going public - what to consider when the world has access to your
TRANSCRIPT
![Page 1: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/1.jpg)
Going Public -‐ with your APEX Applica7on
25.03.2014 APEX World
Peter Raganitsch
![Page 3: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/3.jpg)
What is “Public” ?
• Internet oder Intranet
• -> Bereiche ohne Login
![Page 4: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/4.jpg)
What is “Public” ?
• Internet
• Intranet
• Extranet
• possibly large audience
• no user login needed
![Page 5: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/5.jpg)
APEX as a CMS?
![Page 6: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/6.jpg)
APEX as a CMS
• possible to do
• lot of coding involved
• easy way out: use an existing CMS
![Page 7: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/7.jpg)
Security
![Page 8: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/8.jpg)
Security - Server
• HW
• DMZ
• Schema
• Daten
• SSP
• XSS
Firewall
DMZ
HW+SWReliability
![Page 9: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/9.jpg)
Security - DB
• HW
• DMZ
• Schema
• Daten
• SSP
• XSS
Schema
Data
Privs
![Page 10: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/10.jpg)
Security - APEX
• HW
• DMZ
• Schema
• Daten
• SSP
• XSS XSSSQL Injection
Schema-Mapping
![Page 11: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/11.jpg)
Security - Books
![Page 12: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/12.jpg)
Design
• Gutes Aussehen ist alles
![Page 13: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/13.jpg)
Example
![Page 14: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/14.jpg)
Example
![Page 15: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/15.jpg)
Example
![Page 16: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/16.jpg)
Example
![Page 17: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/17.jpg)
Example
![Page 18: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/18.jpg)
Example
![Page 19: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/19.jpg)
Example
![Page 20: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/20.jpg)
Example
• find more examples by searching for
allinurl:apex/f?p
![Page 21: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/21.jpg)
Example
• find more examples by searching for
allinurl:ords/f?p
2.0.6: APEX Listener is now Oracle REST Data Services !
![Page 22: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/22.jpg)
Design
• Good looks sell
• Webdesigner
• Templatemonster/Themeforrest
• Responsive Web Design
• Intuitive User Experience
![Page 23: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/23.jpg)
Website Templates
![Page 24: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/24.jpg)
Website Templates
![Page 25: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/25.jpg)
APEX Templates
![Page 26: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/26.jpg)
APEX Templates
![Page 27: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/27.jpg)
Theming Competition
![Page 28: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/28.jpg)
Bookmarks
• Lesezeichen setzen - Session 0
![Page 29: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/29.jpg)
Bookmark
• setting Bookmarks
• send Links per Email
Better: Redirect from a shortcut URL
www.myapplication.nl
![Page 30: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/30.jpg)
Session 0
• for public Pages
• APEX_UTIL.Prepare_URL
• APEX_APPLICATION.g_use_zero_sid
![Page 31: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/31.jpg)
Get found
• Suchmaschinen
![Page 32: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/32.jpg)
Search Engines
Use Session 0!
Otherwise you could get many, many visits from search robots
![Page 33: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/33.jpg)
Search Engines
http://jeffkemponoracle.com/2011/10/07/googlebot-apex-session-ids-and-cookies/
• Google visits f?p=100:1:123123123
• Session invalid
• APEX replies with a redirect to a new Session-Id f?p=100:1:9898434508
• Google stores that new URL...
• …and returns later (Goto 10)
![Page 34: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/34.jpg)
Page Title
• set Page-Title in APEX
• and make sure its used in the Page-Template
• set Page-Security to “Page is Public”
![Page 35: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/35.jpg)
Meta-Tags
• set Meta Tags in the HTML Header
• Important for Search Engines
•<meta name=”Description” content=”...”>
•<meta name=”keywords” content=”...”>
![Page 36: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/36.jpg)
Sitemap• Sitemap.xml contains website structure
• http://de.wikipedia.org/wiki/Sitemap
• https://support.google.com/webmasters/answer/183668?hl=de
• can be created through an On-Demand-Prozess, Restful Webservice or DB-Function
<?xml version="1.0" encoding="UTF-8"?>!<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" ! xmlns:image="http://www.google.com/schemas/sitemap-image/1.1" ! xmlns:video="http://www.google.com/schemas/sitemap-video/1.1">! <url> ! <loc>http://www.example.com/foo.html</loc> !...
![Page 37: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/37.jpg)
Content Search
![Page 38: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/38.jpg)
APEX Report
![Page 39: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/39.jpg)
Content Search
• APEX Views
• Eigene Tabellen
• als Report darstellen
![Page 40: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/40.jpg)
nicer URL
f p=
![Page 41: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/41.jpg)
normal
apex/f?p=123:456
![Page 42: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/42.jpg)
nicer
apex/f?p=mobile:home
![Page 43: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/43.jpg)
nicer URL
• Application Alias
• Page Alias
![Page 44: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/44.jpg)
Links created by APEX
• Problem: APEX always uses IDs, never Alias
![Page 45: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/45.jpg)
Beautify Links
• Global PageDynamic ActionorHTML Region
![Page 46: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/46.jpg)
Application Alias
• Watch out when using Application Alias !
• Has to be unique, but that is neither checked nor enforced
• An Application in a different Workspace can use the same Alias(the Author of this presentation claims this is a BUG)
![Page 47: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/47.jpg)
much nicer URL
hrURL*hrURL = human readable URL
![Page 48: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/48.jpg)
normal
apex/f?p=123:456
![Page 49: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/49.jpg)
nicer
apex/f?p=mobile:home
![Page 50: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/50.jpg)
much nicer
apex/mobile/home
![Page 51: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/51.jpg)
iFrame
• Apache mod_rewrite
• Entweder fixe Regeln, oder Mapping-Datei
http://www.inside-oracle-apex.com/nicer-url-for-an-oracle-apex-application/
![Page 52: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/52.jpg)
Apache mod_rewrite
• Apache mod_rewrite
• use RewriteRules or a Mapping-File
http://www.oracle.com/webfolder/technetwork/de/community/apex/tipps/mod_rewrite/index.html http://monkeyonoracle.blogspot.de/2010/02/nice-url-in-public-facing-oracle-apex.html
![Page 53: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/53.jpg)
APEX Listener / ords
• APEX Listener via RESTful Webservice
• URL: <server>/<dad>/<workspace>/[<ws>]
http://krisrice.blogspot.co.at/2013/07/nicer-urls-for-apex-yet-another-option_25.html
![Page 54: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/54.jpg)
EPG and mod_plsql
• Path-Alias points to a DB procedure
• URL: <server>/<dad>/<prozedur>
http://docs.oracle.com/cd/B19306_01/server.102/b14337/concept.htm#i1006110 http://ora-00001.blogspot.de/2009/07/creating-rest-web-service-with-plsql.html
![Page 55: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/55.jpg)
URL Mapping Procedure
![Page 56: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/56.jpg)
Members only Area
By Chris Messina (http://wiki.oauth.net/Logo) [CC-BY-SA-3.0 (http://creativecommons.org/licenses/by-sa/3.0)], via Wikimedia Commons
![Page 57: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/57.jpg)
Public Website Logins
![Page 58: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/58.jpg)
Public Website Logins
• http://en.wikipedia.org/wiki/OAuth
• Google & Facebook OAuth 2
• Twitter OAuth 1.1
• or Custom Login (local tables/procedures)
• Tipp: APEX Authentication Plugins !
![Page 59: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/59.jpg)
Example OAuth via Google
https://developers.google.com/accounts/docs/OAuth2?hl=de
![Page 60: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/60.jpg)
Google/Facebook Plugin
![Page 61: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/61.jpg)
- end -
![Page 63: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/63.jpg)
i n f o @ t r y f o e x n o w . c o m
w w w. t r y f o e x n o w . c o m
1 of 2 Single Developer Licenses
each Valued at 5,000 EUR
Win
Ask Matt or Peter for a Registration form
![Page 64: Going Public - What to consider when the world has access to your](https://reader034.vdocument.in/reader034/viewer/2022051714/5875f81a1a28ab9c028b6176/html5/thumbnails/64.jpg)
Peter Raganitsch !!!
[email protected] http://www.oracle-and-apex.com
!@PeterRaganitsch
Find me at the FOEX Booth!