iKnowBase Installation Guide

Welcome to the iKnowBase Installation Guide. Note that this installation guide only covers upgrades from iKnowBase 5.7.2 and newer. If you are upgrading from an older version, you must first upgrade to iKnowBase 5.7.2 using the old upgrade instructions, and then use these upgrade instructions to upgrade to the latest version.

Introduction

This book is conceptually structure into three parts:

• Part one (comprised of the chapters Installation toplogies, Quick installation and upgrade overview and Configuration overview) gives an overview of the installation. For experience users, the installation and upgrade overview chapter contains most of the required information.

• Part two (comprised of a chapter for the Database repository, one chapter for each of some of the java applications and one chapter for the Solr search server) gives a more detailed understanding of what the installation of these components actually include.

• Part three (comprised of one chapter for each supported servlet- or application server) contains detailed information about installations on that particular platform.

Table of contents

1. iKnowBase Installation Guide
   1. Introduction
   2. Table of contents
2. Installation topologies
   1. iKnowBase components
   2. Deployment options
      1. The iKnowBase repository
      2. The web tier
   3. Supported infrastructure
3. Quick installation and upgrade overview
   1. Recommended directory structure
   2. Download and install the iKnowBase software
   3. Prepare the instance-specific home directory and configuration
   4. Install a new database repository
   5. Upgrade an existing database repository
   6. Configure and start the iKnowBase Web Application
      1. Plugins
      2. Start the iKnowBase application
   7. Next steps
4. Configuration
   1. Overview
   2. Property sources
      1. System properties
      2. The ikb_installation_properties database table
      3. Language settings (NLS)
5. Database repository
   1. Fresh install
      1. Prepare the database schema
      2. Custom step for Oracle 12c database with Pluggable databases (PDB)
      3. Import startup data based on a export file
   2. Upgrade
      1. Export existing scripts
      2. Prepare the database schema
      3. Upgrade schema and install latest code
      4. Recompile invalid packages
   3. De-installation
   4. Advanced topics
      1. Global runtime preferences
      2. Duplicate an existing installation
      3. Running iKnowBase in a Oracle Enterprise Edition database
      4. Recreating Oracle Text index
6. Java applications
   1. Overview
   2. Special requirements
   3. Installing plugins and patches
      1. iKnowBase Web Server (embedded)
      2. Oracle WebLogic
   4. Install/upgrade
   5. Web application security
   6. Advanced topics
      1. Deploy with alternative context root (/ikbViewer)
      2. Clustering
      3. Add custom locations for additional static resources
      4. Limit file upload size
      5. Session configuration
         1. Use native sessions
         2. Specify session cookie domain
         3. Specify session cookie name
         4. Specify session cookie max idle time
         5. Avoiding session cookie collision
7. The web application runtime module
   1. The in-memory cache manager
   2. The SecureToken engine
8. Viewer module
   1. ContentServer
   2. PageEngine
   3. SearchClientConfiguration
   4. Activiti BPM Platform
      1. iKnowBase Process Studio
         1. Troubleshooting: java.lang.NoClassDefFoundError: Could not initialize class sun.awt.X11GraphicsEnvironment
9. Batch module
   1. ContentIndexer
   2. EmailReader
      1. Support non-standard character sets
   3. EmailSender
   4. Transformation Server
   5. PageEngine
10. Development Studio module
11. WebDAV module
    1. Special requirements
       1. License from Milton.io
       2. WebDAV traffic is served from /
       3. SSL
       4. Clustering
       5. Failover on expired session
    2. Installation
       1. Authentication
    3. Presentation configuration
       1. Launching applications for editing
       2. WebDAV registration for file types
    4. Troubleshooting
       1. Microsoft Office 2011 for Mac requires SSLv3 protocol support
       2. Microsoft Office 2016 for does not currently support forms based authentication
       3. Re-authentication problems with form based login
       4. Word did not save the document (0x80004005)
       5. Browser warning when launching application for direct editing
12. WebServices module
13. Instant module
    1. Installation
       1. Special requirements
    2. Configuring the Instant module
       1. InstantQueueServerConfiguration
    3. Testing and troubleshooting
       1. Administration console
       2. Session cookie collision when Instant is deployed to a separate instance with CORS
       3. WebLogic: WARN AtmosphereFrameworkInitializer - WebLogic 12c unable to retrieve Servlet. Please make sure your servlet-name is 'AtmosphereServlet' or set org.atmosphere.servlet to the current value
       4. WebLogic: Log messages related to BlockingIO
14. Web Application Security
    1. Quick install
    2. Overview
    3. Configuration
    4. Authentication
       1. Default authentication module
          1. Instant
          2. WebDAV
       2. Force a specific authentication mechanism
       3. Available authentication modules
          1. Username and password capable Providers
          2. SAML capable Providers
             1. SAML account connection
             2. SAML and multiple identity providers
             3. SAML and multiple service providers
             4. SAML services and endpoints
             5. SAML verified identity providers
          3. Social capable Providers
          4. Trusted HTTP request header as authentication
          5. iKnowBase Auth Token
             1. iKnowBase Auth Token: LOGIN
             2. iKnowBase Auth Token: ACTIVATION
          6. Authentication token processing
    5. Authorization
       1. Administrator
       2. Development toolkit
       3. iKnowBase 6.5 and earlier versions
    6. Switch user
       1. Switch user access check procedure
       2. Switch user audit procedure
       3. Switch user database object ot_switch_user
       4. Trigger switch user
    7. Logout
    8. Custom security implementation
    9. Examples
       1. Set password for users in iKnowBase User Repository
       2. Form based authentication against iKnowBase User Repository
       3. Custom login form
       4. Basic authentication against iKnowBase User Repository
       5. Username and password authentication against LDAP User Repository
       6. Authentication against LDAP User Repository with mapping for the iKnowBase username
       7. Windows single sign on
          1. Prerequisites
          2. Configure Active Directory (Windows Server 2008 R2)
          3. Configure Web Application Security (SPNEGO and LDAP)
          4. Configure Active Directory for end users
          5. Configure user synchronization for Active Directory users
          6. Using an alternative username
          7. Configuring multiple and separate user dn patterns
          8. Combined Windows single sign on and iKnowBase User Repository
          9. Conditional SPNEGO support
          10. SPNEGO fallback
       8. Explicit authentication trigger with redirect
       9. Integrating with Oracle SSO 10g
          1. Guarantee integrity of HTTP server Osso-User-Dn
          2. Rely on Oracle HTTP Server OSSO plugin
          3. Configure the iKnowBase Header authentication module
       10. Integrating with ADFS using SAML
           1. Enable social infrastructure
           2. Set up iKnowBase as a service provider
           3. Register ADFS identity provider with iKnowBase
           4. Register iKnowBase service provider with ADFS
           5. Map identity provider user account attributes
           6. Login options and verify setup
       11. Switch user database procedures
           1. Package spec
           2. Package body
       12. Enable Social authentication with user activation link
    10. Troubleshooting
        1. I only want to change the configuration for a specific web application
        2. 'AES-256-bit is not supported', 'java.security.InvalidKeyException: Illegal key size' or 'Unable to initialize due to invalid secret key'
        3. Error creating bean with name 'aesBytesEncryptor'
        4. On demand LDAP Sync during login fails
        5. SAML custom ADFS claim as iKnowBase username is not picked up
        6. java.lang.IllegalArgumentException: encryptionPassword is required
        7. Kerberos: Encryption type DES CBC mode with MD5 is not supported/enabled
        8. WebLogic: Basic authentication is not validated by iKnowBase Spring Security
    11. SpringSecurityConfiguration
        1. Debug
        2. Default authentication module
        3. Authentication modules
           1. Basic module configuration
           2. Container module configuration
           3. Form module configuration
           4. Header module configuration
           5. Spnego module configuration
           6. LDAP UsernamePassword authentication provider
           7. iKnowBase UsernamePassword authentication provider
           8. SAML authentication provider
           9. Social authentication provider
        4. Secure Token authentication
        5. Anonymous / Public authentication provider
        6. iKnowBase User Details
        7. Switch User
        8. User Account Activation
        9. IKB Auth Token
15. Content Transformation Providers
    1. FileConverter
       1. Understanding the FileConverter
       2. Installing Outside In technology
       3. Configuration properties
       4. Testing and troubleshooting
          1. Running tests
          2. Missing libraries
          3. Fonts not found
          4. Missing fonts
    2. CloudConvert
       1. Understanding the CloudConvert provider
       2. Installation
       3. Configuration properties
       4. Testing and troubleshooting
          1. Transformation fails with HTTP status 40x
          2. Transformation times out
16. Content Studio plugin
17. Apache Solr Search Server
    1. Installation
    2. Upgrade an existing SOLR instance
    3. Starting and stopping
    4. Configuration
       1. Security-plugin
       2. SolrCloud
       3. Configure the iKnowBase applications
18. iKnowBase web server
    1. Spring Boot
    2. Preparations
    3. Configure the iKnowBase instance
    4. Run and test the iKnowBase instance
    5. Configure modules
    6. Configure Web Application Security
    7. Configure SSL
       1. Terminating SSL in an external proxy
       2. Configuring SSL listener in iKnowBase web server
       3. Multiple certificates (SNI)
    8. Advanced topics
       1. Specify temp directory
       2. Configure logging
       3. Setting max form size
       4. Shutdown capability and faster restarts
    9. Troubleshooting
       1. Database connections through firewall or on an unreliable network
       2. Unexpected error occurred: java.lang.IllegalStateException: Form too large
       3. WARN: bad HTTP parsed: 400 HTTP/0.9 not supported for HttpChannelOverHttp
19. Installing on Oracle WebLogic Server
    1. Installation and configuration of WebLogic
       1. Non-clustered:
       2. Clustered:
    2. Create and deploy data source
    3. Configure web application security
    4. Deploy applications
       1. Non-clustered
       2. Clustered
          1. Clusters and sessions
             1. If you change to native sessions (WebLogic sessions)
    5. Configure user realms (authentication)
       1. Using Oracle Internet Directory for authentication
       2. Using the iKnowBase user repository for authentication
          1. IKBAuthenticationPlugin - Overview
          2. IKBAuthenticationPlugin - Installation
          3. IKBAuthenticationPlugin - Troubleshooting
    6. Configure SSL
       1. Terminating SSL in the application server
       2. Terminating SSL in an external proxy
          1. Terminating SSL using Apache with WebLogic Plugin
    7. Troubleshooting
       1. Database connections through firewall or on an unreliable network
       2. WARN - BEA-101388 - The ServletContext was passed to the ServletContextListener.contextInitialized method of a ServletContextListener that was neither declared in web.xml or web-fragment.xml, nor annotated with javax.servlet.annotation.WebListener
       3. WebServices: java.lang.NoSuchMethodError: oracle.xml.parser.v2.XMLDocument.setSkipNodeNameValidate