Transcription
Oracle WebCenter SitesAdministrator’s Guide for theWeb Experience Management Framework11g Release 1 (11.1.1) Bundled Patch 1October 2012
Oracle WebCenter Sites Administrator’s Guide for the Web Experience Management Framework,11g Release 1 (11.1.1) Bundled Patch 1Copyright 2012 Oracle and/or its affiliates. All rights reserved.Primary Author: Tatiana Kolubayev, Melinda RubenauContributor: Ravi KhanujaThis software and related documentation are provided under a license agreement containing restrictions onuse and disclosure and are protected by intellectual property laws. Except as expressly permitted in yourlicense agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify,license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means.Reverse engineering, disassembly, or decompilation of this software, unless required by law forinteroperability, is prohibited.The information contained herein is subject to change without notice and is not warranted to be error-free. Ifyou find any errors, please report them to us in writing.If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it onbehalf of the U.S. Government, the following notice is applicable:U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technicaldata delivered to U.S. Government customers are "commercial computer software" or "commercial technicaldata" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplementalregulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to therestrictions and license terms set forth in the applicable Government contract, and, to the extent applicableby the terms of the Government contract, the additional rights set forth in FAR 52.227-19, CommercialComputer Software License (December 2007). Oracle America, Inc., 500 Oracle Parkway, Redwood City,CA 94065.This software or hardware is developed for general use in a variety of information management applications.It is not developed or intended for use in any inherently dangerous applications, including applications thatmay create a risk of personal injury. If you use this software or hardware in dangerous applications, then youshall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure itssafe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of thissoftware or hardware in dangerous applications.Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks oftheir respective owners.Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks areused under license and are trademarks or registered trademarks of SPARC International, Inc. AMD,Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of AdvancedMicro Devices. UNIX is a registered trademark of The Open Group.This software or hardware and documentation may provide access to or information on content, products,and services from third parties. Oracle Corporation and its affiliates are not responsible for and expresslydisclaim all warranties of any kind with respect to third-party content, products, and services. OracleCorporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to youraccess to or use of third-party content, products, or services.
3Table ofContentsAbout This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Related Documents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6Third-Party Libraries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61Welcome to Oracle WebCenter Sites: WEM Framework . . . . . . . . . . . . . . . . 7Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Administrative Roles and Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10General Administrator. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10Site Administrator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10All Administrators. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10WebCenter Sites Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Sample Sites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Quick Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Logging In and ‘Quick Tour’ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14Next Steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163Creating and Authorizing Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Creating Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Authorizing Users to Work with Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22Authorizing a Predefined User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28Authorizing Developers to Register Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29Ask Your Developers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30Resources and Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30Roles and Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30Predefined Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30Oracle WebCenter Sites Administrator’s Guide for the Web Experience Management Framework
Table of Contents4Configuring REST Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31REST Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32Security Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32Configuring REST Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33Privilege Resolution Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33Authorizing Users to Access Application Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33Viewing REST Security Configurations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34Creating a Group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36Adding Users to a Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37Configuring Security for REST Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39REST Security Configuration Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41Configuring REST Security for ACL Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42Configuring REST Security for Application Resources . . . . . . . . . . . . . . . . . . . . . . . 43Configuring REST Security for Asset Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44Configuring REST Security for Asset Type Resources . . . . . . . . . . . . . . . . . . . . . . . 45Configuring REST Security for Group Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . 46Configuring REST Security for Indexed Asset Type Resources . . . . . . . . . . . . . . . . 47Configuring REST Security for Role Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48Configuring REST Security for Site Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49Configuring REST Security for User Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50Configuring REST Security for UserDef Resources . . . . . . . . . . . . . . . . . . . . . . . . . 51Configuring REST Security for UserLocale Resources . . . . . . . . . . . . . . . . . . . . . . . 525Working with Sites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53Managing WebCenter Sites CM Sites in the WEM Framework . . . . . . . . . . . . . . . . . . . 54Enabling Tree Tabs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576WEM Admin Quick Reference. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59Quick Tips for Managing the WEM Framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60Managing Sites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61Managing Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63Managing Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64Managing Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66Managing Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67Oracle WebCenter Sites Administrator’s Guide for the Web Experience Management Framework4
5About This GuideThis guide contains information about using the WEM (Web Experience Management)Admin interface to authorize Oracle WebCenter Sites users to access applications thatcommunicate with the WebCenter Sites database. This guide begins with an overview ofthe WEM Framework and moves on to describe the process of using the WEM Admininterface to create and authorize users to work with applications running on WebCenterSites. The last chapter in this guide provides a quick reference for managing the WEMFramework.Applications discussed in this guide are former FatWire products. Naming conventions arethe following: Oracle WebCenter Sites is the current name of the application previously known asFatWire Content Server. In this guide, Oracle WebCenter Sites is also calledWebCenter Sites. Oracle WebCenter Sites: Web Experience Management Framework is the currentname of the environment previously known as FatWire Web Experience ManagementFramework. In this guide, Oracle WebCenter Sites: Web Experience ManagementFramework is also called Web Experience Management Framework, or WEMFramework.AudienceThis guide is mainly for WebCenter Sites general administrators. Certain sections are forboth general administrators and site administrators of WebCenter Sites. Users are assumedto have a comprehensive knowledge of their company’s site design and the objects in theWebCenter Sites database (such as sites, users, roles and the data model). Users shouldalso be familiar with the WebCenter Sites Representational State Transfer (REST) API,which ships with the WEM Framework.Related DocumentsFor more information, see the following documents: Oracle WebCenter Sites: Web Experience Management Framework REST APIResource Reference.Oracle WebCenter Sites Administrator’s Guide for the Web Experience Management Framework
About This Guide Oracle WebCenter Sites Developer’s Guide for the Web Experience ManagementFramework.ConventionsThe following text conventions are used in this guide: Boldface type indicates graphical user interface elements that you select. Italic type indicates book titles, emphasis, or variables for which you supply particularvalues. Monospace type indicates file names, URLs, sample code, or text that appears on thescreen. Monospace bold type indicates a command.Third-Party LibrariesOracle WebCenter Sites and its applications include third-party libraries. For additionalinformation, see Oracle WebCenter Sites 11gR1 Bundled Patch 1: Third-Party Licenses.Oracle WebCenter Sites Administrator’s Guide for the Web Experience Management Framework6
7Chapter 1Welcome to Oracle WebCenter Sites: WEMFrameworkThis chapter provides an overview of the Oracle WebCenter Sites: Web ExperienceManagement (WEM) Framework and its administrators.This chapter includes the following sections: Overview Administrative Roles and Permissions WebCenter Sites Applications Sample Sites Quick ReferenceOracle WebCenter Sites Administrator’s Guide for the Web Experience Management Framework
Chapter 1. Welcome to Oracle WebCenter Sites: WEM Framework8OverviewOverviewOracle WebCenter Sites: Web Experience Management (WEM) Framework provides thetechnology for developing applications and integrating them with Oracle WebCenter Sites.A single administrative interface, WEM Admin, supports centralized applicationmanagement and user authorization. Single sign-on enables users to log in once and gainaccess to all applications allowed to them during the session.The WEM Framework requires a content management platform. In this release, theFramework runs on Oracle WebCenter Sites and ships with the WebCenter SitesRepresentational State Transfer (REST) API. Objects in the WebCenter Sites database,such as sites, users, and data model map to REST resources in the WEM Framework.When implemented on the WEMFramework, applications communicate withthe WebCenter Sites database throughREST services. The applications appear inWEM Admin as list items on the Appspage (Figure 1). Administrators authorizeusers, which involves configuring access toapplications and their resources. To thisend, the WEM Admin interface exposesauthorization items (along withapplications) through links on themenu bar.Figure 1:Apps Page, WEM AdminApplicationsListOracle WebCenter Sites Administrator’s Guide for the Web Experience Management Framework
Chapter 1. Welcome to Oracle WebCenter Sites: WEM Framework9OverviewCoupling the items as shown in Figure 2 enables applications for users.Figure 2:Authorization Model Applications and users are assigned to sites via roles. Sharing a role to a user and an application on the same site grants the useraccess to the application on that site. Users are assigned to groups, which control access to applications’ resources(REST layer). ACLs are assigned to users, providing them with access to the system.Using WEM Admin, general administrators can create and otherwise managesites, applications, users, and roles. Groups and ACLs must be configured in theWebCenter Sites Admin interface. They are exposed in WEM Admin, in useraccounts.Once the coupling is complete, users are authorized at the database, REST, and applicationlevels.Roles control accessto sites andapplicationson the sitesGroups in WebCenter Sitescontrol permissions to REST(applications’ resources)ACLs control access to thedatabaseExperienced WebCenter Sites administrators will recognize that the WEM Admininterface extends the use of sites and roles to control access to applications. Roles can alsobe used within applications to protect interface functions (as in WebCenter Sites) andtherefore regulate access to the applications’ content.Unlike WebCenter Sites, WEM Admin does not expose the data model. The REST APIdoes. In this respect, WEM Admin can be thought of as strictly an authorization interface,supported by the WebCenter Sites Admin interface (for configuring ACLs and groups).The rest of this guide provides instructions for creating and authorizing users, as well asguidelines for managing sites.Oracle WebCenter Sites Administrator’s Guide for the Web Experience Management Framework
Chapter 1. Welcome to Oracle WebCenter Sites: WEM Framework10Administrative Roles and PermissionsAdministrative Roles and PermissionsThe WEM Framework supports two types of administrators: general and siteadministrators.General AdministratorA general administrator has complete control of the system and full permissions to theWEM Admin interface: Sites, Apps, Users, and Roles. Using WEM Admin, generaladministrators can add and delete sites, applications, users, and roles; modify their details;and perform authorization tasks.A general administrator in the WEM Framework is a WebCenter Sites generaladministrator who is also specially configured for the WEM Framework. During theWebCenter Sites installation process, the default general administrator (fwadmin) wasautomatically assigned to the RestAdmin group for unrestricted access to REST services,and enabled on AdminSite where the WEM Admin application runs by default. Thedefault general administrator must not be deleted.You can create equivalent general administrators, as many as necessary, and you mustmodify pre-existing general administrators by adding them to the RestAdmin group andAdminSite (via the GeneralAdmin role). Instructions are available in “Creating Users,” onpage 18. For more information about WEM-related changes to WebCenter Sites, see theWebCenter Sites installation guides.Site AdministratorSite administrators are assigned by general administrators to selected sites, where theymanage site users and applications. When users are assigned the SiteAdmin role in a siteother than AdminSite they are implicitly assigned the SiteAdmin role in AdminSite.Users cannot be assigned the SiteAdmin role in only AdminSite. In the WEM Admininterface, site administrators can access only the “Sites” screen. They can perform thefollowing operations on the sites to which they are assigned: Assign and remove users to and from sites Assign and remove applications to and from sites Modify the role assignments of site users Modify the role assignments of applications on the sitesA site admin cannot create, modify, or delete sites, users, and roles. (Your permissionsdetermine which screens and interface functions WEM Admin displays to you.)Site administrators on WebCenter Sites systems running the WEM Framework must bespecially configured for WEM. They must be assigned to the SiteAdmin AdminSitegroup, a default REST security group configured in the WebCenter Sites Admin interface.Instructions are available in “Creating Users,” on page 18.All AdministratorsAll WEM Framework administrators must be experienced WebCenter Sites users.Oracle WebCenter Sites Administrator’s Guide for the Web Experience Management Framework
Chapter 1. Welcome to Oracle WebCenter Sites: WEM Framework11WebCenter Sites ApplicationsWebCenter Sites ApplicationsThe WebCenter Sites Contributor and Admin interfaces are registered applications. Theyare listed on the Apps page of the WEM Admin interface. WebCenter Sites users canaccess the applications from the WEM Framework once they are authorized at theapplication level. They can also continue accessing the WebCenter Sites applicationsdirectly, at the usual URL. The login screen is the following:Sample SitesYour WebCenter Sites system may have been installed with sample sites, in which cas
Oracle WebCenter Sites: Web Experience Management Framework is the current name of the environment previously known as FatWire Web Experience Management Framework. In this guide, Oracle WebCenter Sites: Web Experience Management Framework is also called Web Experience Management Framework, or WEM Framework. Audience
