Skip to main content

Kscope Wednesday

Also today is packed with excellent sessions. The first one, "Cookie Monster", by Tim St.Hillaire covered the different type of cookies and how you can set and read them from within your APEX application. For a lot of purposes you could nowadays use local storage as well, but there's still a case for cookies - and that's not a jar ;-)
The second one, "Single Sign On", by Anton Nielsen was excellent as well. He made clear that just Authentication is not enough: In most cases we need to get back our previous session state as well. A feature that will be included in APEX 5: Session joining. Only in a multi-tenant infrastructure it is not a good idea to enable this as this might open up the possibility to hijack a session. He also explained that from a security point of view, it is important that the APEX authentication is based on both the cookie and the sessionID in the URL.
In session number three, "Pins, Polygons and Perspective", Christoph Ruepprich showed how you can add very nice - and rather easy - geo information to your APEX application. Especially LeafletJS is something to check out, as it is perfect for mobile devices and can use different layers.
After a long break I attended "Production Level Trouble Shooting", especially because I have done sessions on that same subject as well. The key take away is that it is a good idea to instrument your code in a way that you can switch on debugging in a production environment for a single user, a single page and/or a period of time. You can do that - even when debugging is disabled, as it should be - issuing a (conditional) apex_debug.enable command before both page rendering and page processing.
Then, my personal highlight of the day, John Scott did his NodeJS presentation. With some great examples / use cases he made clear that this is something we definitely should check out. With just a few lines of NodeJS code you can create a webserver, a proxy server, create a REST server, create an APEX exporter or a mail reader and websockets server.
The final presentation about APEX URLs by Christian Rokitta gave insight why your URLs should be (more) readable by the user and search engines and some great options and tips how to accomplish this: using intelligent rewrite by either PL/SQL, the ORDS (APEX Listener) and/or by changing the Listener configuration. 

A long, but very interesting day, And now it's time for the big event....
Post a Comment

Popular posts from this blog

Showing a success message after closing a modal dialog

APEX 5 comes with Modal Dialogs out of the box. Very neat. Especially for adding and changing data. And to minimise the number of time a user has to click, it could be useful to add a "Close Dialog" process after the actual data processing. When the data processing fails, the Dialog stays on top showing the error. When data processing runs fine, the Dialog is closed ... without any confirmation. And this might be scary for a shaky user.

So how can we provide the user some feedback? On Page 4 of the Sample Dialog Application you can see one solution: up on a Dialog Closed Event on the parent page it does a redirect to refresh the parent page appending the success message of the "Close Dialog" process. This has two drawbacks. First, it probably refreshes more than necessary. And second, if you're using multiple layers of dialogs (dialogs that open other dialogs) the message appears in the "parent dialog".
As an alternative you could follow these steps: 1…

APEX 5 New Static File Features

In APEX 4 you could upload files - like CSS files, JavaScript files, Images and whatever else you like - into the APEX Repository. When you navigate to Shared Components, there is a Files section that offers three different options:
CSS Files are always uploaded (and changed !) for the whole Workspace. For Images and Static Files (usually JavaScript) you could choose whether they should be available for the whole Workspace or for a specific Application only. And if you had a lot of files - e.g. a lot of images - then you had to go through the upload process one-by-one. But that's usually a one time only thing. If you make changes to the CSS and JavaScript files - and that's a continuous process in development - then you had to delete the existing file and upload the new one. Over and over again. And meanwhile fighting the cache of the webserver and your browser.  And another irritating issue: You couldn't use relative references in your CSS or JavaScript files as they just…

Using LDAP for Authentication and Authorization within APEX

One of my current customers would like to use their LDAP (Microsoft Active Directory) server for authentication and authorization of APEX applications. Of course we tried to set up a standard LDAP Authenication that's available within APEX. But we couldn't get that to work. Maybe it has to do with the fact that the client stored their Users within Groups within Groups within .... . Or maybe it doesn't do a full tree walk in the directory. Or maybe it is just because it is Microsoft - and not Oracle Internet Directory (OID). So we moved to a custom Authentication using the DBMS_LDAP functions (and some examples from the Pro Oracle Application Express book and Tim Hall - a.k.a. Oracle Base).

One of the issues we encountered that we wanted to use the user's login name, like "jdoe" and not his full name ("John Doe"). And the login name is stored in the "sAMAccountName" attribute. But authenticating using just "jdoe" didn't work. …