Managing the Instant Messaging and Presence Service 16-11 Figure 16–5 Virtual Directory Properties

16. Under the ASP.NET tab, select the ASP.NET version as 2.0 or higher from the

ASP.NET version dropdown list. IIS should be configured to consume ASP.NET 2.0 applications.

17. Click OK.

18. Ensure that the LSC pool name in the LCS connection has been set.

19. Test the Web service by accessing the Web site from the following URL format:

http:localhostdefault_websiteApplicationConfigurationService.asmx Where default_website refers to the virtual directory that you created for the Oracle RTC Web service. For example: http:localhostRTCApplicationConfigurationService.asmx

16.2.2.3 LCS - Security Considerations

You must configure an external application for Microsoft Live Communications Server connections so that users can supply credentials to authenticate themselves on the LCS server. With a secured application, users get presence status. With LCS, if security is required, then LCS should be on a private trusted network. LCS provides an option for changing external credentials, which works as an alternative to using an external application. A logged-in user can click any Presence tag and select Change Credentials from the menu. For more information, see Section 16.3.1, Registering Instant Messaging and Presence Servers Using Fusion Middleware Control.

16.2.3 Oracle WebLogic Communications Server OWLCS Prerequisites

This section describes Oracle WebLogic Communications Server OWLCS prerequisites as the presence server for the Instant Messaging and Presence service. 16-12 Oracle Fusion Middleware Administrators Guide for Oracle WebCenter This section includes the following subsections: ■ Section 16.2.3.1, OWLCS - Installation ■ Section 16.2.3.2, OWLCS - Configuration ■ Section 16.2.3.3, OWLCS - Security Considerations ■ Section 16.2.3.4, OWLCS - Limitations

16.2.3.1 OWLCS - Installation

For detailed OWLCS installation instructions, see the Oracle WebLogic Communication Services Installation Guide.

16.2.3.2 OWLCS - Configuration

OWLCS supports both identity propagation and external application-based connections. Oracle recommends using identity propagation for OWLCS connections, since additional security can be set with WS-Security. OWLCS and the WebCenter application should point to the same LDAP-based identity store. If the OWLCS server and the WebCenter application use different LDAP-based identity stores, then you must configure an external application for the connection so that users can supply credentials to authenticate themselves on the OWLCS server. For information on reassociating the WebCenter application’s identity store, see Section 28.1, Reassociating the Identity Store with an External LDAP Server. If necessary, reconfigure OWLCS to use the same identity store. For more information, see the Oracle WebLogic Communication Services Administrators Guide.

16.2.3.3 OWLCS - Security Considerations

If the OWLCS server is running with WS-Security enabled, then the administrator must set the policyURI parameter in the presence server connection. If WS-Security is not required, then the administrator should disable WS-Security on the OWLCS server. For more information, see Section 32.4, Securing Oracle WebLogic Communication Services OWLCS with WS-Security and Section 31.11, Securing the WebCenter Spaces Connection to OWLCS with SSL.

16.2.3.4 OWLCS - Limitations

With OWLCS, user creation and deletion is manual. Any time a new user is added to or removed from the applications identity store, the same user must be created in or removed from the OWLCS user store. Each OWLCS user has a watcher list, which is a list of the other users allowed to see his presence. This watcher list must be under 125 KB approximately 400 users. In WebCenter, the presence of all users must be visible, even if they are not contact of the logged-in user. To get their presence, WebCenter creates a new account on OWLCS with the Space GUID and adds this new user as a watcher of the visible users. In other words, each member of a Space has an entry of that Space GUID in his watcher list. A problem can arise when a user is part of many Spaces. Because the watcher list contains entries for each Space, its size can grow greater than 125KB. When that happens, updates to the watcher list are rejected, giving the user a Subscription Request popup with that scope GUID. If this happens, then the user should just cancel the subscription request.