Sunday, July 21, 2013

Protect Webcenter portal administration from authenticated users


Scenario - Protect Webcenter portal admin page from authenticated users 

Solution - Authenticated users have view access to Admin.jspx in webcenter portal. When any logged in user access http://<host>:<port>/<ContextPath>/admin it would take them to admin screen,  by default authenticated users do not have any permission to perform actions in administration screen but still its not a good practice for everyone to see admin pages. 

A very simple  and easy way to protect it is to disable permissions for Admin page in jazn-data.xml.

Step 1 - Go to Application Descriptors > jazn-data-xml > Resource Grants > Web Page permission > Select check box - Show web page from ADF libraries.










Step 2 - Admin page is shown in the list, choose it to see the permissions given . By default authenticated users have view access , SO delete default permissions and grant all permissions to Administrators.

Step 3 - Run the application, log in as Authenticated user and try to access /admin, You will see HTTP- 401 unauthorized page :-)

So Now /admin is protected :-)

Saturday, July 13, 2013

Export , Import and Migrate Webcenter spaces across environments.

Scenario - Need to migrate Webcenter spaces from One Environment to another.

Situation - Lately we had a situation to deploy changes done to 12 pages of Webcenter spaces into a production environment which had group spaces , tags, subscription etc., data of real users. So export and import of complete Webcenter spaces is out of equation as it would replace the entire spaces application including the data.


Now a work around needed to specifically deploy selected files.

A brief about spaces deployment- Webcenter spaces stores all the customization in Metadata store, So any change that we do in any of the system pages / New business role page that we create would be stored  in metadata files.

So to migrate Webcenter spaces from one environment to next means we have to move the metadata files to the other environment. There is an option provided in Oracle docs to export the Complete Webcenter spaces and import it back to the next environment.


exportWebCenterApplication(appName, fileName, [exportCustomizations, 
exportSecurity, exportData, server, applicationVersion])

importWebCenterApplication(appName, fileName, [server, applicationVersion])
But the con is export and import will replace the complete environment , in the sense any Group space,Subscriptions, lists, tags , notes , saved searches, etc will get replaced too. So for continuous deployment to Prod environments this is not the ideal way.
Solution - 
In spaces we can customize OOTB system pages / create new page etc. So now lets find out how to deploy those pages customization without complete export and import.

For sample i have customized  MyProfile page by adding the rich text editor , lets see how to migrate this to other environment.
















To understand it better, Try the following WLST command to export the metadata store of spaces.
exportMetadata(application='webcenter',server='WC_Spaces',toLocation='/u01/mydata');

specify the server and toLocation attribute according to your environment.

After executing this command, You would see the complete metadata store in /u01/mydata location.


To find out the customization we did to My profile page browse to this path - 


Original Page path -  /oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_beee_296c916a23ed/businessRolePages/MyProfileMainView.jspx 


Metadata file which has the customization - 

 /oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_beee_296c916a23ed/businessRolePages/mdssys/cust/site/webcenter/MyProfileMainView.jspx.xml 

Here when you open the file you would see the rich text editor we added to the MyProfile page.


<?xml version='1.0' encoding='UTF-8'?>

<mds:customization version="11.1.1.59.23" xmlns:mds="http://xmlns.oracle.com/mds">
<mds:insert parent="pcTopLeft" position="first">
<cust:showDetailFrame xmlns:cust="http://xmlns.oracle.com/adf/faces/customizable" id="e1014861134" text="#{componentExtensionBundle.TEXT}" background="#{changeModeBean.inEditMode ? 'medium' : 'light'}" contentStyle="background-color:transparent;" displayHeader="#{changeModeBean.inEditMode}" showMinimizeAction="none" selectChild="no" showResizer="never" stretchContent="false">
<af:richTextEditor xmlns:af="http://xmlns.oracle.com/adf/faces/rich" id="e957658699" simple="true" contentStyle="width:100%" clientComponent="true" toolboxLayout="font formatCommon color list mode" readOnly="true" value="&lt;span style=&quot;font-weight: bold; font-size: x-large; color: rgb(46, 139, 87);&quot;>Hi i customized this page right now, this one will get stored in MDS repository, lets find it out&lt;/span>" editMode="wysiwyg"/>
</cust:showDetailFrame>
</mds:insert>
</mds:customization>

PageDef of the page -


pageDefs/oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_beee_296c916a23ed/businessRolePages/MyProfileMainViewPageDef.xml


Metadata of the pagedef -

pageDefs/oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_beee_296c916a23ed/businessRolePages/mdssys/cust/site/webcenter/MyProfileMainViewPageDef.xml.xml


Now as we figured out where all our customization data resides , We can deploy only these files ,selectively.


Export the specific files from one (FROM) environment and deploy it to (TO) environment.

Here i export the MyProfile page and its page Def which by itself exports their corresponding metadata files.


exportMetadata(application='webcenter',server='WC_Spaces',toLocation='/u01/mydata',docs='/pageDefs/oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_beee_296c916a23ed/businessRolePages/MyProfileMainViewPageDef.xml,/oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_beee_296c916a23ed/businessRolePages/MyProfileMainView.jspx');


At the end of above command it would say 4 documents transferred successfully which includes their 2 metadata files.

Connect to the other environment using WLST connect and import it there.


importMetadata(application='webcenter',server='WC_Spaces',fromLocation='/u01/mydata',docs='/pageDefs/oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_beee_296c916a23ed/businessRolePages/MyProfileMainViewPageDef.xml,/oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_beee_296c916a23ed/businessRolePages/MyProfileMainView.jspx');

No need to restart , just login to the environment where you did import and browse to Myprofile page to see the rich text editor, Which means you have successfully migrated a page from one environment to next.


This way we can migrate any number of pages without doing a complete export and import, Just add the page paths and their pageDefs in the export command separated by commas.


There are also options to deploy a specific folders using filters in the docs attribute 

Eg - you can migrate entire pages of spaces using
docs='/pageDefs/oracle/webcenter/page/**,/oracle/webcenter/page/**' 
in the exportMedata/importMetadata wlst command.

Hope it helps :-)


Note - This method is useful in continuous deployments to Production environments where we cannot afford to loose any real data.

But to deploy the application that is developed using spaces to Production  / Any environment for the first time , its always advisable to use complete Export and Import.