Friday, December 05, 2008

Oracle Application Express (APEX): Three Kinds of Session State

One of the best features of APEX is its ability to manage session state for you. One of the trickiest things you run in to when getting in to advanced development, though, is understanding just when session state is updated and when it is persisted. The easiest way I can describe this is with some examples:

1. PERSISTED Session State
Most of the time you will be dealing with persisted session state--session state that resides within the database and that is available from subsequent page requests. Any time you set an item's value with a computation or process you get PERSISTED session state. If you pass an item and value on the URL you get PERSISTED session state. If you submit a page with a text item (or radiobox, checkbox, select list, hidden item, etc.) the item will get persisted session state.

That seems like most of the ways you set item session state, but there are a couple of other ways.

2. IN MEMORY Session State (IMSS)
This category really falls in to two parts: Item Rendering and Automated Row Fetch
So . . .

2A. Item Rendering
You can set item attributes of Source and Default. Let's say we set an text item (P2_VALUE10) to have default value to C2C. Run the page and you will see an item on the page with C2C in a text box. Check the session state (use the Session link at the bottom of the page) and you will find that P2_VALUE10 does not have any session state. How is this possible? It's right there on the page with C2C, right?

The value C2C was set IN MEMORY session state. It disappears immediately when the page is done rendering; it is not saved in the database. This is not usually an issue, because you are probably going to submit the page, in which case (according to point 1 above) it will store as PERSISTED session state.

A special note on item rendering in memory session state (IRIMSS :) ): IRIMSS happens as the item is rendered. Say you have 20 items on the page, with the tenth item, P2_VALUE10, having default value of C2C. If you have any computations or conditions inside of items 1..9 that depend on P2_VALUE10, it will not have the default value. For example, say P2_VALUE3 has a display condition: Display when P2_VALUE10 = C2C. P2_VALUE3 will not show. Items 11..20, though, will see P2_VALUE10 = C2C. It can be a bit confusing.

2B. Automated Row Fetch (ARF)
Using ARF produces IN MEMORY session state as described above, with a little twist. The ARF process allows you to choose whether to put the value of the item values into IMSS right when the process is run, or as the items are rendered. In early versions of APEX it always happened as the items were rendered. In recent versions the default is to put the value into IMSS when the ARF process runs.

Why Does It Matter
Why does it matter if it is PERSISTED Session State or IMSS? I have found many cases where IMSS caused confusion and bugs. A good example is breadcrumbs. Say we have a department report, which drills in to a department form, which in turn drills in to an employee form. You could have a breadcrumb like this:

Dept Report > Dept Form > Employee

But that is not very enlightening. Wouldn't it be better to have the following?

Dept Report > Accounting > Nielsen

Which means you would define something like this

Dept Report > &P2_DNAME. > &P3_LAST_NAME.

If you used ARF to set P2_DNAME, however, but did not submit page 2, instead clicking on an employee link, P2_DNAME will be null on the employee page, resulting in the following breadcrumb:

Dept Report > > Nielsen

There are many other similar scenarios. But, the underlying cause is IMSS.

If you need persisted session state, just do your own fetch process or computation. You can leave the ARF process if you want, it won't hurt to have both.

I hope this sheds a little light on APEX session state.

Thursday, December 04, 2008

Oracle Portal and Oracle BI Publisher

If you are using Oracle Portal and are used to using the Portal Forms Builder, you may want to create parameter forms for your BI reports in the Portal Forms Builder. This article provides a methodology for generating and redirecting to the BI Publisher URL from a Portal Form.

Step 1: Create a package that will do the redirect for you given the appropriate parameters.

--
--
create or replace
package bip1 as
g_url varchar2(32767);

-- add additional parameters as required
procedure bip_r
(
p_xf IN VARCHAR2 DEFAULT NULL,
p_custom1name IN VARCHAR2 DEFAULT NULL,
p_custom1val IN VARCHAR2 DEFAULT NULL,
p_custom2name IN VARCHAR2 DEFAULT NULL,
p_custom2val IN VARCHAR2 DEFAULT NULL);
end;
/

--
create or replace
package body bip1 as

procedure bip_r
(
p_xf IN VARCHAR2 DEFAULT NULL,
p_custom1name IN VARCHAR2 DEFAULT NULL,
p_custom1val IN VARCHAR2 DEFAULT NULL,
p_custom2name IN VARCHAR2 DEFAULT NULL,
p_custom2val IN VARCHAR2 DEFAULT NULL)
as
-- for information on determining the URL below, see
-- http://blogs.oracle.com/xmlpublisher/2006/07/accessing_xmlp_enterprise_repo.html
l_url varchar2(32767) := 'http://[Your_BIP_Server]:9704/xmlpserver/[your_folder]/[your_report]/[your_report].xdo?_xpf=&_xpt=1&...';
begin
l_url := l_url || '&_xf=' || p_xf || '&'
|| p_custom1name || '=' || p_custom1val || '&'
|| p_custom2name || '=' || p_custom2val ;

bip1.g_url := l_url;
end;
end;
/


Step 2: Create a Portal Form against a procedure and choose the bip1.bip_r procedure.

Step 3: Modify the Portal Form

a. p_xf is the allowable output formats: html, pdf, csv, etc.
b. p_custom1name (and all p_custom#name items) should be hidden and should be the name of your BI Publisher report variables
c. p_custom1val (and all p_custom#val items) are the values you want your users to enter, associated with the corresponding p_custom#name
d. At the Portal Form level, where you see the text area following
On successful submission of a form, execute this PL/SQL block or PL/SQL procedure:
Hint:
You can redirect your browser to a PL/SQL procedure, for example a procedure that creates a Web page, using either of these methods:

1. call('', '');
Redirects the browser to the procedure and passes a parameter containing the URL back to the form.
2. go('');
Redirects the browser to the procedure but does not pass a URL to return to the form.


Enter: go(bip1.g_url);


Running this form will redirect you to the correct BI Publisher URL.

Monday, November 10, 2008

Haiku

One of the last times I hung out with Carl Backstrom we talked about texting someone a haiku. It's not much, but the occasional blog post in Carl's memory can't be a bad thing. I offer this:

Dynamic
CarlBack blogs now fixed
Early Night

I invite you to post your own haiku.

Tuesday, October 28, 2008

Carl Backstrom

Many have already posted about the tragic loss to the APEX development team and community. I feel the need to add my own short tribute--though it will certainly take me time to collect my thoughts. For now, simply, "We already miss you, Carl."

Anton

Thursday, September 11, 2008

Oracle Application Server Portal, Application Express (APEX) and OID

We have done a lot of work at C2 over the past few years integrating Portal with APEX (security and themes/ui), APEX with OID/SSO, OID with MS Active Directory (AD), APEX with AD, APEX with SSL LDAP . . . Well, you get the idea. We finally put this experience into a couple of training modules. If you are interested in these topics, click on the C2 Consulting logo at the right.

We have done similar work with all of the above and Oracle Universal Content Management (UCM) but have not integrated that into the course. Let me know if you think that would be worthwhile.

Friday, August 29, 2008

Oracle Application Express (APEX) "submit" Button

We just ran in to the strangest problem. All of our buttons and standard tabs stopped working on a particular page. Parent tabs worked fine, but anything that relied on posting the page (javascript:doSubmit) stopped working. Neelesh Shah came up with the solution. One of our buttons was "submit"--all lower case. Usually a submit button in APEX is either SUBMIT of Submit, with at least one upper case letter. APEX automatically adds an id="" to all the buttons. As it turns out, id="submit" (all lower case) causes browsers to stop submitting (posting) pages. Just changes the value to Submit did the trick.

Friday, August 22, 2008

Oracle Internet Directory (IDM OID) patchset 10.1.4.2 and WNA

Ouch! We recently installed the OID 10.1.4.2 patch to solve some issues with Server Chaining to Microsoft Active Directory (MS AD). There were two object classes that did not get mapped for groups and there were problems that OID would not find any group that was not directly in the dn that was chained to AD. If you chained
cn=ad,cn=groups,dc=mycompany,dc=com
to
cn=groups,ou=myDept,dc=mycompany,dc=com
but you had a group in subcontainer
cn=anotherLevel,cn=ad,cn=groups,dc=mycompany,dc=com
OID would not find it.

The patch almost worked as expected--we got one of the two object classes promised and we could find the groups in subcontainers. Unfortunately the patchset broke Windows Native Authentication (WNA). The problem is that the patch introduced a new java JDK, version 1.4.2._14. After many hours of troubleshooting we found Oracle bug 6658334--WNA FAILS AFTER APPLYING IDM 10.1.4.2.0 PATCHSET. The solution appears to be to downgrade the Sun JDK to 1.4.2_13. We did this and it works, but oh what a headache.

You might get an error stack that looks like this:

DAS servlet init enter
oiddas: Release 10.1.4.0.1 Production Started
<$ORACLE_HOME>/j2ee/OC4J_SECURITY/applications/oiddas/ui/WEB-INF/lib/oiddas.jar archive
DAS servlet init exit
Getting creds for HTTP/ ...
Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null KeyTab is
<$ORACLE_HOME>/j2ee/OC4J_SECURITY/config/sso.keytab refreshKrb5Config is
false principal is HTTP/ tryFirstPass is false
useFirstPass is false storePass is false clearPass is false
principal's key obtained from the keytab
principal is HTTP/
KerberosAuthenticator: GSSException raised in constructor -
No valid credentials provided (Mechanism level: Attempt to obtain new ACCEPT
credentials failed!)
GSSException: No valid credentials provided (Mechanism
level: Attempt to obtain new ACCEPT credentials failed!)
at
sun.security.jgss.krb5.Krb5AcceptCredential.getKeyFromSubject(Krb5AcceptCreden
tial.java:189)
at
sun.security.jgss.krb5.Krb5AcceptCredential.getInstance(Krb5AcceptCredential.j
ava:80)
. . .
30 Caused by: javax.security.auth.login.LoginException:
java.lang.NullPointerException
at java.lang.StringBuffer.append(StringBuffer.java:467)
at
com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginMo
dule.java:576)
at
com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:475)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

Wednesday, August 13, 2008

Oracle Open World (Oracle OpenWorld)

I will be speaking at OOW this year on two topics.

How to Hack an Oracle Application Express Application

If you write HTML applications in any technology and you care about your data, this presentation is for you. All HTML applications share some attributes that expose them to potential hacking. APEX has many features that will allow developers to lock down their applications – or to expose them to hacking. I will show techniques that can be used to hack HTML applications, how to close these holes within APEX and where APEX may expose these holes through its wizards. Naturally, I will show how to protect against any hack that I demonstrate. This session can benefit the novice to the highly advanced APEX developer as well as developers of any HTML application.

This is a skinnied down version of the module that C2 Consulting teaches in its Application Express classes.

Realizing ROI with Application Express

As part of Massachusetts healthcare reform, C2 Consulting worked with Harvard Pilgrim Healthcare (HPHC) to develop a new business process for providing health insurance directly to the subscriber. Utilizing Oracle Application Express, the HPHC system allows individuals to apply, enroll and be confirmed in a healthcare plan online in just a few minutes. Developed in just one month, the project cost will be recovered in just one year's saved postage.

Oracle Portal Secure Content Repository Views

I recently went searching for the documentation on the Oracle Portal repository views for Portal 10.1.4 and had a hard time finding them.

The Views
http://www.oracle.com/technology/products/ias/portal/html/plsqldoc/pldoc1014/wwsbr_api_view.html

The APIs
http://www.oracle.com/technology/products/ias/portal/html/plsqldoc/pldoc1014/summary.html

The Documentation
http://download-west.oracle.com/docs/cd/B14099_19/portal.1012/b14134/toc.htm

And More Documentation
http://download.oracle.com/docs/cd/B14099_15/portal.1014/b14135/pdg_part3.htm#sthref1557

Monday, August 04, 2008

Advanced Configuration Training Course: Oracle Application Express (APEX)

This is just a quick note to mention that C2 Consulting has added a new module to its Oracle Application Express (APEX) course. The training class is modular, so class attendees or clients can choose which modules are taught during a particular session. The new Advanced Configurations course covers installation and configuration in a variety of environments. Some of the topics follow:

  • High Availability, RAC, HA Middle Tiers (I contributed to the Oracle white paper on this topic)
  • Configuring Apache for SSL
  • Configuring Apache Virtual Hosts
  • Using Apache 2.x as a reverse proxy
  • Using Oracle Web Cache
  • Capturing IP Address behind Firewalls, Reverse Proxies and Web Cache
  • Using Apache Rewrite Rules
  • Custom DAD configurations--passing environment variables, setting default application, etc.
  • Custom Authentication and Authorization Schemes
  • How to enable Oracle Single Sign-On (SSO)
  • How to integrate with Netegrity (Computer Associates) Siteminder (Optional)
  • How to integrate with RSA (Optional)
  • How to integrate with PKI (client-side) certificates (Optional)
If you are interested in this topic or any of the C2 courses, contact C2.

Friday, July 18, 2008

DBMS_XMLSCHEMA.generateschema gives ORA-22303: type not found

I just had someone call about this.
SELECT DBMS_XMLSCHEMA.generateschema('your_schema','your_type') FROM DUAL;
gives ORA-22303: type "your_schema"."your_type" not found
ora-21700
ora-06512

Just upper case your_schema and your_type -- YOUR_SCHEMA and YOUR_TYPE.

Hope this helps.

Tuesday, March 25, 2008

Oracle Application Express (Apex) Breadcrumbs

In the early versions of Oracle HTML DB (the old name for Oracle Apex) breadcrumbs were called menus. Under the covers, in the code, they still are. They work great as breadcrumbs, but they still work as menus. Many Apex training classes will tell you to use lists for navigations and use breadcrumbs for, well, breadcrumbs. In most cases, though, you can use a single breadcrumb structure for both. Let's say you have the following page/navigation structure


  • Training

    • In Class

      • Application Express

      • Oracle Database Tuning

      • 10g Application Server

      • Oracle Portal



    • Web Based

      • Application Express

      • SQL

      • Oracle Database Management

      • PL/SQL





If you are on the SQL page you want a breadcrumb like this:
Training > Web Based > SQL

You may also want a menu that looks like this
Application Express
SQL
Oracle Database Management
PL/SQL

You can use the same breadcrumb to provide both features. Just create two regions, one with a breadcrumb template and another with a breadcrumb "menu" template, typically called Heirarchical in new versions of Apex. Play with the template, changing "Start With" to Current Breadcrumb. You will get a menu out of your breadcrumb. If you are on the "Web Based" page, you could create a template with "Start With" set to Child Breadcrumb Entries. This would give you a Menu that looks like this:
Application Express
SQL
Oracle Database Management
PL/SQL

Play with the breadcrumb templates and Start With and you may find they work far better than lists for navigation.

Thursday, February 07, 2008

Security: How to Hack an Oracle Application Express Application

I will be presenting at both the Northeast Oracle Users Group (NOUG) Training Day on 5 March 2008 and at the Oracle Development Tools User Group Kaleidoscope 2008 on 18 June 2008, 2:45 - 3:45 pm.

Oracle's Application Express (APEX) allows developers to quickly build highly functional applications that interact with an Oracle database. APEX dynamically generates HTML applications (hence the former name, HTML DB). All HTML applications share some attributes that expose them to potential hacking. APEX has many features that will allow developers to lock down their applications – or to expose them to hacking. I will show (live!) a number of techniques that can be used to hack HTML applications—and how to close these holes within APEX and where APEX may expose these holes through its wizards. Naturally, I will show how to protect against any hack that I demonstrate. The session will be interactive with the audience participating in ways to hack and prevent hacks. This is truly a session that can benefit the novice to the highly advanced APEX developer.

This is the same module that C2 Consulting teaches in its Application Express classes.