Going  Public  -­‐  with  your  APEX  Applica7on

25.03.2014 APEX World

Peter Raganitsch

Peter Raganitsch !!!

peter.raganitsch@tryfoexnow.com http://www.oracle-and-apex.com

!@PeterRaganitsch

What is “Public” ?

• Internet oder Intranet

• -> Bereiche ohne Login

What is “Public” ?

• Internet

• Intranet

• Extranet

• possibly large audience

• no user login needed

APEX as a CMS?

APEX as a CMS

• possible to do

• lot of coding involved

• easy way out: use an existing CMS

Security

Security - Server

• HW

• DMZ

• Schema

• Daten

• SSP

• XSS

Firewall

DMZ

HW+SWReliability

Security - DB

• HW

• DMZ

• Schema

• Daten

• SSP

• XSS

Schema

Data

Privs

Security - APEX

• HW

• DMZ

• Schema

• Daten

• SSP

• XSS XSSSQL Injection

Schema-Mapping

Security - Books

Design

• Gutes Aussehen ist alles

Example

Example

Example

Example

Example

Example

Example

Example

• find more examples by searching for

allinurl:apex/f?p

Example

• find more examples by searching for

allinurl:ords/f?p

2.0.6: APEX Listener is now Oracle REST Data Services !

Design

• Good looks sell

• Webdesigner

• Templatemonster/Themeforrest

• Responsive Web Design

• Intuitive User Experience

Website Templates

Website Templates

APEX Templates

APEX Templates

Theming Competition

Bookmarks

• Lesezeichen setzen - Session 0

Bookmark

• setting Bookmarks

• send Links per Email

Better: Redirect from a shortcut URL

www.myapplication.nl

Session 0

• for public Pages

• APEX_UTIL.Prepare_URL

• APEX_APPLICATION.g_use_zero_sid

Get found

• Suchmaschinen

Search Engines

Use Session 0!

Otherwise you could get many, many visits from search robots

Search Engines

http://jeffkemponoracle.com/2011/10/07/googlebot-apex-session-ids-and-cookies/

• Google visits f?p=100:1:123123123

• Session invalid

• APEX replies with a redirect to a new Session-Id f?p=100:1:9898434508

• Google stores that new URL...

• …and returns later (Goto 10)

Page Title

• set Page-Title in APEX

• and make sure its used in the Page-Template

• set Page-Security to “Page is Public”

Meta-Tags

• set Meta Tags in the HTML Header

• Important for Search Engines

•<meta name=”Description” content=”...”>

•<meta name=”keywords” content=”...”>

Sitemap• Sitemap.xml contains website structure

• http://de.wikipedia.org/wiki/Sitemap

• https://support.google.com/webmasters/answer/183668?hl=de

• can be created through an On-Demand-Prozess, Restful Webservice or DB-Function

<?xml version="1.0" encoding="UTF-8"?>!<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" ! xmlns:image="http://www.google.com/schemas/sitemap-image/1.1" ! xmlns:video="http://www.google.com/schemas/sitemap-video/1.1">! <url> ! <loc>http://www.example.com/foo.html</loc> !...

Content Search

APEX Report

Content Search

• APEX Views

• Eigene Tabellen

• als Report darstellen

nicer URL

f p=

normal

apex/f?p=123:456

nicer

apex/f?p=mobile:home

nicer URL

• Application Alias

• Page Alias

Links created by APEX

• Problem: APEX always uses IDs, never Alias

Beautify Links

• Global PageDynamic ActionorHTML Region

Application Alias

• Watch out when using Application Alias !

• Has to be unique, but that is neither checked nor enforced

• An Application in a different Workspace can use the same Alias(the Author of this presentation claims this is a BUG)

much nicer URL

hrURL*hrURL = human readable URL

normal

apex/f?p=123:456

nicer

apex/f?p=mobile:home

much nicer

apex/mobile/home

iFrame

• Apache mod_rewrite

• Entweder fixe Regeln, oder Mapping-Datei

http://www.inside-oracle-apex.com/nicer-url-for-an-oracle-apex-application/

Apache mod_rewrite

• Apache mod_rewrite

• use RewriteRules or a Mapping-File

http://www.oracle.com/webfolder/technetwork/de/community/apex/tipps/mod_rewrite/index.html http://monkeyonoracle.blogspot.de/2010/02/nice-url-in-public-facing-oracle-apex.html

APEX Listener / ords

• APEX Listener via RESTful Webservice

• URL: <server>/<dad>/<workspace>/[<ws>]

http://krisrice.blogspot.co.at/2013/07/nicer-urls-for-apex-yet-another-option_25.html

EPG and mod_plsql

• Path-Alias points to a DB procedure

• URL: <server>/<dad>/<prozedur>

http://docs.oracle.com/cd/B19306_01/server.102/b14337/concept.htm#i1006110 http://ora-00001.blogspot.de/2009/07/creating-rest-web-service-with-plsql.html

URL Mapping Procedure

Members only Area

By Chris Messina (http://wiki.oauth.net/Logo) [CC-BY-SA-3.0 (http://creativecommons.org/licenses/by-sa/3.0)], via Wikimedia Commons

Public Website Logins

Public Website Logins

• http://en.wikipedia.org/wiki/OAuth

• Google & Facebook OAuth 2

• Twitter OAuth 1.1

• or Custom Login (local tables/procedures)

• Tipp: APEX Authentication Plugins !

Example OAuth via Google

https://developers.google.com/accounts/docs/OAuth2?hl=de

Google/Facebook Plugin

- end -

hrURL Demo

http://apex.oracle/com/pls/apex/hrul/home

i n f o @ t r y f o e x n o w . c o m

w w w. t r y f o e x n o w . c o m

1 of 2 Single Developer Licenses

each Valued at 5,000 EUR

Win

Ask Matt or Peter for a Registration form

Peter Raganitsch !!!

peter.raganitsch@tryfoexnow.com http://www.oracle-and-apex.com

!@PeterRaganitsch

Find me at the FOEX Booth!