Introduction to WebCenter Application Security
27.2.4 Default Policy Store Permissions and Grants
The ADF Security permissions model supports both permission-based and role-based authorization. These two types of authorization, and the default Policy Store permissions and code based grants are discussed in the following sections: ■ Section 27.2.4.1, Permission-based Authorization ■ Section 27.2.4.2, Role-mapping Based Authorization ■ Section 27.2.4.3, Default Policy Store Permissions for WebCenter Spaces ■ Section 27.2.4.4, Default Code-based Grants27.2.4.1 Permission-based Authorization
Permission-based authorization is used for services, such as Lists, where access control is implemented within the WebCenter application using Oracle Platform Security Services OPSS. WebCenter Spaces provides extensive user and role management tools with which you can create application roles, and define what permissions should be granted to those roles. For information on managing users and roles in WebCenter Spaces, see Managing Application Roles and Permissions in Oracle Fusion Middleware Users Guide for Oracle WebCenter.27.2.4.2 Role-mapping Based Authorization
Services that need to access remote back-end resources require role-mapping based authorization. For example, for the Discussions service, role mapping is required when the users of a WebCenter application mapping to one or more group space roles must be mapped to another set of roles on the Oracle WebCenter Discussions Server. In WebCenter Spaces: ■ WebCenter Spaces roles are mapped to corresponding roles on the Oracle WebCenter Discussions Server. ■ When a user is granted a new WebCenter Space role, a similar grant privilege is granted in the back-end server. For example, when user Pat is granted Discussions-CreateEditDelete permissions in WebCenter Spaces, Pat is granted corresponding permissions in the back-end discussion server. See also, Understanding Discussions Server Role and Permission Mapping in Oracle Fusion Middleware Users Guide for Oracle WebCenter.27.2.4.3 Default Policy Store Permissions for WebCenter Spaces
Out-of-the box, WebCenter Spaces provides the following default roles: Default application roles: ■ Administrator ■ Authenticated-User ■ Public-User For more information about the default application roles, see Default Permissions for Application Roles in the Oracle Fusion Middleware Users Guide for Oracle WebCenter. Managing WebCenter Portal Application Security 27-7 Default roles in a space: ■ Moderator ■ Participant ■ Viewer For more information about the default role within a space, see Default Permissions for Roles in a Space in the Oracle Fusion Middleware Users Guide for Oracle WebCenter.27.2.4.4 Default Code-based Grants
WebCenter applications make internal calls to APIs on the security platform that are secured with permission checks. Consequently, the WebCenter application must be granted appropriate permissions to invoke the OPSS APIs for example, the permission to access the policy store and grant or revoke permissions PolicyStoreAccessPermission, or grant basic permissions to application roles. In the case of WebCenter Spaces, basic application role permissions are granted by default as described in Default Permissions for Application Roles in the Oracle Fusion Middleware Users Guide for Oracle WebCenter. Similarly, WebCenter applications must pre-authorize access to various operations that it wants to expose using the WebCenter permissions, and then invoke the OPSS APIs as privileged actions.27.2.5 Post-deployment Security Configuration Tasks
After deploying your WebCenter Portal application or WebCenter Spaces, consider the following security-related configuration tasks for your site: ■ Reassociating the identity store to use an external LDAP By default, WebCenter applications use an embedded LDAP for its identity store. Although secure, the out-of-the-box embedded LDAP may not scale appropriately for large enterprise production environments. For instructions on how to configure the identity store to use an external LDAP such as Oracle Internet Directory OID, see Chapter 28, Configuring the Identity Store. Note: By default, Oracle WebCenter Discussions is configured to use the embedded LDAP identity store: All users in the embedded LDAP store can log on to the discussions server, and all users in the Administrators group have administrative privileges on Oracle WebCenter Discussions. If you reassociate the identity store with an external LDAP server, you must either move the Fusion Middleware administrator account to the external LDAP as described in Section 28.5, Moving the Administrator Account to an External LDAP Server , or if you choose not to move the administrator account, you must perform some additional steps to identify the new administrator account for the discussions server as described in Section 28.5.1, Migrating the WebCenter Discussions Server to Use an External LDAP. For WebCenter Spaces, both WebCenter Spaces and Oracle Content Server must share the same LDAP server. For more information, see Section 28.6, Configuring the Oracle Content Server to Share the WebCenter Spaces Identity Store LDAP Server. 27-8 Oracle Fusion Middleware Administrators Guide for Oracle WebCenter ■ Reassociating the policy store to use an external LDAP or database By default, WebCenter Portal applications use a file-based system-jazn-data.xml policy store to store policy grants. You should consider using an LDAP-based or database policy store. For information on how to configure the policy store to use an LDAP server or database, see Chapter 29, Configuring the Policy and Credential Store. ■ Configuring WS-Security Although the use of WS-Security adds complexity to the configuration and management of a WebCenter Portal application and the set of producers it consumes, it helps ensure the security of the information being published by the WebCenter Portal application. Adding WS-Security provides authentication for the consumer, and message-level security. For information on how to configure WS-Security for WebCenter applications and components, see Chapter 32, Configuring WS-Security. ■ Configuring SSO Single Sign-On SSO allows users to log in once across WebCenter applications and components rather than having to log in for each sub-application for example, for accessing a wiki page in WebCenter Spaces. Users do not have to maintain a separate user ID and password for each application or component that they access. However, you can still configure a variety of authentication methods, so that more sensitive applications can be protected using more stringent methods. WebCenter supports four single sign-on solutions: Oracle Access Manager OAM, Oracle Single Sign-on OSSO, a SAML-based single sign-on solution for Oracle WebCenter applications only, and an SSO solution for Microsoft clients, using Windows authentication based on the Simple and Protected Negotiate SPNEGO mechanism and the Kerberos protocol. For a discussion of these solutions and an overview of single sign-on, see Chapter 30, Configuring Single Sign-on. ■ Configuring SSL Secure Sockets Layer SSL provides additional security for connections between WebCenter applications or components by providing an additional authentication layer, and by encrypting the data exchanged. For connections between applications or components where the data exchanged is sensitive, consider securing the connection with SSL. For a list of the connections that can and should be protected with SSL in a production environment, see Chapter 31, Configuring SSL.27.3 Troubleshooting Security Configuration Issues
This section includes the following sub-sections: ■ Section 27.3.1, Webcenter Spaces Does Not Find Users in LDAP Provider ■ Section 27.3.2, Group Space Gets Created with Errors When Logged in as OID User ■ Section 27.3.3, Users Cannot Self-Register when WebCenter Spaces Configured with Active Directory Note: Using SSL is computationally intensive and adds overhead to a connection. SSL should therefore not be used where it is not required, and is best reserved for production environments. Managing WebCenter Portal Application Security 27-9 ■ Section 27.3.4, User Made Administrator Does Not Have Administrator Privileges ■ Section 27.3.5, OmniPortlet Producer Authorization Exception in SSO Environment ■ Section 27.3.6, Deploying the SAML SSO-specific Discussions EAR file Produces an Exception ■ Section 27.3.7, Configuring SAML Single Sign-on Produces 403 Error27.3.1 Webcenter Spaces Does Not Find Users in LDAP Provider
Problem Weblogic Server was configured with an external LDAP provider. Users in the external LDAP can log in to WebCenter Spaces, but when you try to assign the administrator role, in WebCenter Spaces, to a user from the external LDAP, no users are found. Solution Change the Control Flag for the DefaultAuthenticator Authentication Provider to Sufficient as described in Chapter 28, Configuring the Identity Store. Restart the Administration Server and Managed Servers for the domain.27.3.2 Group Space Gets Created with Errors When Logged in as OID User
Problem When logged in to WebCenter as an OID user for example, orcladmin, and you try to create a group space, the group space gets created but with errors. The error message appears as No matching users were found with search string login user. Solution The following property is missing in the jps-config.xml file: property name=jps.user.principal.class.name value=weblogic.security.principal.WLSUserImpl To fix this: 1. Edit MIDDLEWARE_HOMEuser_projectsdomainsWebCenterconfigfmwc onfigjps-config.xml. 2. Add this line in the general properties: property name=jps.user.principal.class.name value=weblogic.security.principal.WLSUserImpl 3. Restart the WLS_Spaces server.Parts
» Oracle Fusion Middleware Online Documentation Library
» WebCenter Spaces Oracle WebCenter Architecture
» Oracle Composer WebCenter Services
» WebCenter Topology Out-of-the-Box Oracle WebCenter Topology
» WebCenter Managed Servers Oracle WebCenter Topology
» WebCenter Startup Order Oracle WebCenter Topology
» WebCenter Dependencies Oracle WebCenter Topology
» WebCenter Configuration Considerations Oracle WebCenter Topology
» WebCenter State and Configuration Persistence
» WebCenter Log File Locations
» Introducing Oracle WebCenter Oracle WebCenter Spaces
» WebCenter Portal Applications Oracle Fusion Middleware Online Documentation Library
» Understanding Administrative Operations, Roles, and Tools
» Performance Monitoring and Diagnostics
» Understanding Security Oracle Fusion Middleware Online Documentation Library
» WebCenter Application Deployment Oracle Fusion Middleware Online Documentation Library
» Oracle WebLogic Server Administration Console
» System MBean Browser WebCenter Spaces Administration
» WebCenter Portal Administration Console
» Data Migration, Backup, and Recovery Role of the Fusion Middleware Administrator
» Customizing WebCenter Spaces for the First Time Roadmap
» Role of the Fusion Middleware Administrator
» Role of the WebCenter Spaces Administrator
» System Administration for WebCenter Spaces Roadmap
» Application Administration for WebCenter Spaces Roadmap
» System Administration for WebCenter Portal Applications Roadmap
» Displaying Fusion Middleware Control Console Navigating to the Home Page for WebCenter Spaces
» Navigating to the Home Page for WebCenter Portal Applications
» Navigating to Dependent Components
» Deployment Roadmap Deploying WebCenter Portal Applications
» Click Next. Select Create and click Next.
» Provide the connection details for the database to which to add the schema by
» Check Create a New Prefix and enter a prefix to be prepended to the schema
» Check the Metadata Services component. All other components should be left
» Click Next, and click OK when prompted by the Prerequisites pop-up.
» Click Next. Creating an MDS Schema Using the Repository Creation Utility
» On the Map Tablespaces page, click Next
» When prompted to create the tablespaces, click OK, and then click OK again when
» On the Summary page, click Create to create the schema.
» Open Fusion Middleware Control and log in to the target domain.
» In the Navigation pane, expand the farm, then WebLogic Domain.
» Select the domain to which you want to deploy.
» From the WebLogic Domain menu, select Metadata Repositories.
» In the Database-Based Repositories section, click Register.
» In the Database Connection section, enter the following information:
» Click Query. Registering an MDS Schema Using Fusion Middleware Control
» Click OK. Registering an MDS Schema Using Fusion Middleware Control
» Register the MDS schema using the following command:
» Choosing the Information Artifact Store
» Select the target servers to deploy the application to see
» Under Target Metadata Repository, click the icon to display the Select metadata
» Click Next. Deploying Applications Using Fusion Middleware Control
» Click the edit icon for Configure ADF Connections to check connection settings
» Click the edit icon for each connection and check that the connection settings are
» Deploying Applications Using WLST
» In the Domain Structure pane, click Deployments.
» On the Deployment Summary pane, click Install.
» Using the Install Application Assistant Path field, locate the EAR file that
» Select Install this deployment as an application for both WebCenter Portal
» Configuring Applications to Run in a Distributed Environment
» Undeploying WebCenter Applications Using Fusion Middleware Control
» Undeploying WebCenter Applications Using WLST
» Removing an Applications Credential Map
» Preserving Application Configuration Redeployment Considerations
» Redeploying WebCenter Applications Using Fusion Middleware Control
» Checking Security Configurations After Deployment
» Checking Application Connections After Deployment
» Checking Data Source Connections
» Tuning the Application Post-Deployment Configuration
» Starting Node Manager Oracle Fusion Middleware Online Documentation Library
» Starting and Stopping Managed Servers for WebCenter Application Deployments
» Starting WebCenter Portal Applications Using Fusion Middleware Control
» Stopping WebCenter Portal Applications Using WLST
» Setting Application Properties for WebCenter Spaces
» Setting Application Properties for WebCenter Portal Applications
» Specifying the BPEL Server Hosting WebCenter Spaces Workflows
» Configuring Search Crawlers for WebCenter Applications
» Exposing WebCenter Spaces Templates From a Previous Release
» Setting Up the MDS Repository
» Setting Up Database Connections
» Setting Up External Application Connections
» What You Should Know About Content Repository Connections
» Roadmap - Configuring Oracle Content Server for WebCenter Spaces
» Roadmap - Configuring Oracle Content Server for WebCenter Portal Applications
» Oracle Content Server 11g - Installation
» Expand the Administration node, then select Admin Server.
» In the Component Manager, click the advanced component manager link.
» In the Install New Component section, select WebCenterConversions.zip from the
» Select OpenOfficeConversion and click Enable.
» In the Conversions table, select the Accept checkbox for HtmToPDFOpenOffice,
» What You Should Know About the WebCenterConfigure Component Consider the
» What You Should Know About Creating Content Profiles in Oracle Content Server
» What You Should Know About Item Level Security Oracle WebCenter allows
» How to Configure Item Level Security To configure Item Level Security ILS:
» From the Administration menu, choose Admin Server to open Component
» In the Component Manager section, click the Advanced Component Manager
» In the Advanced Component Manager page, scroll down to the Disabled
» From the Options pane on left, select General Configuration.
» How to Configure Additional Settings for WebCenter Portal Applications For a
» From the Administration menu, choose Admin Applets.
» On the Administration Applet page, click User Admin to display the User Admin
» From the Security menu, choose Permissions by Group.
» In the Permission By Group dialog, click Add Group.
» How to Create a Folder using the Oracle Content Server Console To create a folder:
» From the Browse Content menu, choose Contribution Folders to display the root
» On the Contribution Folders page, from the New Item menu, choose New Folder
» From the Security Group dropdown, select WikiBlog that you created as
» How to Create Roles Groups using the Fusion Middleware Control Console In this
» In the table under the Summary of Security Realms section, click myrealm, for
» Select the Users and Groups tab and then the Groups subtab.
» Under the Groups section, click New to display the Create a New Group section.
» How to Create Users using the Fusion Middleware Control Console In this section
» Under Domain Structure, click Security Realms.
» In the table under the Summary of Security Realms section, click myrealm, the
» Select the Users and Groups tab and then the Users subtab.
» Under the Users section, click New to display the Create a New User section.
» In the Name field, specify a name, for example Joe.
» In the Password field, specify a password.
» How to Grant a Role to a User using the Fusion Middleware Control Console In this
» How to Migrate Security to a Production Environment For information about
» Oracle Content Server - Security Considerations
» Oracle Content Server - Limitations in WebCenter
» What You Should Know About Microsoft SharePoint Server Installation
» From the Domain Structure pane, click Deployments.
» In the Summary of Deployments section, under Control, click Install.
» In Install Application Assistant, in Note, click the upload your files link in the
» Click Browse next to Deployment Archive, select the
» Select Install this deployment as a library, if not already selected, and click Next.
» In Select deployment targets, select the managed server on which the WebCenter
» Click Next. Installing Oracle WebCenter Adapter for Microsoft SharePoint
» In Optional Settings, accept the defaults and click Finish.
» Installing WLST Command Scripts for Managing Microsoft SharePoint Connections
» Microsoft SharePoint - Configuration
» Oracle Portal - Security Considerations Oracle Portal - Limitations in WebCenter
» File System - Security Considerations
» File System - Limitations in WebCenter
» What You Should Know About Registering Content Repositories for WebCenter Spaces
» Registering Content Repositories Using Fusion Middleware Control
» Changing the Active or Default Content Repository Connection Using Fusion Middleware Control
» Changing the Active or Default Content Repository Connection Using WLST
» Modifying Cache Settings for Content Presenter
» Setting Connection Properties for the WebCenter Spaces Content Repository Using WLST
» Testing Oracle Content Server Connections
» Testing Oracle Portal Connections
» Changing the Maximum File Upload Size
» What You Should Know About the Activity Graph Service
» Configuration Roadmaps for the Activity Graph Service
» Activity Graph Service Prerequisites
» Running the Activity Graph Engines on a Schedule
» Running the Activity Graph Engines on Demand
» Customizing Reason Strings for Similarity Calculations
» Exporting Activity Graph Metadata
» Deleting Activity Graph Metadata
» Setting Up Activity Rank for Oracle Secure Enterprise Search
» Troubleshooting the Activity Graph Engines Schedule and Status Page
» WebCenter Analytics Components What You Should Know About Oracle WebCenter Analytics
» WebCenter Analytics Task Flows
» Configuration Roadmap for the Analytics Service
» Analytics - Installation Analytics Prerequisites
» Analytics - Configuration Analytics Prerequisites
» Analytics - Security Considerations
» Analytics - Limitations Analytics Prerequisites
» Registering an Analytics Collector Using Fusion Middleware Control
» Registering an Analytics Collector Using WLST
» Disabling WebCenter Event Collection Using WLST
» Validating Analytic Event Collection
» Viewing the Current WebCenter Analytic Event List
» Purging Analytics Data Oracle Fusion Middleware Online Documentation Library
» Partitioning Analytics Data Oracle Fusion Middleware Online Documentation Library
» Troubleshooting Issues with Analytics
» What You Should Know About Discussions Server Connections
» Discussions Server - High Availability Installation
» Discussions Server - Configuration
» Discussions Server - Security Considerations
» Discussions Server - Limitations
» Registering Discussions Servers Using Fusion Middleware Control
» Registering Discussions Servers Using WLST
» Choosing the Active Discussion for Discussions and Announcements Using WLST
» Setting Up Discussions Service Defaults
» Setting Up Announcements Service Defaults
» Granting the Administrator Role with WLST Granting the Administrator Role
» Revoking the Administrator Role
» Authentication Failed Troubleshooting Issues with Announcements and Discussions
» Category Not Found Exceptions
» Configuration Roadmaps for the Events Service
» Addmodify connection Microsoft Exchange Server 2007 - Installation
» Open the WSDL file for the Microsoft Exchange Server Web service, for example:
» Add a service section that points to your Microsoft Exchange Server Web
» Under Node computer_name Web Sites Default Web Site EWS, click
» On the Directory Security tab, in the Authentication and access control, click Edit.
» Select Basic authentication. Microsoft Exchange Server 2007 - Security Considerations
» Click OK. Microsoft Exchange Server 2007 - Security Considerations
» Right-click Services.wsdl and choose Edit.
» On the File Security tab, in the Authentication and access control, click Edit.
» Select Enable anonymous access.
» Repeat steps 6 through 9 for Messages.xsd and Types.xsd.
» Microsoft Exchange Server 2007 - Limitations
» Microsoft Exchange Server 2003 - Installation
» Under Node computer_name Web Sites Default Web Site, create a new
» Make sure the folder has Read privileges.
» Right-click the virtual directory and choose Properties.
» On the Virtual Directory tab, under Application settings, click Create.
» Set the Execute permissions to Scripts and Executables.
» On the ASP.NET tab, ensure that the ASP.NET version is 2.0.XXXXX.
» Click Edit Configuration. Microsoft Exchange Server 2003 - Configuration
» Microsoft Exchange Server 2003 - Security Considerations
» Microsoft Exchange Server 2003 - Limitations
» Registering Events Servers Using Fusion Middleware Control
» Deleting Event Server Connections Using Fusion Middleware Control
» Deleting Event Server Connections Using WLST
» Testing Event Server Connections
» Troubleshooting Issues with Events
» What You Should Know About Instant Messaging and Presence Connections
» OCS - Installation Microsoft Office Communications Server OCS Prerequisites
» Install Microsoft Unified Communications Managed API UCMA 2.0 on the OCS
» Remote Deployment In this topology, the WebCenter Proxy Application is
» Building Application Provisioner This section lists the steps Microsoft provides
» Install Visual Studio 2008 on any developer box not necessarily IISOCS.
» Install UCMA version 0 on the same box following the steps in
» OCS - Security Considerations
» Click Next. LCS - Configuration
» Click Finish. The newly created virtual directory appears under Default Web Site
» In the Virtual Directory tab, under Application settings, click Create. Notice that
» Select Scripts and Executables from the Execute permissions dropdown list
» Under the ASP.NET tab, select the ASP.NET version as 2.0 or higher from the
» Click OK. LCS - Configuration
» Ensure that the LSC pool name in the LCS connection has been set.
» Test the Web service by accessing the Web site from the following URL format:
» LCS - Installation LCS - Security Considerations
» OWLCS - Installation Oracle WebLogic Communications Server OWLCS Prerequisites
» OWLCS - Configuration Oracle WebLogic Communications Server OWLCS Prerequisites
» OWLCS - Security Considerations
» OWLCS - Limitations Oracle WebLogic Communications Server OWLCS Prerequisites
» Registering Instant Messaging and Presence Servers Using Fusion Middleware Control
» Registering Instant Messaging and Presence Servers Using WLST
» Modifying Instant Messaging and Presence Connections Details Using Fusion Middleware Control
» Modifying Instant Messaging and Presence Connections Details Using WLST
» Setting Up Instant Messaging and Presence Service Defaults
» Testing Instant Messaging and Presence Connections
» What You Should Know About Mail Server Connections
» Configuration Roadmaps for the Mail Service
» Add the Certificate to the WebCenter Keystore
» Microsoft Exchange Server Considerations
» Mail Server - Security Considerations
» Registering Mail Servers Using Fusion Middleware Control
» Registering Mail Servers Using WLST
» Deleting a Mail Connection Using Fusion Middleware Control
» Setting Up Mail Service Defaults Testing Mail Server Connections
» Mail Service is Not Accessible in Secure Mode
» Mail Service is Not Accessible in Non-Secure Mode
» Unable to Create Distribution Lists in the Non-Secure Mode
» Unable to Create Distribution Lists in the Secure Mode
» Unable to Configure the Number of Mails Downloaded
» Unable to Publish and Archive Space Mail Changing Passwords on Microsoft Exchange
» Mail Content Sent as Attachments
» What You Should Know About Subscription Defaults
» Setting Subscription Defaults Setting Up Default Subscription Preferences
» In the Sender Mail Address field, enter a mail address from which all
» Setting the Connection Type for Notifications Using WLST
» What You Should Know About Overwriting Default Notification Templates
» Overwriting a Default Notifications Template
» Testing the Notifications Connection
» Troubleshooting Issues with Notifications
» What You Should Know About WebCenter Personalization
» WebCenter Personalization Installation Requirements
» WebCenter Personalization Configuration Requirements
» WebCenter Personalization Security WebCenter Personalization Prerequisites
» WebCenter Personalization Limitations WebCenter Personalization Prerequisites
» WebCenter Personalization Configuration Options
» Configuring the Trust Service in the WebCenter Domain
» Configuring the Trust Service in the Integrated WLS Domain
» Configuring Cross-Domain Trust Configuring the WebCenter OPSS Trust Service
» Understanding WebCenter Personalization Connection Information
» Connection Configuration Attributes Creating or Modifying Provider Connection Settings
» Configuring Connections Using WLST
» Editing Connection Settings Using JConsole
» Configuring the CMIS Provider
» Configuring the Activity Graph Provider Configuring the Oracle People Connections Locator
» Configuring Coherence Oracle Fusion Middleware Online Documentation Library
» Configuring the Content Presenter Task Flow Parameters Configuring the Conductor’s Scenario Tags
» Configuring Single Sign-on Oracle Fusion Middleware Online Documentation Library
» Allowing Anonymous Execution of Scenarios
» Disabling Scenario Creation by Anonymous Users Disabling Scenario Creation by Authenticated Users
» What You Should Know About the RSS Service
» RSS Prerequisites Oracle Fusion Middleware Online Documentation Library
» Setting Up a Proxy Server Using Fusion Middleware Control
» Setting Up a Proxy Server Using WLST
» Testing External RSS News Feed Connections
» To connect to a new Oracle SES instance, click Add
» Use the WLST command createSESConnection to create a connection to
» Select the Active Connection checkbox
» Log in to Fusion Middleware Control and navigate to the home page for the
» From the Service Connection drop-down, select Search.
» Select the connection name, and click Delete.
» Deleting Search Connections Using WLST
» Testing Oracle SES Connections
» Setting Up Oracle Content Server for Oracle SES Search
» From the Administration dropdown menu, select Admin Server
» Restart Oracle Content Server.
» Setting Up Oracle WebCenter Discussions for Oracle SES Search
» Configure the Document Service Manager one time for each Oracle SES instance.
» From the Source Type dropdown list, select Oracle Content Server, and click
» Enter the following parameters:
» Click Create Customize or edit a created source to see other source
» Click Enable and select the pipeline you created.
» To crawl a Microsoft SQL Server or IBM DB2 database, download the
» In Oracle SES, go to Home Sources.
» From the Source Type dropdown list, select Database, and click Create
» Click Next. Oracle Fusion Middleware Online Documentation Library
» From the WebCenter menu, choose Settings Application Configuration.
» Setting Up WebCenter for Oracle SES Search
» On the Data Browser tab, navigate to the target cn and click Create. This
» Find the distinguished name DN path, and click Select
» In the Create New Entry dialog, enter properties, and click Next
» Log on to Oracle Content Server as a system administrator. For example:
» Click Create to complete the source creation.
» Configuring Search Crawlers Using WLST
» Oracle SES Crawling No Search Results Found
» Search Failure Errors Cannot Grant View Permissions to WebCenter
» Restricting Oracle SES Results by Source Group or Source Type
» Roadmap - Configuring the Worklist Service for WebCenter Spaces
» Roadmap - Configuring the Worklist Service for WebCenter Portal Applications
» What You Should Know About BPEL Connections
» BPEL Server - Installation and Configuration
» BPEL Server - Security Considerations
» BPEL Server - Limitations in WebCenter
» What You Should Know About Worklist Connections
» To register a new connection, click Add
» Click OK to save this connection.
» Click Test to verify if the connection you created works. For a successful
» Registering Worklist Connections Using WLST
» Select the Worklist check box to activate this Worklist connection in the
» Click OK to update the connection.
» Click Test to verify if the connection you activated works. For a successfully
» Activating a Worklist Connections Using WLST
» Log in to Fusion Middleware Control and navigate to the home page for
» From the list of services on the WebCenter Services Configuration page, select
» Select the Worklist connection you want to activate, and then click Edit.
» Edit connection details, as required. For detailed parameter information, see
» Click Test to verify if the updated connection works. For a successfully updated
» Modifying Worklist Connection Details Using WLST
» Select the Worklist connection you want to delete, and then click Delete.
» To effect this change you must restart the managed server on which the
» Deleting Worklist Connections Using WLST
» adf-config.xml Refers to a Non-Existent BPEL Connection
» adf-config.xml Has No Reference to a BPEL Connection
» No Rows Yet Message Displays
» Users Mismatch in Identity Stores Shared User Directory Does Not Include the weblogic User
» Issues with the wsm-pm Application
» Clocks are Out of Sync for More Than Five Minutes
» Worklist Service Timed Out or is Disabled
» What You Should Know About Portlet Producers
» Registering a WSRP Producer Using Fusion Middleware Control
» Registering a WSRP Producer Using WLST
» Adding a Grant to the Policy Store for a Mapped User Identity
» Registering a WSRP Portlet Producer in WebCenter Spaces
» Registering a WSRP Portlet Producer in WebCenter Portal Applications
» Testing WSRP Producer Connections
» Registering an Oracle PDK-Java Producer Using Fusion Middleware Control
» Registering an Oracle PDK-Java Producer Using WLST
» Registering an Oracle PDK-Java Portlet Producer in WebCenter Spaces
» Registering an Oracle PDK-Java Portlet Producer in WebCenter Portal Applications
» Testing Oracle PDK-Java Producer Connections
» Editing Producer Registration Details Using Fusion Middleware Control
» Editing Producer Registration Details Using WLST
» Migrating WSRP Producer Metadata to a New WSDL URL
» Deploying Portlet Producer Applications Using Oracle JDeveloper
» Deploying Portlet Producer Applications Using Fusion Middleware Control
» Deploying Portlet Producer Applications Using Oracle WebLogic Server Administration Console
» Deploying Portlet Applications Using WLST
» Producer Registration Fails for a WebCenter Portal Application
» Portlet Unavailable: WSM-00101 Exception
» What You Should Know About the Oracle WebCenter Pagelet Producer
» Registering the Pagelet Producer for WebCenter Applications Using Fusion Middleware Control
» Registering the Pagelet Producer for WebCenter Applications Using WLST
» Configuring the Pagelet Producer Service
» General Creating Pagelet Producer Resources and Pagelets
» CSP Creating Pagelet Producer Resources and Pagelets
» On the Autologin page for the resource, expand the Form Login section.
» The login page can be identified by an URL or a regular expression. In the Login
» Set the login form action. In the Form Submit Location section, choose one of the
» To map fields from the form to authentication field sources, either click
» Click Create to add a new row to the Form Fields list.
» Type the name of the HTML form input in the Field Name box.
» For details on how to configure the Source and Value properties, see
» Headers Parsers To delete field mappings, click Delete.
» Consuming WSRP Portlets Oracle Fusion Middleware Online Documentation Library
» Open the Pagelet Producer Console and select Producers from the drop-down
» Using WSRP Producers Click Refresh, then click Save.
» Logging Configuring Pagelet Producer Settings
» Troubleshooting Pagelets Oracle Fusion Middleware Online Documentation Library
» What You Should Know About External Applications
» Registering External Applications Using Fusion Middleware Control
» Registering External Applications Using WLST
» Registering External Applications in WebCenter Spaces
» Registering External Applications in WebCenter Portal Applications
» Modifying External Application Connection Using Fusion Middleware Control
» Modifying External Application Connection Using WLST
» Testing External Application Connections
» Deleting External Application Connections Using Fusion Middleware Control
» Deleting External Application Connections Using WLST
» Deleting External Applications Connections in WebCenter Spaces
» Deleting External Applications Connections in WebCenter Portal Applications
» What You Should Know About REST Services
» Handling Authentication Oracle Fusion Middleware Online Documentation Library
» Introduction to WebCenter Application Security
» Administrator Accounts Application Roles and Enterprise Roles
» File-based Credential Store Default Identity and Policy Stores
» Permission-based Authorization Default Policy Store Permissions and Grants
» Role-mapping Based Authorization Default Policy Store Permissions and Grants
» Default Policy Store Permissions for WebCenter Spaces
» Post-deployment Security Configuration Tasks
» Configuring SAML Single Sign-on Produces 403 Error
» Reassociating the Identity Store with an External LDAP Server
» Tuning the Identity Store for Performance
» Adding Users to the Identity Store Using the WLS Administration Console
» Adding Users to the Identity Store Using an LDIF File
» From the WebCenter menu, select Security - Application Roles.
» Search for the WebCenter Spaces Administrator role:
» Select Select Application Stripe to Search.
» Select webcenter. Oracle Fusion Middleware Online Documentation Library
» Migrating the WebCenter Discussions Server to Use an External LDAP
» Changing the Administrator Group Name
» Restoring the Single Authenticator
» Understanding the REST Service Instance and Identity Asserter
» Setting up the Client Application
» Configuring the WLS Trust Service Asserter
» Reassociating the Credential and Policy Store Using Fusion Middleware Control
» Reassociating the Credential and Policy Store Using WLST
» Reassociating the Policy and Credential Store with a Database Managing Credentials
» Configuring Self-Registration By Invitation in WebCenter Spaces
» Introduction to Single Sign-on
» Installing and Configuring OAM 11g
» Set the control flag to SUFFICIENT and click Save.
» Open the Provider Specific tab.
» From the Domain Structure pane, click Security Realms.
» Click New to create a provider.
» Set the control flag to REQUIRED and check that OAM_REMOTE_USER and
» Navigate to the Provider Settings pane see
Show more