage Content Repository Connections Page
  3. On the Edit Content Repository Connection page, copy the Web URL (Figure 11-14).

    Note:

    Remove the /idcplg/ suffix from the URL before using it.

    The URL format is: http://host_name/web_root/ For example: http://mycontentserver/cms/

    Figure 11-14 Edit Content Repository Connection Page

    Edit Content Repository Connection Page

11.11.2 Testing Oracle Portal Connections

To verify the full state of an Oracle Portal connection:

  1. In the Oracle WebLogic Administration Console, under Domain Structure, expand Services > JDBC, then double-click Data Sources (Figure 11-15).

    Figure 11-15 Oracle WebLogic Administration Console

    Oracle WebLogic Administration Console
  2. On the Summary of JDBC Data Sources page, select the data source you intend to test (Figure 11-16).

    Figure 11-16 Summary of JDBC Data Sources Page

    Sumary of JDBC Data Sources Page
  3. In the Settings for datasource_name section, select the tabs Monitoring, then Testing. Select the data source target server, then click Test Data Source to test the connection (Figure 11-17).

    Figure 11-17 Data Source Settings Section

    Data Source Settings Section

11.12 Changing the Maximum File Upload Size

By default, the maximum upload size for files is:

11.13 Managing Microsoft SharePoint Connections Using WLST

Use the commands listed in Table 11-10 to manage connections to SharePoint content repositories, postdeployment.

Configuration changes made using these WebCenter WLST commands are only effective after your restart the Managed Server on which the WebCenter application is deployed. For details, see Section 8.2, "Starting and Stopping Managed Servers for WebCenter Application Deployments."

Table 11-10 SharePoint Content Repository WLST Commands

Use this command... To... Use with WLST...

createJCRSharePointConnection

Create a Microsoft SharePoint 2007 repository connection.

Online

setJCRSharePointConnection

Edit a Microsoft SharePoint 2007 repository connection.

Online

listJCRSharePointConnections

List all Microsoft SharePoint 2007 connections that are configured for a WebCenter application.

Online


For information about how to install WLST scripts for Microsoft SharePoint, see Section 11.3.1.3, "Installing WLST Command Scripts for Managing Microsoft SharePoint Connections."

11.13.1 createJCRSharePointConnection

Module: Oracle WebCenter

Use with WLST: Online

11.13.1.1 Description

Creates a connection to a Microsoft SharePoint 2007 repository.

Note:

For WebCenter Portal applications, the createJCRSharePointConnection command works only if the application was developed to support Microsoft SharePoint connections in the first place. If the original WebCenter Portal application deployment does not include a Microsoft SharePoint connection, then the application will not contain the code necessary to support any new Microsoft SharePoint connections that you may want to create using this command. See also, Section 11.3.2, "Microsoft SharePoint - Configuration."

11.13.1.2 Syntax

createJCRSharePointConnection(appName, name, url, [likeLimit, extAppId, timeout, isPrimary, server, applicationVersion])
Argument Definition
appName
Name of the WebCenter application in which to perform this operation.
name
Connection name. The name must be unique (across all connection types) within the WebCenter application.
url
Web address of the SharePoint site to which you want to connect.

For example, if the SharePoint site address is http://mysharepoint.mycompany.com, enter this value for the url argument.

likeLimit
Optional. Number of characters the LIKE operator matches. The default is 64.

The SharePoint query language can use a LIKE keyword to constrain URL queries (document paths) that match a search pattern. By default, the LIKE operator supports a pattern match on strings up to 64 characters. Use this argument to specify a different character limit (any positive integer between 1 and 64) or enter likeLimit=0 to disable the LIKE limit, that is, always send the full query string to the Microsoft SharePoint server.

As Oracle recommends the default value (64), there is no need to specify this argument when you create a connection using the WLST command createJCRSharePointConnection.

Note: Only specify a value above 64 if your SharePoint instance supports LIKE queries on URLs greater than 64 characters.

extAppId
Optional. External application used to authenticate WebCenter users against the SharePoint repository. This value should match the name of an existing external application connection. See also listExtAppConnections.

If extAppId is not set, the SharePoint repository connection will not work.

extAppId can be set or changed at any time using the setJCRSharePointConnection command.

timeout
Optional. Length of time allowed to log in to the SharePoint repository (in ms) before issuing a connection timeout message. If no timeout is set, there is no time limit for the login operation.
isPrimary
Optional. Valid values are 1 (true) and 0 (false). 1 specifies that this connection is the primary connection used by the Documents service. The argument defaults to 0. If this parameter is omitted, the primary connection used by the Documents service does not change.

In WebCenter Spaces, the primary connection must be an Oracle Content Server connection.

server
Optional. Name of the managed server where the WebCenter application is deployed. For example, WC_Spaces.

Required when applications with the same name are deployed to different servers and also when you have a cluster.

applicationVersion
Optional. Version number of the deployed application. Required if more than one version of the WebCenter application is deployed.

11.13.1.3 Example

The following example creates a connection to a Microsoft SharePoint site.

wls:/weblogic/serverConfig> createJCRSharePointConnection(appName='webcenter', name='MySPConnection', url='http://mysharepoint.mycompany.com', extAppId='myExtApp')

11.13.2 setJCRSharePointConnection

Module: Oracle WebCenter

Use with WLST: Online

11.13.2.1 Description

Edits an existing Microsoft SharePoint 2007 repository connection. This command requires that you specify values for appName and name, plus at least one additional argument.

11.13.2.2 Syntax

setJCRSharePointConnection(appName, name, [url, likeLimit, extAppId, timeout, isPrimary, server, applicationVersion])
Argument Definition
appName
Name of the WebCenter application in which to perform this operation.
name
Name of an existing SharePoint connection.
url
Optional. Web address of the SharePoint site to which you want to connect.

For example, if the SharePoint site address is http://mysharepoint.mycompany.com, enter this value for the url argument.

likeLimit
Optional. Number of characters the LIKE operator matches. The default is 64.

The SharePoint query language can use a LIKE keyword to constrain URL queries (document paths) that match a search pattern. By default, the LIKE operator supports a pattern match on strings up to 64 characters. Use this argument to specify a different character limit (any positive integer between 1 and 64) or enter likeLimit=0 to disable the LIKE limit, that is, always send the full query string to the Microsoft SharePoint server.

Oracle recommends the default value (64). The default is suitable in most instances so, typically, there is no need to set a new value. To reset the default, specify likeLimit='' or likeLimit=64.

Note: Only specify a value above 64 if your SharePoint instance supports LIKE queries on URLs greater than 64 characters.

extAppId
Optional. External application used to authenticate WebCenter users against the SharePoint repository. This value should match the name of an existing external application connection. See also listExtAppConnections. If extAppId is not set, no change is made to the current external application ID.

If no external application is set, the SharePoint connection will not work.

timeout
Optional. Length of time allowed to log in to the SharePoint repository (in ms) before issuing a connection timeout message. If no timeout is set, there is no time limit for the login operation.
isPrimary
Optional. Valid values are 1 (true) and 0 (false). 1 specifies that this connection is the primary connection used by the Documents service. When set to 0, and the specified connection is the primary connection used by the Documents service, the primary connection is reset. If this parameter is not set, the primary connection used by the Documents service does not change. This argument has no default.

In WebCenter Spaces, the primary connection must be an Oracle Content Server connection.

server
Optional. Name of the managed server where the WebCenter application is deployed. For example, WC_Spaces.

Required when applications with the same name are deployed to different servers and also when you have a cluster.

applicationVersion
Optional. Version number of the deployed application. Required if more than one version of the WebCenter application is deployed.

11.13.2.3 Example

The following example edits SharePoint repository connection details.

wls:/weblogic/serverConfig> setJCRSharePointConnection(appName='webcenter', name='MySPConnection', url='http://mysharepoint.mycompany.com', extAppId='myExtApp')

11.13.3 listJCRSharePointConnections

Module: Oracle WebCenter

Use with WLST: Online

11.13.3.1 Description

Without any arguments, this command lists all of the SharePoint connections that are configured for a named WebCenter application.

11.13.3.2 Syntax

listJCRSharePointConnections(appName, [verbose, name, server, applicationVersion])
Argument Definition
appName
Name of the WebCenter application in which to perform this operation.
verbose
Optional. Displays SharePoint connection details in verbose mode. Valid options are 1 (true) and 0 (false). When set to 1, listJCRSharePointConnections lists all SharePoint connections that are configured for a WebCenter application, along with their details. When set to 0, only connection names are listed. This argument defaults to 0.
name
Optional. Name of an existing SharePoint connection. When specified you can view connection details for a specific SharePoint connection. If you supply a value for name, you must supply a value for verbose.
server
Optional. Name of the managed server where the WebCenter application is deployed. For example, WC_Spaces.

Required when applications with the same name are deployed to different servers and also when you have a cluster.

applicationVersion
Optional. Version number of the deployed application. Required if more than one version of the WebCenter application is deployed.

11.13.3.3 Example

The following example lists the names of all the SharePoint connections that are configured for an application named webcenter.

wls:/weblogic/serverConfig> listJCRSharePointConnections(appName='webcenter')

The following example lists connection details for all of the SharePoint connections that are configured.

wls:/weblogic/serverConfig> listJCRSharePointConnections(appName='webcenter', verbose=true)