iKnowBase Installation Guide

Welcome to the iKnowBase Installation Guide. Note that this installation guide only covers upgrades from iKnowBase 5.7.2 and newer. If you are upgrading from an older version, you must first upgrade to iKnowBase 5.7.2 using the old upgrade instructions, and then use these upgrade instructions to upgrade to the latest version.

Introduction

This book is conceptually structure into three parts:

Table of contents

  1. iKnowBase Installation Guide
    1. Introduction
    2. Table of contents
  2. Installation topologies
    1. iKnowBase components
    2. Deployment options
      1. The iKnowBase repository
      2. The web tier
    3. Supported infrastructure
  3. Quick installation and upgrade overview
    1. Recommended directory structure
    2. Download and install the iKnowBase software
    3. Prepare the instance-specific home directory and configuration
    4. Install or upgrade the database repository
    5. Create an instance specific web application containing all plugins and patches
    6. Start the iKnowBase application
    7. Next steps
  4. Configuration
    1. Overview
    2. Property sources
      1. System properties
      2. The ikb_installation_properties database table
  5. Database repository
    1. Fresh install
      1. Prepare the database schema
      2. Custom step for Oracle 12c database with Pluggable databases (PDB)
      3. Import startup data based on a export file
    2. Upgrade
      1. Export existing scripts
      2. Prepare the database schema
      3. Upgrade schema and install latest code
      4. Recompile invalid packages
    3. De-installation
    4. Advanced topics
      1. Global runtime preferences
      2. Duplicate an existing installation
      3. Running iKnowBase in a Oracle Enterprise Edition database
      4. Recreating Oracle Text index
  6. Java applications
    1. Overview
    2. Special requirements
    3. Install/upgrade
    4. Web application security
    5. Advanced topics
      1. Deploy with alternative context root (/ikbViewer)
      2. Clustering
  7. The web application runtime module
    1. The in-memory cache manager
    2. The SecureToken engine
  8. Viewer module
    1. ContentServer
    2. PageEngine
    3. SearchClientConfiguration
    4. Activiti BPM Platform
  9. Batch module
    1. ContentIndexer
    2. EmailReader
    3. EmailSender
    4. FileConverter
      1. Understanding the FileConverter
      2. Installing Outside In technology
      3. Configuration properties
      4. Testing and troubleshooting
        1. Running tests
        2. Missing libraries
        3. Missing fonts
    5. ImageEditor
    6. PageEngine
  10. Development Studio module
  11. WebDAV module
    1. Special requirements
      1. License from Milton.io
      2. WebDAV traffic is served from /
      3. SSL
      4. Clustering
    2. Installation
      1. Authentication
    3. Presentation configuration
      1. Launching applications for editing
      2. WebDAV registration for file types
    4. Troubleshooting
      1. Microsoft Office 2011 for Mac requires SSLv3 protocol support
      2. Microsoft Office 2016 for does not currently support forms based authentication
      3. Re-authentication problems with form based login
      4. Word did not save the document (0x80004005)
      5. Browser warning when launching application for direct editing
  12. WebServices module
  13. Instant module
    1. Installation
      1. Special requirements
    2. Configuring the Instant module
      1. InstantQueueServerConfiguration
    3. Testing and troubleshooting
      1. Administration console
      2. Session cookie collision when Instant is deployed to a separate instance with CORS
      3. WebLogic: WARN AtmosphereFrameworkInitializer - WebLogic 12c unable to retrieve Servlet. Please make sure your servlet-name is 'AtmosphereServlet' or set org.atmosphere.servlet to the current value
      4. WebLogic: Log messages related to BlockingIO
  14. Web Application Security
    1. Quick install
    2. Overview
    3. Configuration
    4. Authentication
      1. Default authentication module
        1. Instant
        2. WebDAV
      2. Force a specific authentication mechanism
      3. Available authentication modules
        1. Username and password capable Providers
        2. SAML capable Providers
          1. SAML account connection
          2. SAML and multiple identity providers
          3. SAML and multiple service providers
          4. SAML services and endpoints
          5. SAML verified identity providers
        3. Social capable Providers
        4. Trusted HTTP request header as authentication
        5. iKnowBase Auth Token
          1. iKnowBase Auth Token: LOGIN
          2. iKnowBase Auth Token: ACTIVATION
        6. Authentication token processing
    5. Authorization
      1. Administrator
      2. Development toolkit
      3. iKnowBase 6.5 and earlier versions
    6. Switch user
      1. Switch user access check procedure
      2. Switch user audit procedure
      3. Switch user database object ot_switch_user
      4. Trigger switch user
    7. Logout
    8. Custom security implementation
    9. Examples
      1. Set password for users in iKnowBase User Repository
      2. Form based authentication against iKnowBase User Repository
      3. Custom login form
      4. Basic authentication against iKnowBase User Repository
      5. Username and password authentication against LDAP User Repository
      6. Authentication against LDAP User Repository with mapping for the iKnowBase username
      7. Windows single sign on
        1. Prerequisites
        2. Configure Active Directory (Windows Server 2008 R2)
        3. Configure Web Application Security (SPNEGO and LDAP)
        4. Configure Active Directory for end users
        5. Configure user synchronization for Active Directory users
        6. Using an alternative username
        7. Configuring multiple and separate user dn patterns
        8. Combined Windows single sign on and iKnowBase User Repository
        9. Conditional SPNEGO support
        10. SPNEGO fallback
      8. Explicit authentication trigger with redirect
      9. Integrating with Oracle SSO 10g
        1. Guarantee integrity of HTTP server Osso-User-Dn
        2. Rely on Oracle HTTP Server OSSO plugin
        3. Configure the iKnowBase Header authentication module
      10. Integrating with ADFS using SAML
        1. Enable social infrastructure
        2. Set up iKnowBase as a service provider
        3. Register ADFS identity provider with iKnowBase
        4. Register iKnowBase service provider with ADFS
        5. Map identity provider user account attributes
        6. Login options and verify setup
      11. Switch user database procedures
        1. Package spec
        2. Package body
      12. Enable Social authentication with user activation link
    10. Troubleshooting
      1. I only want to change the configuration for a specific web application
      2. 'AES-256-bit is not supported', 'java.security.InvalidKeyException: Illegal key size' or 'Unable to initialize due to invalid secret key'
      3. Error creating bean with name 'aesBytesEncryptor'
      4. On demand LDAP Sync during login fails
      5. SAML custom ADFS claim as iKnowBase username is not picked up
      6. java.lang.IllegalArgumentException: encryptionPassword is required
      7. Kerberos: Encryption type DES CBC mode with MD5 is not supported/enabled
      8. WebLogic: Basic authentication is not validated by iKnowBase Spring Security
    11. SpringSecurityConfiguration
      1. Debug
      2. Default authentication module
      3. Authentication modules
        1. Basic module configuration
        2. Container module configuration
        3. Form module configuration
        4. FormAuto module configuration
        5. Header module configuration
        6. Spnego module configuration
        7. LDAP UsernamePassword authentication provider
        8. iKnowBase UsernamePassword authentication provider
        9. SAML authentication provider
        10. Social authentication provider
      4. Secure Token authentication
      5. Anonymous / Public authentication provider
      6. iKnowBase User Details
      7. Switch User
      8. User Account Activation
      9. IKB Auth Token
  15. Apache Solr Search Server
    1. Installation
    2. Upgrade an existing SOLR instance
    3. Starting and stopping
    4. Configuration
      1. Security-plugin
      2. SolrCloud
      3. Configure the iKnowBase applications
  16. iKnowBase web server
    1. Preparations
    2. Configure the iKnowBase instance
    3. Run and test the iKnowBase instance
    4. Deploy the applications
      1. Default deployment
      2. Specify applications to deploy
      3. Add custom applications
      4. Customizing the url mount point
      5. Defining virtual hosts
    5. Configure Web Application Security
    6. Configure SSL
      1. Terminating SSL in an external proxy
      2. Configuring SSL listener in iKnowBase web server
      3. Multiple certificates (SNI)
    7. Advanced topics
      1. Specify session cookie domain
      2. Specify session cookie name
      3. Specify work directory
      4. Specify logs directory
      5. Setting max form size
    8. Troubleshooting
      1. Database connections through firewall or on an unreliable network
      2. Unexpected error occurred: java.lang.IllegalStateException: Form too large
      3. Session cookie collision
      4. WARN: bad HTTP parsed: 400 HTTP/0.9 not supported for HttpChannelOverHttp
  17. Installing on Oracle WebLogic Server
    1. Installation and configuration of WebLogic
      1. Non-clustered:
      2. Clustered:
    2. Create and deploy data source
    3. Configure web application security
    4. Deploy applications
      1. Non-clustered
      2. Clustered
        1. Clusters and session replication
    5. Configure user realms (authentication)
      1. Using Oracle Internet Directory for authentication
      2. Using the iKnowBase user repository for authentication
        1. Overview
        2. Installation
        3. Troubleshooting
    6. Configure SSL
      1. Terminating SSL in the application server
      2. Terminating SSL in an external proxy
        1. Terminating SSL using Apache with WebLogic Plugin
    7. Troubleshooting
      1. Database connections through firewall or on an unreliable network
      2. WARN - BEA-101388 - The ServletContext was passed to the ServletContextListener.contextInitialized method of a ServletContextListener that was neither declared in web.xml or web-fragment.xml, nor annotated with javax.servlet.annotation.WebListener
      3. WebServices: java.lang.NoSuchMethodError: oracle.xml.parser.v2.XMLDocument.setSkipNodeNameValidate