▼ ValidateContent and CollapseFCKelements components updated

ValidateContent
A visitor pointed out the java class wasn't even packaged. Many apologies to those who downloaded and couldn't get it to work.

CollapseFCKelements
Now compatible with Site Studio 10gR4 9.0.0.718

Download both on my Docs & Files page

► Fixing ssUrlPrefix for HTTPS (vs HTTP)

If you host a site studio site using HTTPS, you may notice some links being incorrectly generated by server-side scripts (ie. ssGetServerRelativePath); specifically, the home page "URL Directory Name" being used as a prefix. This results in broken links, but are otherwise valid when viewed via HTTP.

The reason for this is because the value of ssUrlPrefix changes when using HTTPS (most likely "/home/") vs. HTTP ("/"). Unless you want your homepage to be, for example, http://stellentpmp.blogspot.com/home instead of http://stellentpmp.blogspot.com, ssUrlPrefix should be consistent throughout the site.

So how do we fix this?

► ValidateContent Component

One thing that Oracle UCM doesn't provide out of the box is a way to prevent content, based on file type and size, from being checked in. I never got around to implementing a solution in the past, but after seeing a constant need for it on the OTN Forums (1, 2, etc), I finally decided to set aside some time to create a component to do just that.

My ValidateContent component uses the validateStandard filter, has its own tracing section, and can also check for empty/blank metadata values. You can find it on my Docs & Files page; just be sure to look at readme.txt for help on configuring it for your needs.

Any suggestions and/or bugs, please leave a comment. Good luck.

► mdaw Directory Explained!

The mdaw folders are created based on the 'dispersion rule' of the your FileStore (Administration » Providers » FileStore Info » Edit FileStore » Edit [default] Storage Rule). Basically this rule helps separate your content by storing them into multiple directories.

The default rule is $dRevClassID[-9:-6:0:b]/$dRevClassID[-6:-3:0:b], which basically takes two 3-digit substrings of dRevClassID and encodes it into a Base64 string.

► Collapse empty/blank FCKEditor elements

By default, a contribution region has all its elements expanded when it loads. Depending on the number of elements you have, this can take up valuable screen real estate or even cause excessive scrolling. It can be particularly frustrating if an element is rarely used and takes up half the screen, such as a dynamiclist element that returns zero results.

If you use FCKEditor, however, you're in luck. Simply download and enable my CollapseFCKElements component (found on my Docs & Files page), and all empty/blank and optional elements are automatically collapsed upon load!

Ideally, I would like to have component configuration variables that allow you to control when an element becomes collapsed (ie. CollapseTextElement=true). However, I'm not sure how to pass them to or read them from the javascript files. Any suggestions (or requests), please leave a comment or email me.

► Consider workflow to release site studio content

With Site Studio contributor, every Save/Update is checked in as a new revision that is then immediately released by the content server.  While I think this is status quo for many instances, I urge you to reconsider this out-of-the-box functionality on a case-by-case basis.

Why?  One word:  drafting

► Create your own Tracing Section

If you've written custom java filters, idoc scripts, or services, you've probably added some basic logging using SystemUtils.trace("system", "log message");. However, wouldn't it be nice to separate your logs by creating your own UCM tracing section (GET_SYSTEM_AUDIT_INFO)?  It's easier than you think.

► How "secure" is your Site Studio site?

NOTE: This only applies to sites hosted directly off of Site Studio; meaning, not published via the Site Studio Publishing Utility (SSPU).

If you don't know how content is secured within Site Studio, expand this:

---

Inherently, Oracle UCM uses two levels of content security:  security groups and, optionally, accounts.  Site Studio sits on top of the content server as the presentation layout for the web sites it hosts, but the content is still secured in the same manner.

A Site Studio page consists of:

1. Fragments
2. Layout Files/Page Templates (.hcsp files)
3. Content (data files, native documents, etc)
4. Assets (images, javascript, etc)

At the minimum, unauthenticated visitors need to have (R)ead access to every piece mentioned above in order to view a Site Studio site unfettered.  This "anonymous user" access is defined by a combination of the Guest role and the account(s) identified by the DefaultAccounts config variable.

---

In my experience, many places have a poorly designed security and metadata model (not to mention an un-normalized one).  As a result, I have seen many implementations give the anonymous user (R)ead access to ALL security groups and the #all account.  In my opinion, there is no chance that 100% of your content is "web ready" and insensitive by nature.  Is it possible?  Sure, but I'm more likely to be the Redskins' quarterback next year, so why expose your web site and content server unnecessarily?

What's my point in all this?

What if I were to say that I could obtain copies of your entire fragment libraries, along with your layout pages, and also know the names and email addresses of those who edited them?

How?

► Credential Maps - Tips & Tricks

NOTE:  This post assumes you authenticate externally with Active Directory (AD), have a basic understanding of its schema and Security Groups (ADSGs), already have a working LDAP provider, and have a separate LDAP role/account prefix for each of your UCM instances.

Chances are that if you authenticate externally, you've tested your luck with credential maps.  I say "luck" because deciphering its syntax for the first time is akin to waiting in line to use the restroom:  frustratingly painful.  In a nutshell, credential maps are a part of the ProxyConnections8 component that allow you to link ADSGs (and their members) to Oracle UCM roles and/or accounts.

If you need a credential map that can link everything one-to-one:

---

ADSG		Role/Account
admin	»	admin
contributor	»	contributor
intern	»	intern
Corporate_R	»	Corporate(R)
ImageLibrary_RW	»	ImageLibrary(RW)

---

use the following:

---

#Maps all roles

|#all|,       %%

#Maps all accounts

@|#all|,    @%%

---

Note:  the #all term does not refer to an ADSG named #all; it is a reserved keyword to signify ALL ADSGs listed within the LDAP Role/Account Prefix OU.

As powerful as the above map is, it has one fundamental flaw:

It doesn't map the #none and #all accounts

► Build a smarter workflow approval step

Even though workflow has its uses, it's pretty rough around the edges.  One thing that should be built in is recognition of its own approvers; meaning, it should be smart enough to skip any step if the dDocAuthor is one of the assigned approvers of the step.  Why should you needlessly approve your own content if you're one of its approvers?

Bypass this redundant workflow step by adding this token to it:                       +Expand

---

<$executeService("GET_ALIASES")$>

<$skipStep=0$>

<$aliasToUse="[AliasName]"$>

<$if rsExists("AliasUserMap")$>

    <$loop AliasUserMap$>

        <$if strEquals(AliasUserMap.dAlias, aliasToUse)$>

        <$if strEquals(AliasUserMap.dUserName, #active.dDocAuthor)$>

            <$skipStep=1$>

            <$break$>

        <$endif$>

        <$endif$>

    <$endloop$>

    <$if isFalse(skipStep)$>

        <$exec rsFirst("AliasUserMap")$>

        <$loop AliasUserMap$>

            <$if strEquals(AliasUserMap.dAlias, aliasToUse)$>

            <$if not strEquals(AliasUserMap.dUserName, #active.dDocAuthor)$>

                <$wfAddUser(AliasUserMap.dUserName, "user")$>

            <$endif$>

            <$endif$>

        <$endloop$>

    <$endif$>

<$endif$>

---

Just remember to change [AliasName] to an actual alias that exists in your system.

Good luck.