going public - Peter Raganitsch - nlOUG • Apache mod_rewrite! • Entweder fixe Regeln, oder...
-
Upload
phungquynh -
Category
Documents
-
view
217 -
download
3
Transcript of going public - Peter Raganitsch - nlOUG • Apache mod_rewrite! • Entweder fixe Regeln, oder...
Going Public -‐ with your APEX Applica7on
25.03.2014 APEX World
Peter Raganitsch
What is “Public” ?
• Internet oder Intranet
• -> Bereiche ohne Login
What is “Public” ?
• Internet
• Intranet
• Extranet
• possibly large audience
• no user login needed
APEX as a CMS?
APEX as a CMS
• possible to do
• lot of coding involved
• easy way out: use an existing CMS
Security
Security - Server
• HW
• DMZ
• Schema
• Daten
• SSP
• XSS
Firewall
DMZ
HW+SWReliability
Security - DB
• HW
• DMZ
• Schema
• Daten
• SSP
• XSS
Schema
Data
Privs
Security - APEX
• HW
• DMZ
• Schema
• Daten
• SSP
• XSS XSSSQL Injection
Schema-Mapping
Security - Books
Design
• Gutes Aussehen ist alles
Example
Example
Example
Example
Example
Example
Example
Example
• find more examples by searching for
allinurl:apex/f?p
Example
• find more examples by searching for
allinurl:ords/f?p
2.0.6: APEX Listener is now Oracle REST Data Services !
Design
• Good looks sell
• Webdesigner
• Templatemonster/Themeforrest
• Responsive Web Design
• Intuitive User Experience
Website Templates
Website Templates
APEX Templates
APEX Templates
Theming Competition
Bookmarks
• Lesezeichen setzen - Session 0
Bookmark
• setting Bookmarks
• send Links per Email
Better: Redirect from a shortcut URL
www.myapplication.nl
Session 0
• for public Pages
• APEX_UTIL.Prepare_URL
• APEX_APPLICATION.g_use_zero_sid
Get found
• Suchmaschinen
Search Engines
Use Session 0!
Otherwise you could get many, many visits from search robots
Search Engines
http://jeffkemponoracle.com/2011/10/07/googlebot-apex-session-ids-and-cookies/
• Google visits f?p=100:1:123123123
• Session invalid
• APEX replies with a redirect to a new Session-Id f?p=100:1:9898434508
• Google stores that new URL...
• …and returns later (Goto 10)
Page Title
• set Page-Title in APEX
• and make sure its used in the Page-Template
• set Page-Security to “Page is Public”
Meta-Tags
• set Meta Tags in the HTML Header
• Important for Search Engines
•<meta name=”Description” content=”...”>
•<meta name=”keywords” content=”...”>
Sitemap• Sitemap.xml contains website structure
• http://de.wikipedia.org/wiki/Sitemap
• https://support.google.com/webmasters/answer/183668?hl=de
• can be created through an On-Demand-Prozess, Restful Webservice or DB-Function
<?xml version="1.0" encoding="UTF-8"?>!<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" ! xmlns:image="http://www.google.com/schemas/sitemap-image/1.1" ! xmlns:video="http://www.google.com/schemas/sitemap-video/1.1">! <url> ! <loc>http://www.example.com/foo.html</loc> !...
Content Search
APEX Report
Content Search
• APEX Views
• Eigene Tabellen
• als Report darstellen
nicer URL
f p=
normal
apex/f?p=123:456
nicer
apex/f?p=mobile:home
nicer URL
• Application Alias
• Page Alias
Links created by APEX
• Problem: APEX always uses IDs, never Alias
Beautify Links
• Global PageDynamic ActionorHTML Region
Application Alias
• Watch out when using Application Alias !
• Has to be unique, but that is neither checked nor enforced
• An Application in a different Workspace can use the same Alias(the Author of this presentation claims this is a BUG)
much nicer URL
hrURL*hrURL = human readable URL
normal
apex/f?p=123:456
nicer
apex/f?p=mobile:home
much nicer
apex/mobile/home
iFrame
• Apache mod_rewrite
• Entweder fixe Regeln, oder Mapping-Datei
http://www.inside-oracle-apex.com/nicer-url-for-an-oracle-apex-application/
Apache mod_rewrite
• Apache mod_rewrite
• use RewriteRules or a Mapping-File
http://www.oracle.com/webfolder/technetwork/de/community/apex/tipps/mod_rewrite/index.html http://monkeyonoracle.blogspot.de/2010/02/nice-url-in-public-facing-oracle-apex.html
APEX Listener / ords
• APEX Listener via RESTful Webservice
• URL: <server>/<dad>/<workspace>/[<ws>]
http://krisrice.blogspot.co.at/2013/07/nicer-urls-for-apex-yet-another-option_25.html
EPG and mod_plsql
• Path-Alias points to a DB procedure
• URL: <server>/<dad>/<prozedur>
http://docs.oracle.com/cd/B19306_01/server.102/b14337/concept.htm#i1006110 http://ora-00001.blogspot.de/2009/07/creating-rest-web-service-with-plsql.html
URL Mapping Procedure
Members only Area
By Chris Messina (http://wiki.oauth.net/Logo) [CC-BY-SA-3.0 (http://creativecommons.org/licenses/by-sa/3.0)], via Wikimedia Commons
Public Website Logins
Public Website Logins
• http://en.wikipedia.org/wiki/OAuth
• Google & Facebook OAuth 2
• Twitter OAuth 1.1
• or Custom Login (local tables/procedures)
• Tipp: APEX Authentication Plugins !
Example OAuth via Google
https://developers.google.com/accounts/docs/OAuth2?hl=de
Google/Facebook Plugin
- end -
i n f o @ t r y f o e x n o w . c o m
w w w. t r y f o e x n o w . c o m
1 of 2 Single Developer Licenses
each Valued at 5,000 EUR
Win
Ask Matt or Peter for a Registration form
Peter Raganitsch !!!
[email protected] http://www.oracle-and-apex.com
!@PeterRaganitsch
Find me at the FOEX Booth!