Professional Documents
Culture Documents
SAP Content Server: Purpose
SAP Content Server: Purpose
Purpose
The SAP Content Server is based on the SAP DB and is available on Windows NT Server and Windows 2000 Server from release 4.6. Therefore besides the SAP DB an e!ternal "ontent server is alwa#s available in ever# SAP s#stem installation. $n this wa# the ne"essar# te"hni"al infrastr%"t%re is &rovided for all do"%ment'"entri" a&&li"ations and b%siness s"enarios that do not re(%ire a lon)'term ar"hivin) sol%tion. Sin"e the SAP Content Server is also inte)rated via the *TTP interfa"e +see SAP *TTP Content Server 4., $nterfa"e- the a"t%al stora)e medi%m %sed remains "om&letel# trans&arent to SAP a&&li"ations. This means that the stora)e medi%m "an be "han)ed at an# time.
.or /0TP do"%mentation and information on the SAP DB tools see the do"%mentation %nder mySAP Technology Components SAP DB: Database 1ana)er 23$4 SAP DB 5.6 Database 1ana)er C0$4 SAP DB 5.6 S70 St%dio4 SAP DB 5.6 8eferen"e 1an%al4 SAPDB 5.2 and 5.6 8e&li"ation 1ana)er4 SAP DB A&&li"ations that "an %se the te"hni"al infrastr%"t%re of the SAP Content Server in"l%de the SAP B%siness Wor9&la"e SAP Ar"hive0in9 the Do"%ment 1ana)ement S#stem +D1S- and the :nowled)e Wareho%se.
Implementation Considerations
The installation &ro"ed%re for the SAP Content Server is des"ribed in the SAP Content Server Installation Guide whi"h is also available in both ;n)lish and 2erman as a PD. do"%ment on the SAP Server Components2 CD.
Constraints
The SAP Content Server is not intended to re&la"e o&ti"al stora)e s#stems and other stora)e media for lon)'term ar"hivin) of do"%ments.
.or more information see the SAP 0ibrar# %nder Kno ledge Provider in the se"tion SAP Content Server Administration.
Monitoring
The :nowled)e Provider<s Content 1ana)ement Servi"e +C1S- is %sed to monitor the Content Server. The C1S is a servi"e of the $T infrastr%"t%re &rovided b# :nowled)e Provider within the framewor9 of SAP Web A&&li"ation Server. The "entral feat%re of the C1S is that it is desi)ned to be "om&atible with different t#&es of stora)e media. $n other words the C1S f%n"tions as an interfa"e between "ontent servers and the SAP s#stem.
The basis of the SAP Content Server is the Content Server !ngine. The en)ine is im&lemented as an $SAP$ e!tension in 1i"rosoft $nternet $nformation Server. The en)ine re"eives all 380s "he"9s their validit# and tri))ers the &ro"essin) of re(%ests. The SAP Content Server saves data to the SAP database +SAP DB-. *owever the Content Server en)ine does not "omm%ni"ate dire"tl# with the SAP DB. $t %ses an ada&ter 9nown as the "ontent stora)e la#er. The stora)e la#er hides the s&e"ifi" a""ess me"hanisms of the stora)e medi%m behind a "onsistent b#testream'oriented interfa"e. This means that one server en)ine "an s%&&ort several stora)e media. /nl# the stora)e la#er has to be im&lemented ever# time. $n the "ase of the SAP Content Server the stora)e la#er %ses the SAP DB "lient driver to a""ess the database server. The SAP DB administrates the individ%al re&ositor# tables in whi"h the do"%ments are stored.
The SAP DB version is inde&endent of the SAP release. SAP DB version 5.2 is in"l%ded in the SAP release 4.6C &a"9a)e. This version of the SAP DB has a "a&a"it# of 64 terab#tes +ma!im%m-. $n the %nli9el# event of this s&a"e bein) %sed %& another database "an be installed. ;as#'to'%se and stable SAP DB administration tools are shi&&ed with the SAP Content Server. These "an be %sed to ma9e a%tomati" ba"9%&s for e!am&le. The interfa"e whi"h is based on the *TTP &roto"ol de"o%&les the stora)e s#stems involved. Several well'9nown &roviders of stora)e s#stems have s%""essf%ll# im&lemented the "ertifi"ation &ro"ed%re.
The followin) se"%rit# me"hanisms "o%ntera"t these ris9s4 Se"%re 380s ;n"oded Data Transfer Se"%rit# 1e"hanisms A)ainst Data 0oss A""ess Prote"tion for Administration
Secure URLs
Protection Against Unauthorized Access to Stored Content
To &revent %na%thori?ed a""ess to stored "ontent on the SAP Content Server the SAP s#stem "arries o%t an a%thori?ation "he"9. *owever the SAP Content Server is a""essed b# means of the o&en SAP Content Server interfa"e +see also SAP Content Server *TTP 4., $nterfa"e-. 380s m%st be se"%re so that the# allow onl# a%thori?ed a""ess to stored "ontent and "orres&ondin)l# so that for)ed re(%ests are reAe"ted. To ma9e a 380 se"%re it is )iven a "hara"teristi" +li9e a watermar9 on a ban9note- whi"h allows the re"eiver to dete"t whether or not the 380 has been tam&ered with +li9e if the watermar9 is missin) from a ban9note-. $n the "ase of a Content Server 380 the "hara"teristi" in (%estion is the si)nat%re. The si)nat%re is an en"oded "o&# of the 380 itself and is transferred to the "ontent server as &art of the 380. A si)ned 380 "ontains the additional &arameters expiration +see also Parameters and :e#words- and se":e# +di)ital si)nat%re-. A si)ned 380 is onl# valid if the e!&iration time has not been e!"eeded and if it "ontains a valid si)nat%re.
The "ontent server de"odes the si)nat%re and "om&ares it with the 380 it re"eived. The "ontent server onl# e!e"%tes the re(%est if the 380 and the si)nat%re mat"h. $f an intr%der "han)es the &lainte!t in the 380 the si)nat%re will not mat"h the 380. The "ontent server will a""ordin)l# reAe"t the re(%est. The si)nat%re is based on the 8SA &ro"ed%re and 1D, hashin). The 8SA &ro"ed%re is also 9nown as the &%bli" 9e# &ro"ed%re. This &ro"ed%re is based on a &rivate and a &%bli" 9e#. >o% need the &rivate 9e# to "reate the si)nat%re. >o% need the &%bli" 9e# to "he"9 the validit# of the si)nat%re. .or a des"ri&tion of the te"hni"al details of this &ro"ed%re see the do"%mentation Se"%re Store B .orward C Di)ital Si)nat%res +BC'S;C' SS.-. As the main &artner in the three'wa# relationshi& of "lient D SAP s#stem D "ontent server the SAP s#stem is the onl# &artner that ma# send re(%est 380s to the "lient. Be"a%se of this the SAP s#stem has to "reate the 380 si)nat%re %sin) a &rivate 9e#. The &%bli" 9e# + Certifi"ate- of the SAP s#stem m%st be stored on the "ontent server and the relevant re&ositor# m%st have a""ess to it +see also Content 8e&ositories-. Transa"tions OAHT OAC0 +from release 4.6C- and CSADMIN +from release 4.6C for SAP Content Server see also Content Server and Ca"he Server Administration- are %sed to transfer the "ertifi"ate. The "ertifi"ate has to be a"tivated on the "ontent server for the re&ositor# in (%estion. This is done %sin) transa"tion CSADMIN +for SAP Content Server-.
;ver# SAP s#stem m%st have its own %ni(%e "ertifi"ate so that the SAP s#stem<s di)ital si)nat%re "an be %sed &ro&erl#. See the se"tion Creatin) a S#stem'S&e"ifi" Certifi"ate for Content Server A""ess.
Si)ned 380s "an slow down &erforman"e as it ta9es in"reased &ro"essin) &ower to "reate the si)nat%re.
"ote #hen ma$ing a %ac$up that in addition to the data%ase& the file ContentServer.ini and the directory Security must also %e %ac$ed up. See also note 6EF662 +Content Server Ba"9%&
Strate)ies-.
Content Server Administration is %sed for the "he"9in) &ro"ess itself +see also Content Server and Ca"he Server Administration-. This ta9es &la"e in transa"tion CSADMIN on the tab &a)e Certifi"ates.
Carr# o%t the &ro"ed%re des"ribed below for "reatin) a "ertifi"ate for Content Server a""ess %efore "reatin) re&ositories. $f #o% do this after #o% "reate re&ositories #o% will have to re'send the "ertifi"ates to all *TTP re&ositories and rea"tivate all the "ertifi"ates. This is be"a%se the "ertifi"ate "han)es when #o% "reate a new PS;. $f #o% are a""essin) the database via *TTP +see also *TTP A""ess for 8e&ositories on the SAP Web A&&li"ation Server- #o% also have to redistrib%te and rea"tivate the "ertifi"ates.
Procedure
Take the following steps to create your own PSE: 1. Call transaction STRUST. The Trust Manager opens. 2. Choose Applications. 6. Choose "e !ntries. 4. 3se .4 *el& to sele"t #TTP Content Server and "onfirm this b# "hoosin) !nter. Additional fields for a&&li"ation's&e"ifi" Se"%re Store B .orward +SS.- &arameters and standard val%es for em&t# fields are )ra#ed o%t. ,. 1a9e the followin) entries4 a. b. c. d. e. In the field Security/Product& enter SAPSECULIB+ In the field SS or!at& choose Internationa !"tan#ar#!P$CS%&+ In the field Priv. add. book& enter SAPHTTPCS.p"e+ In the field SS profile& also enter SAPHTTPCS.p"e+ In the field SS Profile"#& enter CN'(Co))on!na)e*+OU'(Or,ani-ation! Unit*+O'(Or,ani-ation*+C'(Country*+ or e-ample/ CN'BCECS+OU'DE.+O'SAP/A0+C'DE f+ 0+ 7. 1+ 2+ 34+ Chec$ #istribute PSE $%nly S&PSEC'(")*+
Save your entries+ Call transaction STRUST again+ Select +TTP Content Server+ Choose ,eplace from the conte-t menu+ Confirm this at the confirmation prompt+
*-ample
The *TTP Content Server PS; lin9s to a s#stem's&e"ifi" PS;. This means that #o% "an s&e"if# that #o% no lon)er want to %se a s&e"ifi" "ertifi"ate for e!am&le. $n this "ase #o% have to o&en Content Server Administration and delete the "ertifi"ate in all re&ositories. >o% also have to delete it from the "ertifi"ate list.
To ensure that only authorized persons have administrative access to the SAP Content Server from the SAP system& you need to set the parameter A#)inSecurity in the file ContentServer.ini on the SAP Content Server to 1/ A#)inSecurity'1+ .or more information see the se"tion CSAD1$N and the installation do"%mentation SAP Content Server Installation Guide.
"s shown in the graphic, SOFF#B is the default content categor$ assigned to the SOFFPHIO class. %his means the documents are stored on the S"P #B. %o use the S"P &ontent Server or an e'ternal content server, $ou have to ma!e some settings. %hen $ou can store Business or!place documents on the content server.
Process lo#
Process lo# 3+ Creation of content repository for connecting to the content server Procedure a+ In the Implementation 7uide (IM7) (transaction SPR8) choose )asis )asis Services -nowledge Provider Content Manage!ent Service #efine Content ,epositories + %+ Create a content repository for the storage category 9TTP content server+ This content repository #ill contain the connection details to your content server+ To do this follo# the IM7 documentation for this activity+ a+ In the Implementation 7uide (transaction SPR8) choose )asis
have created+
)asis Services -nowledge Provider Content Manage!ent Service #efine Content Categories + %+ Select the entry S8 9TTP %y dou%le' clic$ing on it+ c+ In the Content ,epository field enter the name of the content repository that you created for your content server+ d+ Choose +
a+ %+
*nter transaction S<PR41+ The previous !e!ory category SO22DB! is already specified for the class S8 P9I8+ In the .ew Category field enter S8 9TTP+ Choose +
c+
Result
Once $ou have completed the settings, new P& documents created in the Business or!place and binar$ documents will be stored on the content server $ou defined. #ocuments stored in the Business or!place before this time point, will remain in the database used up to now.
The "ontent "ate)or# S/..DB establishes the "onne"tion to this database and m%st not be "han)ed or deleted.
Cache Servers
Purpose
The &%r&ose of the Ca"he Server is to &rovide the followin) benefits4 E. Seamless trans&arent inte)ration into e!istin) "ontent server lands"a&es 2. Si)nifi"ant red%"tion in "lient res&onse times 6. As little administration wor9 as &ossible Ca"he servers are %sed to s&eed %& a""ess to do"%ment "ontent. This is &arti"%larl# %sef%l if the "ontent is re(%ired for dis&la# in a Web browser for e!am&le. Ca"he servers "an also red%"e the networ9 load and thereb# enhan"e &erforman"e. $t is therefore also a tas9 of the "a"he to &rovide the "lient with do"%ments from a &h#si"all# "lose lo"ation even if the "ontent server is lo"ated on a different "ontinent.
Ca"hes are %sed in man# areas. .or e!am&le 1S $nternet ;!&lorer %ses a lo"al "a"he on the %ser=s hard dis9. Ca"he servers are similar to "ontent servers b%t re(%ire less administration with the same level of a""ess &rote"tion.
The Ca"he Server onl# %ses *TTP. To ma9e this &ossible SAP Content Server *TTP $nterfa"e has been e!tended +see SAP Content Server *TTP 4., $nterfa"e-. B# %sin) "a"he servers #o% are sim&l# e!tendin) #o%r e!istin) infrastr%"t%re in a trans&arent wa#. There is no need to re' str%"t%re the e!istin) "ontent server lands"a&e.
Implementation Considerations
The "a"he server is installed from the SAP Server Components2 CD'8/1 as &art of the installation of the SAP Content Server. $nstallation instr%"tions in PD. format are &rovided in both ;n)lish and 2erman on this CD'8/1 in the dire"tor# GC/NTS;8HGD/C3.
A notable feat%re of the "a"he is its almost "om&lete freedom in terms of administration. As soon as the "a"he is inte)rated into the server to&olo)# it "an start &erformin) its servi"es witho%t the need for lo) monitorin) or ba"9%&s. Ca"hes are alwa#s %sed for read access to do"%ments. @0a?# write@ is not s%&&orted. $n other words a "lient that wants to store do"%ments m%st alwa#s be dire"tl# "onne"ted to the "orres&ondin) "a"he server. As alread# des"ribed +see Content 1ana)ement Servi"e- SAP *TTP Content Server interfa"e s%&&orts si)ned 380s. Ca"he 380s "an of "o%rse alse be si)ned. *owever it wo%ld be ver# in"onvenient if the "a"he had to rel# on the Content Server to "arr# o%t si)nat%re "he"9s ever# time. $t therefore ma9es sense for the "a"he to "he"9 the si)nat%res itself. To this end the "a"he "ontains all the ne"essar# SAP "ertifi"ates or else it )ets them from the a&&ro&riate "ontent server.
The Ca"he Server has the same se"%rit# me"hanisms as the Content Server.
Performance Considerations
SAP<s own anal#ses have shown that the "a"he &rovides a "onsistent si)nifi"ant advanta)e in terms of s&eed ta9in) into a""o%nt both the fre(%en"# and si?e of re(%ests. $n the dia)ram below this is shown in the "om&arison of the res&onse times of the "a"he server and the "ontent server. .rom the dia)ram it is "lear that both "%rves r%n &arallel re)ardless of the re(%est si?e and that the res&onse times of the "ontent server e!"eed those of the "a"he server b# a fa"tor of E0. This res%lt is of "o%rse inde&endent of the bandwidth available to the "ontent server. .or e!am&le SAP has a hi)h'bandwidth "onne"tion between Walldorf and Palo Alto. $n a "%stomer environment m%"h hi)her im&rovements on s&eed "an be e!&e"ted.
The relationshi& between "a"he hits and "a"he misses is an essential "riteria in "a"he effi"ien"#. When the hit rate is near E00I "a"he &erforman"e is at o&tim%m level. $f the misses are in the maAorit# or if misses ma9e %& 20'60I of the total n%mber of re(%ests #o% sho%ld "onsider ta9in) &erforman"e o&timi?ation meas%res. What "a%ses a shar& in"rease in "a"he missesJ An almost f%ll "a"he A lar)e n%mber of widel# dis&ersed re(%estsK that is do"%ments that are not lo"ated in the "a"he are bein) "onstantl# re(%ested
Both fa"tors "a%se the "a"he to behave in the followin) wa#s. Stored do"%ments are deleted to ma9e wa# for new obAe"ts. The la"9 of s&a"e in the "a"he and the non'homo)eno%s nat%re of the re(%ests means that deletion "ontin%all# ta9es &la"e. $n e!treme "ases the "a"he "ontent is in a "onstant state of fl%! +also 9nown as @thrashin)@-. This )reatl# de)rades "a"he &erforman"e.
The onl# sol%tion to this &roblem is to e!tend the "a"he s&a"e so that the ma!im%m o""%&an"# of the "a"he "an be maintained at 5,I. Ba"9bone "a"hes are &arti"%larl# s%s"e&tible to thrashin) as these serve as "on"entrators for other "a"hes.