Monday, June 25, 2012
Sunday, February 26, 2012
Embed / RUN Flash Movie in a JSPX Page ADF Application
Blog Post Dedicated to Udit Sharma.
Hi,
Trying to run a flash movie in a jspx page of an adf application came up with issues when you call the flash movie from the page itself.
To overcome this, we need to embed this flash movie in the jspx page.
This post of mine shows Embedding and running a flash movie (.swf) in a jspx ADF page. My colleague Udit Sharma found out a ingenious and simple way of achieving this.
First we need the <object> (The OBJECT element is used to include objects such as images, audio, videos, Java applets, and Flash animations. OBJECT is intended to replace the more specific IMG and APPLET elements, as well as the proprietary EMBED and BGSOUND elements, though a lack of browser support and severe bugs in supporting browsers make the other elements a better choice in many cases.).
To create this, we write the following code, which returns the string, used to embed the flash movie in the jspx page. In my case, I am embedding a RSA flash movie in my jspx, an ADF application.
Following is the code example:
public String getFlashObjectForFirefox() {
System.out.println("inside getFlashObjectForFirefox");
String ctxPath = FacesContext.getCurrentInstance().getExternalContext().getRequestContextPath();
System.out.println("ctxPath is " + ctxPath);
String object = "";
object = "<object classid=\"clsid:d27cdb6e-ae6d-11cf-96b8-444553540000\" \n" +
"codebase=\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version\n" +
"=10,0,0,0\" width=\"100\" height=\"100\" id=\"11gR1_aniH_grey\" align=\"middle\">\n" +
"<param name=\"allowScriptAccess\" value=\"sameDomain\" />\n" +
"<param name=\"allowFullScreen\" value=\"false\" />\n" +
"<param name=\"wmode\" value=\"transparent\" />\n" +
"<param name=\"movie\" value=\""+ctxPath+"/rsa_fso.swf\" />\n" +
"<param name=\"quality\" value=\"high\" />\n" +
"<param name=\"bgcolor\" value=\"#4d5c64\" /> \n" +
"<param name=\"flashVars\" value=\"field_name=deviceString\"/>\n" +
"<embed id=\"flash_id\" " +
"src=\""+ctxPath+"/rsa_fso.swf\" quality=\"high\" width=\"100\" height=\"100\" name=\"rsa_fso.swf\" align=\"middle\" \n" +
"type=\"application/x-shockwave-flash\" flashVars=\"field_name=RSADeviceFso\" wmode=\"transparent\"\n" +
"pluginspage=\"http://www.adobe.com/go/getflashplayer\" />\n" +
"</object> ";
return object;
}
Now, from the .jspx page, I use the following tag to include and run the flash movie:
<f:verbatim>
${pageFlowScope.UIBean.getFlashObjectForFirefox}
</f:verbatim>
Please note that using the ctxPath, I have mentioned the path to the flash movie and the other javascripts required for the proper functioning/running of the flash movie.
Hope this helps.
Sudipto S.
P.S : Follow me with my progress on Java Knowledge and Black Belts come to knowledgeblackbelt.com
Hi,
Trying to run a flash movie in a jspx page of an adf application came up with issues when you call the flash movie from the page itself.
To overcome this, we need to embed this flash movie in the jspx page.
This post of mine shows Embedding and running a flash movie (.swf) in a jspx ADF page. My colleague Udit Sharma found out a ingenious and simple way of achieving this.
First we need the <object> (The OBJECT element is used to include objects such as images, audio, videos, Java applets, and Flash animations. OBJECT is intended to replace the more specific IMG and APPLET elements, as well as the proprietary EMBED and BGSOUND elements, though a lack of browser support and severe bugs in supporting browsers make the other elements a better choice in many cases.).
To create this, we write the following code, which returns the string, used to embed the flash movie in the jspx page. In my case, I am embedding a RSA flash movie in my jspx, an ADF application.
Following is the code example:
public String getFlashObjectForFirefox() {
System.out.println("inside getFlashObjectForFirefox");
String ctxPath = FacesContext.getCurrentInstance().getExternalContext().getRequestContextPath();
System.out.println("ctxPath is " + ctxPath);
String object = "";
object = "<object classid=\"clsid:d27cdb6e-ae6d-11cf-96b8-444553540000\" \n" +
"codebase=\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version\n" +
"=10,0,0,0\" width=\"100\" height=\"100\" id=\"11gR1_aniH_grey\" align=\"middle\">\n" +
"<param name=\"allowScriptAccess\" value=\"sameDomain\" />\n" +
"<param name=\"allowFullScreen\" value=\"false\" />\n" +
"<param name=\"wmode\" value=\"transparent\" />\n" +
"<param name=\"movie\" value=\""+ctxPath+"/rsa_fso.swf\" />\n" +
"<param name=\"quality\" value=\"high\" />\n" +
"<param name=\"bgcolor\" value=\"#4d5c64\" /> \n" +
"<param name=\"flashVars\" value=\"field_name=deviceString\"/>\n" +
"<embed id=\"flash_id\" " +
"src=\""+ctxPath+"/rsa_fso.swf\" quality=\"high\" width=\"100\" height=\"100\" name=\"rsa_fso.swf\" align=\"middle\" \n" +
"type=\"application/x-shockwave-flash\" flashVars=\"field_name=RSADeviceFso\" wmode=\"transparent\"\n" +
"pluginspage=\"http://www.adobe.com/go/getflashplayer\" />\n" +
"</object> ";
return object;
}
Now, from the .jspx page, I use the following tag to include and run the flash movie:
<f:verbatim>
${pageFlowScope.UIBean.getFlashObjectForFirefox}
</f:verbatim>
Please note that using the ctxPath, I have mentioned the path to the flash movie and the other javascripts required for the proper functioning/running of the flash movie.
Hope this helps.
Sudipto S.
P.S : Follow me with my progress on Java Knowledge and Black Belts come to knowledgeblackbelt.com
Thursday, February 2, 2012
Calling Web Service From A Web Center Portal Application
Hi Friends,
Recently in a project, I needed to call a Web Service from a Web Center Portal Application. After a few errors, I was successfully able to call the web service from the application.
I will discuss the same with you here. Let me brief about the components involved in this discussion, i.e
1. The java method that will be invoked via a web service call, which is independently hosted in an external server space. This java method (exposed through a web service call) requires a argument and returns an String as output. (Note: The return type of the web service call is something different from that of the return type of the java method itself).
2. The web center application is a simple Web Center Portal Application and on a successful login, the user is rendered some page which contains the output of the java method call via web service.
I am using Oracle ADF 11.1.1.5.0 for this purpose.
First of all we need to create the Data Controls for the web service. Following is how you create the Data Control for the web service:
Click Ok.
Provide a valid WSDL url to the web service which the portal application would call.
Click Next.
Click Next.
You can click Finish at this point to create the Data Control. On successful creation of the Data Control, you would find the Data Control with the method to be called in the Data Controls section, as follows:
Now that the Data Control is created, we need to call this web service internally, without any user intervention and also passing a parameter to the web service call. To make the call, you need to drag the method in the Data Control to a task flow and declare the activity as the default activity.
In the data control section, select the data control for the web service:
Double click to pass the parameters to the method calls:
Drag the data controls to the task flow of your application:
You can also mention the return value of the method call, depending on your application requirement.
Execute the task flow and the application will make the web service call.
Thank you.
Follow me with my progress on Java Knowledge and Black Belts come to knowledgeblackbelt.com
Monday, September 19, 2011
Entitlement Server - Architecture/Components
Hi Friends,
After the first blog "Entitlement Servers- OverView - In Brief" , here we will walk through the architecture of
Oracle Entitlement Servers.
The following point would be covered under this topic:
OES Administration Server , Security Service Model (SSM), Service Control Manager, Policy Distributor (PD), Policy Loader and a little about Policy Administration Point (PAP) , Policy Decision Point (PDP), Policy Enforcement Point (PEP) and Policy Information Point (PIP).
OES Administration Server: The administration server is used for operations like creation, update and deletion of users, groups, roles and resources. To help felicitate this operation, a UI called the ASI is provided. The administration console delegates administration functionality to other users. The OES Administration Server acts as a PAP, the Policy Administration Point. The administration server manages the storage of policy data in the Policy Database and distribution of policies to the SSMs. We will talk about SSMs in the later half.
Following are the components of an Administration Server:
The Business Logic Manager (BLM): Standard API which is used to do the Administration Operations, like creation/deletion/update of user/groups/roles through code. BLM also interacts with the Policy database to control the persistence of Policy Data.
The Policy Distributor (PD) : The policy distributor distributes the policy data over to the SSM for runtime enforcement of Policy at the SSM.
The Policy Loader: The Policy Loader saves and retrieves the policy data from the database.
Security Service Module (SSM) : SSM acts as the Policy Decision Point (PDP). SSM resides in the container where the application that is to be secured. An SSM can be a distributed where application is distributed or deployed as a central entitlement server.
In the case of distributed environment, the application can call/invoke the Security Service of the SSM through the JAVA APIs or the Web-Service calls.
In the scenario, where the SSM is deployed as the central server, the application can send the authorization request to the centralized SSM through a web service call or through a XACML request/response protocol.
Service Control Manager (SCM) : It stores the SSM configuration data and channels (you can think of it as an updater which update all the SSMs of the new configurations and the changes made at the admin server) data to each SSM registers
Policy Information Point (PIP) : These are referred to the storage points from where the policy data is saved and retrieved. Take for example an LDAP server or an external database server.
So friends, these were the various components of an entitlement server.
We will discuss the Architecture/Components and the flow of control in an OES server in my next post.
Please comment with your doubts, suggestions and feedback.
Team: Turning Technology
After the first blog "Entitlement Servers- OverView - In Brief" , here we will walk through the architecture of
Oracle Entitlement Servers.
The following point would be covered under this topic:
OES Administration Server , Security Service Model (SSM), Service Control Manager, Policy Distributor (PD), Policy Loader and a little about Policy Administration Point (PAP) , Policy Decision Point (PDP), Policy Enforcement Point (PEP) and Policy Information Point (PIP).
OES Administration Server: The administration server is used for operations like creation, update and deletion of users, groups, roles and resources. To help felicitate this operation, a UI called the ASI is provided. The administration console delegates administration functionality to other users. The OES Administration Server acts as a PAP, the Policy Administration Point. The administration server manages the storage of policy data in the Policy Database and distribution of policies to the SSMs. We will talk about SSMs in the later half.
Following are the components of an Administration Server:
The Business Logic Manager (BLM): Standard API which is used to do the Administration Operations, like creation/deletion/update of user/groups/roles through code. BLM also interacts with the Policy database to control the persistence of Policy Data.
The Policy Distributor (PD) : The policy distributor distributes the policy data over to the SSM for runtime enforcement of Policy at the SSM.
The Policy Loader: The Policy Loader saves and retrieves the policy data from the database.
Security Service Module (SSM) : SSM acts as the Policy Decision Point (PDP). SSM resides in the container where the application that is to be secured. An SSM can be a distributed where application is distributed or deployed as a central entitlement server.
In the case of distributed environment, the application can call/invoke the Security Service of the SSM through the JAVA APIs or the Web-Service calls.
In the scenario, where the SSM is deployed as the central server, the application can send the authorization request to the centralized SSM through a web service call or through a XACML request/response protocol.
Service Control Manager (SCM) : It stores the SSM configuration data and channels (you can think of it as an updater which update all the SSMs of the new configurations and the changes made at the admin server) data to each SSM registers
Policy Information Point (PIP) : These are referred to the storage points from where the policy data is saved and retrieved. Take for example an LDAP server or an external database server.
So friends, these were the various components of an entitlement server.
We will discuss the Architecture/Components and the flow of control in an OES server in my next post.
Please comment with your doubts, suggestions and feedback.
Team: Turning Technology
Thursday, September 15, 2011
Entitlement Servers- OverView - In Brief
Hello Friends,
For all u beginners to Oracle Entitlement Server, I would give a brief and a very basic overview on the topic, excluding the installation part in this post. You just have to go through this once to get the most brief and concrete idea of what an entitlement server does and how it achieves the goal of authorization.
This will help get you started. We won't discusses the various topics like PAP, PDP, PEP, PIP, fine-grained authorizaton, ASI in order to keep this first discussion topic simple.
As I said, this would be the basic overview, let's get started!
With the advent and progress of web technology, the demand to get the web resources secured, through time, increased. This included the basic processes like authentication and authorization to a web application.
While authentication process authenticates a particular user and determines if the user is the same as he claims to be, authorization need arises when you need to determine which authenticated user is authorized to assess which resource in an application.
Say for a bank web-site's 'view account balance' link for various users with different roles (like customer,executive,manager,senior manager, etc) and in different groups (like accounts, loans) would have a restricted assess as to who is able to view/use the link.
This process of protecting a resource (the 'view account balance' link) and restricting the access of a particular subject(the authenticated user) to a resource is called authorization process.
To achieve this security measure, complex business logic with the company policies based on the roles and the groups of subjects(users) are coded in the application, which actually make the application bulky and you get a time taking and painful response time.
So now the idea is to separate this complex security logic from the actual application in order to make the application optimized in terms of performance.
This task of entitlement (entitlement: which user is entitled to which/what resource in an application) if achieved through the Entitlement Servers. An entitlement server would intercept an incoming request, authorize the request, by mapping the user with her roles, groups to which she is assigned and with the policy of the organization, finally granting/denying access to a particular resource of the application (in our case the banking web-site).
This entitlement server is available as a plug-in for different platforms and for a range of Application containers live Weblogic and Tomcat, which can be put as a wrapper around the application that is to be secured, intercepting the incoming request and allowing access to the particular resource of the application.
The entitlement server, for this process of authorization, queries various external resources like LDAP server(where information of subjects/users are stored) and the Policy Database(where the organizational policies are stored). The result of these queries are stored in caches (different for different modules of Entitlement Servers, like the Entitlement Administration Server and Security Service Modules/SSMs). This adds an advantage to the performance as the Administration Server and the SSMs reads the cache for the policy decisions that it had made earlier, reducing the external reads. The SSMs can also function independently of the external resources and the Administration Server due to the caching mechanisms.
Another advantage to this security measure is that every time there is some change in the security policy of the organization or a configuration in the security paradigms, a change is required at a central location rather than disturbing the whole application.
In simple words, think of it as the user inputs the data via the request, the application implements the business logic on the input request data and then processes the same and gives response in terms of permission to the user.
This is the basic concept that we achieve through Entitlement Servers.
Reply/comments/queries are most welcome and I would try to help you to the best of my knowledge.
For all u beginners to Oracle Entitlement Server, I would give a brief and a very basic overview on the topic, excluding the installation part in this post. You just have to go through this once to get the most brief and concrete idea of what an entitlement server does and how it achieves the goal of authorization.
This will help get you started. We won't discusses the various topics like PAP, PDP, PEP, PIP, fine-grained authorizaton, ASI in order to keep this first discussion topic simple.
As I said, this would be the basic overview, let's get started!
With the advent and progress of web technology, the demand to get the web resources secured, through time, increased. This included the basic processes like authentication and authorization to a web application.
While authentication process authenticates a particular user and determines if the user is the same as he claims to be, authorization need arises when you need to determine which authenticated user is authorized to assess which resource in an application.
Say for a bank web-site's 'view account balance' link for various users with different roles (like customer,executive,manager,senior manager, etc) and in different groups (like accounts, loans) would have a restricted assess as to who is able to view/use the link.
This process of protecting a resource (the 'view account balance' link) and restricting the access of a particular subject(the authenticated user) to a resource is called authorization process.
To achieve this security measure, complex business logic with the company policies based on the roles and the groups of subjects(users) are coded in the application, which actually make the application bulky and you get a time taking and painful response time.
So now the idea is to separate this complex security logic from the actual application in order to make the application optimized in terms of performance.
This task of entitlement (entitlement: which user is entitled to which/what resource in an application) if achieved through the Entitlement Servers. An entitlement server would intercept an incoming request, authorize the request, by mapping the user with her roles, groups to which she is assigned and with the policy of the organization, finally granting/denying access to a particular resource of the application (in our case the banking web-site).
This entitlement server is available as a plug-in for different platforms and for a range of Application containers live Weblogic and Tomcat, which can be put as a wrapper around the application that is to be secured, intercepting the incoming request and allowing access to the particular resource of the application.
The entitlement server, for this process of authorization, queries various external resources like LDAP server(where information of subjects/users are stored) and the Policy Database(where the organizational policies are stored). The result of these queries are stored in caches (different for different modules of Entitlement Servers, like the Entitlement Administration Server and Security Service Modules/SSMs). This adds an advantage to the performance as the Administration Server and the SSMs reads the cache for the policy decisions that it had made earlier, reducing the external reads. The SSMs can also function independently of the external resources and the Administration Server due to the caching mechanisms.
Another advantage to this security measure is that every time there is some change in the security policy of the organization or a configuration in the security paradigms, a change is required at a central location rather than disturbing the whole application.
In simple words, think of it as the user inputs the data via the request, the application implements the business logic on the input request data and then processes the same and gives response in terms of permission to the user.
This is the basic concept that we achieve through Entitlement Servers.
Reply/comments/queries are most welcome and I would try to help you to the best of my knowledge.
Thursday, August 18, 2011
Online Java Coding
After a long and extensive search, I finally came across this site which allows you to write java, python code (for a little coding practice), compile as well as see the output.
http://www.codingbat.com/
It is pretty easy to use site. It contains question for practice on Array, Loops, Logic etc.
Hope you coders(beginners as well) looking out benefit out of it.
I will keep updating you guys if I come across some other sites.
Let me know if anyone of you find it useful.
Sudipto S.
http://www.codingbat.com/
It is pretty easy to use site. It contains question for practice on Array, Loops, Logic etc.
Hope you coders(beginners as well) looking out benefit out of it.
I will keep updating you guys if I come across some other sites.
Let me know if anyone of you find it useful.
Sudipto S.
Subscribe to:
Posts (Atom)