This chapter describes how to configure DIVA Enterprise Connect after installation, and includes the following information:
Chapter 2 described the steps for a minimal DIVA Enterprise Connect configuration. However, additional configuration may be necessary based on your requirements. Configuring DIVA Enterprise Connect may include changes to the WebLogic configuration, the user, group, or role configuration in the WebLogic embedded LDAP server, or changes to the configuration file.
During installation, you may have customized the install.properties file with values for the HTTP and HTTPS ports, the DIVAS_HOME directory (for the API), and the WebLogic Admin Console ports. The install.properties file is located in the parent staging directory, and is only used at installation time. If changes to these values are required after installation, you must make those changes using the WebLogic Admin Console.
The divas-config.properties file contains parameters for the DIVArchive connection and the Web Services sessions. The file is located in the following directory:
%DIVAS_HOME%/%DOMAIN_NAME%/config/dwsConfig/AppFileOverrides/
$DIVAS_HOME/DIVAS_Domain/config/dwsConfig/AppFileOverrides/
After modifying the configuration file, you must restart the DIVAServices service. On Linux, use the DIVAS command. On Windows, you can use the DIVAS command, or restart the DivaServices Windows service.
divas.service.connection.hostProtocolThis parameter is the protocol used to connect to the DIVArchive Manager and DIVAnet (SOCKET, HTTP, HTTPS). The use of HTTP or HTTPS requires that the DIVAnet ManagerAdapter is installed and configured properly. Using the HTTP option, the DIVArchive Web Services connect to the DIVAnet ManagerAdapter, and not directly to the DIVArchive Manager.
divas.service.connection.hostAddressThis parameter identifies the host name or IP address of DIVArchive or DIVAnet.
divas.service.connection.hostPortThis parameter identifies the port number of DIVArchive or DIVAnet.
divas.service.connection.userNameThis parameter identifies the default user name and group name to pass to DIVArchive or DIVAnet if unassigned in WebLogic.
divas.service.connection.applicationNameThis parameter identifies the default application name passed on the DIVArchive or DIVAnet connection.
divas.service.connection.responseTimeoutThis parameter identifies the time (in seconds) to wait for a response from DIVArchive or DIVAnet before timing out.
divas.service.connection.retryIntervalThis parameter identifies the time (in seconds) to wait between retry attempts when a response is not received.
divas.service.connection.retryCountThis parameter identifies the number of retries when a response is not received from DIVArchive or DIVAnet.
divas.service.connection.siteNameThis parameter identifies the DIVAnet site name of this server. This value is passed to DIVAnet.
The following Web Services identify session behavior parameters and configured in the divas-config.properties file:
divas.service.client.maxSessionsThis parameter identifies the maximum number of simultaneous active sessions (per user).
divas.service.session.maxAgeThis parameter identifies the maximum duration (in minutes) before a session is terminated.
divas.service.session.maxIdleThis parameter identifies the maximum duration (in minutes) before an idle session is terminated.
divas.service.session.allowDifferentIPThis parameter is a boolean value. This value is true if a session ID can be used in requests originating from different IP addresses.
DIVA Enterprise Connect can connect to DIVAnet in several ways. The services can connect directly to the DIVAnet ManagerAdapter through HTTP or HTTPS. There are security benefits when you use this mode. The services can also connect to the DIVAnet ClientAdapter either using SOCKETS or through the ManagerAdapter using HTTP or HTTPS. Connecting to DIVAnet has disaster recovery, content availability, and security benefits.
DIVA Enterprise Connect can interface with DIVArchive by connecting directly to the DIVAnet ManagerAdapter. Connecting in this manner enables a secure outbound HTTPS connection to be established to DIVArchive. You set the divas.service.connection.hostProtocol attribute in the DIVA Web Services configuration file to either HTTP or HTTPS.
See Appendix B for instructions on configuring SSL certificates to support the HTTPS connection between DIVA Enterprise Connect and DIVAnet.
Connecting to a DIVAnet ManagerAdapter can provide additional access control benefits. By default, DIVA Enterprise Connect sends a single default user name to DIVAnet. This user name is configured in the divas-config.properties file. However, you can configure DIVA Enterprise Connect to send a name to the ManagerAdapter on a per request basis for access control. API users can be assigned to an Access Group within WebLogic. When a user is assigned an access group, the Access Group name is sent to the ManagerAdapter on every web service call.
For example, a DIVArchive Web Services Client API user name Fred might be a member of a group named divanetAdmin. This group is configured and assigned in WebLogic. The divanet prefix indicates to DIVA Enterprise Connect that divanetAdmin is an Access Control Group, and the group name should be sent to the ManagerAdapter on every client request. You can use access rules in the DIVAnet ManagerAdapter to enforce access control. You use the username attribute in the ManagerAdapter access rules to assign access rights for the group.
You can configure WebLogic users to have an Access Group name for DIVAnet using the WebLogic Admin Console. Use the following procedure to assign an Access Group name to a user:
Log in to the WebLogic Admin Console.
A typical URL for the admin console is http://127.0.0.1:7001/console.
Now you will add the group by navigating to Domain Structure, Security Realms, myrealm, Users and Groups, and then Groups.
Confirm that you are on the Groups tab, and click New.
Create a group name containing the string divanet, and then click OK.
Next you must assign the group to a user by navigating to Domain Structure, Security Realms, myrealm, Users and Groups, and then Users.
Click the user name you want to change, and then navigate to the Groups tab.
Click the group you want to assign (in the box on the left) and click > to assign the group.
The group is now displayed in the box on the right. If it is not there, then you have not properly assigned it.
Click Save to complete the process.
Oracle suggests (although it is not required) adding a rule enforcing that only users with an Access Group can use the services. To create this rule, navigate to Domain Structure, Deployments, DIVAS.1.0.0, Security, and then Policies.
The DIVAS.1.0.0 menu item is a link to the deployed DIVArchive Web Services application. It appears in the table on the Deployments screen.
Click Add Conditions, then select Group from the Predicate List menu list, and then click Next.Enter the first name of the group you previously added, and then click Add.
Add any remaining group names following this procedure, and then click Finish.
Alternatively, you can connect to the DIVAnet ClientAdapter running in MultiDiva mode. This will allow you to archive and restore content from multiple DIVArchive sites, and list the sites where assets are stored. You can connect to the DIVAnet ClientAdapter by setting the value of the divas.service.connection.hostProtocol attribute to SOCKET, and then configuring the address and port of the DIVAnet ClientAdapter. Finally, you can connect to the ClientAdapter through the DIVAnet ManagerAdapter as if you were connecting to DIVArchive.