Message Authentication Directly access the Portal page by entering the URL noted in Step 4 into your
7.2.7.8 HTTPS Communication
Normal communication between Oracle Portal and a provider uses HTTP, a network protocol that transmits data as plain text using TCP as the transport layer. HTTPS uses an extra secured layer SSL on top of TCP to secure communication between a client and a server, making it difficult to intercept and read messages. Each entity for example, an Oracle Web Cache instance receiving a communication using SSL has a freely available public key and a private key known only to the entity itself. Any messages sent to an entity are encrypted with its public key. A message encrypted by the public key may only be decrypted by the private key so that, even if a message is intercepted by a felonious third party, it cannot be decrypted. Certificates used to sign communications ensure that the public key does in fact belong to the correct entity. These are issued by trusted third parties, known as Certification Authorities CA. They contain an entitys name, public key, and other security credentials and are installed on the server end of an SSL communication to verify the identity of the server. Client certificates may also be installed on the client to verify the identity of a client. Oracle Wallet Manager manages public key security credentials. It generates public and private key pairs, creates a certificate request to a CA, and installs the certificate on a server. For more information on this topic, refer to the Oracle Fusion Middleware Administrators Guide for Oracle Portal. Configuration of SSL When a provider is registered from an Oracle Portal instance, only one URL is entered, which means either HTTP or HTTPS may be used but not both. Each port on each server that may be used to receive SSL messages must have a server-side certificate installed that is, an OracleAS Web Cache instance in front of the Web provider and the server that hosts the provider. The certificate installed on a server port ensures that communication between two points is encrypted but does not authenticate the source of a message. Message authentication should be used as well to fully secure communication between a trusted Oracle Portal instance and a provider. For more information about SSL configuration for Oracle Portal, refer to the Oracle Fusion Middleware Administrators Guide for Oracle Portal.7.2.7.9 LDAP Oracle Internet Directory Security
PDK-Java uses Portlet Security Managers for LDAP Oracle Internet Directory security. PDK-Java uses Oracle Internet Directory as a repository of users, groups, and permissions. It retrieves information about the logged-in user and determines whether the user has the required permissions to view the portlet and data within the portlet. By enabling Oracle Internet Directory security, your providers perform the following: ■ Secure portlets based on groups. ■ Restrict access to the administrative functions of your portlets using your own security manager. ■ Retrieve all of the user property information stored in the Oracle Internet Directory including first name, last name, title, e-mail, telephone number, groups, and photo. ■ Create users and groups for Oracle Portal. 7-44 Oracle Fusion Middleware Developers Guide for Oracle Portal By default, Oracle Internet Directory security is disabled. You must make a change in the deployment properties file for a specific provider to enable this feature. Enabling and using Oracle Internet Directory to secure your portlets can be done quickly and easily. To do this, perform the following steps: 1. Enable the Oracle Internet Directory manager in the deployment properties files provider_name.properties. oidManager=true oidAdminClass=class_that_extends_oracle.portal.provider.v2.oid.OidInfo 2. Provide the connection information for Oracle Internet Directory by extending the simple class called OidInfo. 3. Provide a list of groups that can view your portlet in the provider definition file. groupcn=group1,cn=groups,dc=us,dc=oracle,dc=comgroup Your provider connects to Oracle Internet Directory using the information provided to the OidInfo class by you. The portlet accesses Oracle Internet Directory using the credentials provided for example, user name and password and performs the specified tasks. We recommend that you create an Oracle Internet Directory user specifically for your provider connection with the minimum set of privileges needed to complete the tasks requested by your portlets. For example, if your portlet only checks group information, do not connect to the Oracle Internet Directory as an administrator.7.2.7.9.1 Implementing Oracle Internet Directory Security PDK-Java provides a set of
default classes specifically for Oracle Internet Directory integration. These classes handle the connection from your portlets to Oracle Internet Directory, enable your portlets to be secured based on Oracle Portal groups, and provide access to user property information from within Oracle Internet Directory. The classes used by your Web provider for Oracle Internet Directory integration are as follows: ■ oracle.portal.provider.v2.oid.OidInfo receives the Oracle Internet Directory connection information provided by the developer and connects to Oracle Internet Directory. When building your own portlets, you should extend this class to send secure connection details from the provider to Oracle Internet Directory. ■ oracle.portal.sample.v2.devguide.oid.UnsafeOidInfo is an extension of OidInfo and provides an easy way to test portlet security. This class is used by the Oracle Internet Directory samples in PDK-Java and parses the deployment properties file for the Oracle Internet Directory connection information seen subsequently. This class should be used only for testing and development, it is not safe to use in a production scenario. ■ oidManager is set to false by default. It must be set to true in provider_ name .properties to enable Oracle Internet Directory. If you have only one provider in your Web application, ensure that provider_name.properties is identical to _default.properties. For example: serviceClass=oracle.webdb.provider.v2.adapter.soapV1.ProviderAdapter loaderClass=oracle.portal.provider.v2.http.DefaultProviderLoader showTestPage=true definition=providerslab_providerprovider.xml autoReload=true oidManager=true oidAdminClass=oracle.portal.sample.v2.devguide.oid.UnsafeOidInfo oidHost=myhost.mydomain.com Enhancing Java Portlets 7-45 oidPort=oidPort oidUser=oidUser oidPasswd=oidPassword ■ oidAdminClass is set to the class that extends OidInfo. PDK-Java provides UnsafeOidInfo by default, but as the name suggests, this class should not be used in production scenarios. – oidHost is the machine where Oracle Internet Directory is hosted. – oidPort is the port used by the Oracle Internet Directory. – oidUser is the Oracle Internet Directory account. – oidPasswd is the Oracle Internet Directory password. For example: serviceClass=oracle.webdb.provider.v2.adapter.soapV1.ProviderAdapter loaderClass=oracle.portal.provider.v2.http.DefaultProviderLoader showTestPage=true definition=providerslab_providerprovider.xml autoReload=true oidManager=true oidAdminClass=oracle.portal.sample.v2.devguide.oid.UnsafeOidInfo oidHost=myhost.mydomain.com oidPort=oidPort oidUser=oidUser oidPasswd=oidPassword ■ oracle.portal.provider.v2.security.GroupSecurityManager manages which groups have access to your provider and its portlets. It retrieves this information from the provider definition file and is portlet specific. Each portlet in a provider may have different group settings. There is no limit on the number of groups that can be set using this tag, but, since the Web provider parses and validates each group in turn, listing many groups may degrade performance. ■ group is the tag in provider.xml that handles group management. It lists the groups allowed to access the portlet. The group information here follows the same case sensitivity as the Oracle Internet Directory. securityManager class=oracle.portal.provider.v2.security. GroupSecurityManager groupcn=DBA,cn=portal_instance_id,cn=groups, dc=us,dc=oracle,dc=comgroup securityManager For more information on the syntax of provider.xml, refer to the provider Javadoc on OTN: http:www.oracle.comtechnologyproductsiasportalhtmljavadocx ml_tag_reference_v2.html The advantages of Oracle Internet Directory security are as follows: ■ Offers a simple, powerful way to secure your portlets. Note: The following example refers to your portal_instance_id, which is specific to your installation. To find your instance identifier, refer to your Oracle Fusion Middleware Administrators Guide for Oracle Internet Directory.Parts
» Oracle Fusion Middleware Online Documentation Library
» Introduction to Portal Development Understanding Portlets
» Portlet Anatomy Oracle Fusion Middleware Online Documentation Library
» Out-of-the-Box Portlets Portlet Resources
» Other Sources of Prebuilt Portlets Web Clipping
» Portlet Builder Portlet Resources
» JSF Portlets Portlet Resources
» Programmatic Portlets Portlet Resources
» The Portlet Technologies Matrix
» Web Clipping OmniPortlet General Suitability
» Java Portlets Portlet Builder
» PLSQL Portlets General Suitability
» Java Portlets Expertise Required
» Web Providers Deployment Type
» WSRP Producers Deployment Type
» The user requests a portal page from the Web browser by entering a URL in the
» The Parallel Page Engine PPE, which resides in the Oracle Application Servers
» Database Providers Provider Registration
» PLSQL Portlets Development Tool
» OmniPortlet and Web Clipping Java Portlets Portlet Builder PLSQL Portlets
» Web Clipping OmniPortlet User Interface Flexibility
» Java Portlets and PLSQL Portlets
» Web Clipping OmniPortlet Java Portlets
» PLSQL Portlets Ability to Capture Content from Web Sites
» Web Clipping OmniPortlet Java Portlets Portlet Builder
» Public Portlet Parameters Support
» OmniPortlet, Web Clipping, and Portlet Builder
» Web Clipping and OmniPortlet Java Portlets Portlet Builder PLSQL Portlets
» Web Clipping OmniPortlet Java Portlets PLSQL Portlets
» Introduction to OmniPortlet Oracle Fusion Middleware Online Documentation Library
» Source The OmniPortlet Wizard
» Filter The OmniPortlet Wizard
» View Layout The OmniPortlet Wizard
» Edit Defaults mode The OmniPortlet Wizard
» Portlet Parameters and Events
» Adding an OmniPortlet Instance to a Portal Page Building an OmniPortlet Based on a Web Service
» Building an OmniPortlet Based on a Spreadsheet CSV
» Building an OmniPortlet Based on an XML Data Source
» Building an OmniPortlet Based on a Web Page Data Source
» Under New Page Parameter, in the Parameter Name field, enter zip, then click
» For the fourth OmniPortlet in the list, follow the same steps to set Param1 to the
» Set the Page Input as shown in Click OK.
» Building an OmniPortlet Using the HTML Layout
» Above the Web Clipping portlet, click the Edit Defaults icon, as shown in
» In the URL Location field, enter the location of the starting Web page that links to Click Start.
» At the top left of the section of the Web content you want to clip, click Choose.
» In the Find a Web Clipping page, click OK to display the selected Web clipping in
» In the Default Value field, enter a value to use by default for the parameter.
» Select Basic Authentication as the authentication method.
» In the Additional Fields section, you can enter names and values of any Click OK.
» At the top left of the section of the Web content you want to clip, click Choos
» Click Select to confirm that the search result section is the one you want to clip.
» Because the content displayed in the portlet was reached by entering information
» In the parameters table, make the following changes:
» Click OK to display the default search results in the Web Clipping portlet on your
» In the Editing Views section, click View Page.
» In the Web Clipping portlet header, click Personalize, as shown in
» In the page that displays, scroll down to the Inputs section. Notice that the
» Click OK. Personalizing a Web Clipping Portlet
» Verify that the Web provider that contains the URL-based portlets you want to
» Find existing URL-based portlets.
» Performing the Migration Migrating from URL-Based Portlets
» Post-Migration Configuration Migrating from URL-Based Portlets
» Maintaining Migrated Portlets Migrating from URL-Based Portlets
» Current Limitations for Web Clipping
» User preference: Guidelines for Show Modes
» Instance defaults: Guidelines for Show Modes
» Guidelines for Edit Defaults Mode Options The following guidelines should
» Guidelines for Buttons in Edit Defaults Mode For consistency and user
» Preview Mode JPS and PDK-Java Full Screen Mode PDK-Java
» Help Mode JPS and Oracle Portal
» Link Mode PDK-Java Portlet defaults
» Guidelines for Navigation within a Portlet
» Guidelines for JavaScript Guidelines for Writing Java Portlets
» Guidelines for Mobile Portlets
» Introduction to Java Portlet Specification JPS and WSRP
» Click Next. Creating a JSR 168 Portlet
» Click OK. Repeat the preceding steps if you want to add more customization
» In the Description field, enter a description for the security role, explaining the Click OK.
» Initialization parameters provide the Web application developer, who decides
» In the Name field, enter a unique name for the initialization parameter. Use only
» In the Value field, enter a default value for the parameter.
» In the Description field, enter a description for the parameter.
» To delete an initialization parameter, select it in the table and click Remove.
» Click Next to display the Finish page.
» Click Finish to generate the files for your portlet. The following files should be
» Adding Portlet Logic to Your JSR 168 Portlet
» In the Application Navigator, right-click the project that contains your portlet and
» In the Deployment Profile Name field, enter a meaningful name for the
» Click OK. Deploying Your JSR 168 Portlet to the Oracle WebLogic Server
» When the Deployment Finished message displays in the Deployment Log at the
» Click Next to display the Portal Registration Property Values page
» Click Finish. You should see a Registration Confirmation page similar to the one
» Registering WSRP Producers in Enterprise Configurations
» Introduction to Oracle PDK-Java
» Click Next to display the General Portlet Information Page.
» Click Next to display the Public Portlet Events page
» Click the link underneath Service Name.
» In the New Gallery, expand the General category and select Deployment Profiles.
» In the Items list, select WAR File and click OK. The Create Deployment Profile --
» Click OK. The WAR Deployment Profile Properties dialog box opens.
» Under Web Application’s Context Root, select Specify Java EE Web Context Root
» Select the Contributors node under WEB-INFlib.
» Select Portlet Development. Deploying Your Oracle PDK-Java Portlet to an Application Server
» Click OK. The Project Properties dialog opens.
» Click OK. Deploying Your Oracle PDK-Java Portlet to an Application Server
» In the Application Navigator, right-click your project and select Deploy, then
» If you are not already on the Portal Builder page, click the Builder link in the
» In the Remote Providers portlet, click Register a Provider to display the Register
» In the Name field, enter the name of the provider. The name must not be more
» In the Display Name field, enter a name to display for the provider when it is
» In the Timeout field, enter the number of seconds Oracle Portal should try to
» In the Timeout Message field, enter the message to display when Oracle Portal
» From the Implementation Style list, select Web.
» Click Next to display the Define Connection page
» In the Domain Structure tree, select Deployments.
» Click the Targets tab, and select AdminServer and WLS_WSRP from the Servers Click Save.
» In Oracle JDeveloper, double-click the view.jsp file for your JPS-Standard
» Add the code that is indicated in bold in the following snippet:
» Open edit.jsp in the visual designer and click the Design tab. Notice that the
» Click the Design tab to see the new form field that you just added
» Updating the XML Provider Definition
» Viewing the Portlet Under Web Content, htdocs\myportlet, create an HTML page called
» Click the magnifying glass icon next to the portlet and a preview window similar
» Reviewing the Generated Code The wizard creates the following code for you by
» Modifying the Generated Code The JSP contains an input field for the portlet
» Implementing Personalization for Show Pages
» Edit your Show page and import NameValuePersonalizationObject and
» Preference Information Within the XML Provider Definition
» Portlet URL Types Intraportlet links refer to the Oracle Portal page on which
» Building Links with the Portlet URL Types To build links with the URL
» Building Forms with the Portlet URL Types Use of portlet parameters in forms is
» Implementing Navigation within a Portlet You can implement navigation within a
» Submitting Events Go to the Parameter tab of the page properties. Note that parameters should be
» You can append a parameter value to the URL and the portlet displays the value
» When you click the link, that value is passed to the Parameter portlet on its page
» Go to the provider deployment in the Oracle WebLogic Administration Console,
» Creating Private Events Enhancing PDK-Java Portlets
» Ensure you are logged in to an Oracle Portal instance with privileges to create
» Create a new portal page, ensuring it is visible to PUBLIC.
» Add your Java portlet to the page.
» Make a note of the direct URL to your new Portal page.
» Now log out of the Portal instance by clicking the Logout link.
» Oracle Portal Server Security
» HTTPS Communication Directly access the Portal page by entering the URL noted in Step 4 into your
» Implementing Oracle Internet Directory Security PDK-Java provides a set of
» Viewing Your Portlets After you secure your provider with Oracle Internet
» Ensure you are logged in to an Oracle Portal instance as a user who is a member of
» Use an existing page or create a new one, ensuring it is visible to PUBLIC.
» Make a note of the direct URL to your new page.
» Click Logout. Implementing Portlet Security
» The portlet instance is the portlet on a page with the default personalizations made
» Create a stock portlet and implement the Show mode with the following
» Create two regions on a sample page and add My Stock Portlet to the first region.
» Securing Provider Communications If the security of exportingimporting
» Disabling ExportImport of Personalizations The JNDI variable,
» Obfuscating Data for Transport Automatic By default, personalization data is
» Exporting by Reference Example To export by reference rather than exporting
» Expiry-based Caching Enhancing Portlet Performance with Caching
» Invalidation-based Caching: Enhancing Portlet Performance with Caching
» You have followed through and understood
» Activating Caching You built a portlet using the wizard and successfully added it to a page.
» Configuring the Provider Servlet To enable invalidation-based caching, you must
» Defining the Oracle Web Cache Invalidation Port If you are using an Oracle
» Configuring the XML Provider Definition Using a combination of tags in
» Manually Invalidating the Cache You may want the cached version of the portlet
» Enhancing Portlets for Mobile Devices
» Writing Multilingual Portlets Enhancing PDK-Java Portlets
» Oracle Portal and the Apache Struts Framework
» Creating an Oracle Application Development Framework ADF Portlet
» Portlet Show Modes Guidelines for Creating PLSQL Portlets
» Recommended Portlet Procedures and Functions
» Implementing the Portlet Package
» Open starter_provider2.pks in an editor.
» Save and close starter_provider2.pkb.
» Creating and Accessing a Preference Store
» Implementing a Session Store
» Passing Private Parameters Passing Page Parameters and Mapping Public Portlet Parameters
» Retrieving Parameter Values Using Parameters
» Identify the piece of information you require for your functionality.
» Use the appropriate method from wwctx_api to get and optionally set this value.
» Open the services_portlet.pkb file in an editor.
» Find the get_portlet_info function.
» Notice the usage of wwctx_api.get_user to derive the user information and set
» wwctx_api.get_user is used similarly in various places throughout
» Another example of getting context information occurs in the is_runnable
» Using Security Implementing Portlet Security
» Coding Security Implementing Portlet Security
» Indicate to Oracle Portal that it must generate specific headers for Oracle Web
» Determine whether you want to use system or user level caching. Set the
» Optionally, set up validation- or expiry-based caching as well.
» Add invalidation logic to your portlet where needed for example, when the
» Configuring and Monitoring the Cache
» Implementing Validation-Based Caching Improving Portlet Performance with Caching
» Implementing Expiry-Based Caching Improving Portlet Performance with Caching
» Implementing Invalidation-Based Caching Improving Portlet Performance with Caching
» Using Error Handling Implementing Error Handling
» Adding Error Handling Implementing Error Handling
» Add the event object, with an appropriate domain and subdomain combination,
» Register the log event record by using wwlog_api_admin.add_log_registry.
» Use start_log and stop_log to mark the events you want to log in your code.
» Adding Event Logging Implementing Event Logging
» Using Multilingual Support Writing Multilingual Portlets
» Adding Multilingual Support Writing Multilingual Portlets
» Registration Prerequisites Provider Record Input Registration Example
» Overview Oracle Fusion Middleware Online Documentation Library
» Secure Content Repository Views
» Terminology Content Management APIs
» Providing Access to the APIs and Secure Views
» Using Constants Guidelines for Using the APIs
» Resetting CMEF Global Variables
» Code Samples Oracle Fusion Middleware Online Documentation Library
» Setting the Session Context API Parameters
» Editing Page Properties Oracle Fusion Middleware Online Documentation Library
» Setting Item Attributes Editing Content
» Editing an Item Editing Content
» Moving an Item to a Different Page Moving Pages
» Moving Categories and Perspectives
» Deleting Items Deleting Content
» Deleting Pages Deleting Content
» Creating Pages Oracle Fusion Middleware Online Documentation Library
» Creating Categories and Perspectives
» Creating Items Oracle Fusion Middleware Online Documentation Library
» Setting Perspectives Attributes of Pages and Items
» Approving and Rejecting Items
» Searching For Items Across All Page Groups
» Searching For Pages in Specific Page Groups
» Searching For Items By Attribute
» Creating a Directory for the XML File
» Creating an XML File from a CLOB
» Generating Search Results in XML Workaround for get_item_xml
» Click Next. On the View page, select Tabular for the Layout Style, then click Next.
» Introduction to Multi-Lingual Support
» Querying the Default Language
» Setting the Session Language Modifying an Existing Translation Creating a Translation for an Item
» Translations and Item Versioning
» Retrieving Object Privileges Oracle Fusion Middleware Online Documentation Library
» Granting Page Level Privileges
» Removing Page Level Privileges
» Granting Item Level Privileges
» Removing Item Level Privileges
» Inheriting Item Level Privileges from the Page
» Enqueuing Messages How Does the Content Management Event Framework Work?
» Subscribers and Dequeuing Messages
» Exception Handling Listening for Messages
» Creating Subscriber Code Using the Content Management Event Framework
» In the toolbar at the top of the page, click the Properties link next to Page Group.
» Click the Configure tab to bring it forward.
» To enable CMEF, select the Enable Content Management Event Framework check
» Click OK to save your changes.
» Click Close to return to the page.
» Adding a Subscriber to WWSBR_EVENT_Q Running a CMEF Subscriber
» CMEF Message Payload Using the Content Management Event Framework
» Oracle Portal Actions and CMEF Events
» What Is the Content Management Event Framework? Installing the Examples
» Example: Portal Object Event Logging
» Example: Item Validation Oracle Fusion Middleware Online Documentation Library
» Integrating Workflow with Oracle Portal
» Example Overview Example: Integrating External Workflow
» Section 16.8.3.2, Grant Users the Manage Items With Approval Privileges
» Section 16.8.3, Run Scripts Required for the CMEF Workflow Integration
» Section 16.8.3.4, Create Subscriber and Check Procedures
» Section 16.8.3.5, Register the WF_CHECKURL Process with Oracle Workflow
» Enable Approvals and Notifications in Oracle Portal
» To enable approvals and notifications, select the Enable Approvals and
» Grant Users the Manage Items With Approval Privileges
» Go to any page in the page group and switch to Edit mode.
» Click the Approval tab to bring it forward.
» Select the Require Approval for All Users check box
» Create Subscriber and Check Procedures
» Log in to the CMEFSAMPLES schema and run the following: Start a new workflow project.
» Add the CMEF_WORKFLOW Subscriber to the WWSBR_EVENT_Q Queue
» Set the definition value in the provider_name.properties file that is
» From the WebLogic Server menu, choose Application Deployment, and then
» Click Continue. The URL mapping for Web Modules displays. The mappings will
» Click Next. Detailed Example Description
» In the Application Attributes section, for Application Name, enter the application
» Expand Deployment Plan. Detailed Example Description
» Click Deploy. Detailed Example Description
Show more