Oracle Self-Service Web Applications

The OSSWA (ICX is the abbreviation for the product set) architecture is made up of a Web browser, the Apache powered HTTP Server, HTML documents and Java components (i.e., JSP, JavaBeans, servlets), and an extensive set of PL/SQL functions and procedures that access information in the Web Applications Dictionary and display the elements in dynamic pages.

Vocabulary

What, more new words? Not to a great extent, no. In this case, it is the way that these words, most of which we have already become acquainted with, are used in connection with this part of the application.

HTTP Server

The HTTP Server provides the communication services from the database and the other services on the middle tier to the Web browser.

CGI

Common Gateway Interface or CGI is an industry standard means by which many applications are run via the Web. In real world examples, many sites have guest books that they want people to sign when they visit. These guest books are very often programmed using the CGI interface. Mod_cgi is the Apache module that allows for the execution of CGI components in the Applications interface.

Flow

A flow is a series of data displaying Web pages that are bound together by a complex set of definitions. In many cases, these flows can be grouped together and thought of as an inquiry.

HTTP

Hypertext Transfer Protocol is the transfer protocol used to request documents from the Web server.

HTML

Hypertext Markup Language is the encoding format for presenting Web pages to the browser in a way that allows them to display nicely. These pages may contain text, graphics, and references to (links to) other programs, files, and hypertext documents. HTML is a subset of SGML or the Standard Generalized Markup Language.

JavaBeans

JavaBeans are special Java classes that have specific rules and naming conventions for its methods and variables. These reusable components perform well-defined tasks that are repeated over and over within an application.

JavaScript

JavaScript is a scripting language that adds powerful extensions to standard HTML without having to rely on CGI interface. These are responsible for the scrolling messages that you see at the bottom of some Web pages. There is no need to interpret this coding in any way; a standard browser interprets it. While not very robust, it is useful in cases where light programming will suffice.

JavaServer Pages (JSP)

JavaServer Pages allow the embedding of servlet code within a standard HTLM document. A JSP is similar to server side includes.

Java Servlets

Java servlets are small, pluggable programs that are extensions to a server that will enhance that server's functionality and are the key components in server side Java development. Mod_jserv Apache module is the servlet engine that allows for the inclusion of these servlets in the application.

Web Applications Dictionary

The Web Applications Dictionary is, conceptually, an active data dictionary that utilizes a Forms-based interface. This data dictionary (not to be confused with the Oracle Data Dictionary) stores the specific information about the OSSWA data. This includes the information about the prompts, languages, navigation, and security that is inherent in the OSSWA.

Using this dictionary and its interface, you can define the rules that define the manner in which a flow acts for a particular user. You can specify the way that you want the HTML document to behave, object content that associates the business views and PL/SQL, the hyper text business flows between objects, and page content including fields and selection criteria.

The Web Applications Dictionary can also be viewed as a real-time execution engine that retrieves relevant information from the database. This engine allows OSSWA to retrieve database data that supports the creation and presentation of dynamic HTML documents and is considered to be one of the AD modules.

Web Browser

One of the most important and most visible components to the world is the Web browser. The browser you choose must support frames, tables and JavaScript. (Internet Explorer supports the most features dependably.)

Web Inquiries

A Web inquiry (or a flow from above) is a series of hyper-linked Web pages, many of which are predefined in the application based on business inquiry process. Defined within the Web Application Dictionary, one of the most common uses for these flows is to drill out from one piece of information further detailed data that went into making up that information (e.g., the purchase order that resulted in an invoice).

Web Transactions

A Web transaction is the interface through which a user enters data that gets stored within the client machine using the JavaScript technology. When the user chooses to commit the data, it gets passed to the PL/SQL agent that executes a PL/SQL procedure or set of procedures to store that data in temporary tables that are owned by the product schema on the database. These temporary tables or open interface tables (the only tables that OSSWA has the ability to interface with) rely on the open interface programs to do all validations and referential integrity checking.

Oracle Workflow

Workflows can be considered to be business flows that allow the end users to be automatically sent the information that they need in their position to adequately be prepared to make decisions. Depending on your version, Workflows can be defined through the Workflow Builder, a GUI interface that allows users to define their own business processes and activities that will be provided based on their security within the application. These definitions can also be created within the OAM interface. This will be the interface of choice in future releases of the application and will become the only manner in which Workflow will be administrable.

How OSSWA Serves Up Pages

Typically, a Web page is requested when the user clicks on a link. The embedded URL that they clicked on and the request are routed to the HTTP Server that accesses the Web page and returns that page to the requesting user.

In many of the servlet driven and JSP pages, the steps that the request goes through are very similar to the generic model.

1. The user clicks on the link of a function on an OSSWA menu.

2. That link is accessed in the browser and calls, for example, a JServ servlet.

3. Apache routes the request to mod_jserv.

4. Mod_jserv takes the request and forwards it on the Apache JServ servlet engine.

5. The servlet engine generates a response that accesses any data in the database that is required.

6. If there are JSPs involved, the servlet engine will contact Oracle JSP (translator and runtime environment for JSPs).

7. Final response is relayed to mod_jserv through the Apache server and returned to the requesting client.

When it comes to displaying dynamic Web pages, the Oracle SSWA method relies on PL/SQL stored program units and packages. While this method is still supported, Oracle Corporation's recommendation for creating new, custom content to be served up through the Oracle E-Business Suite interface is to use JSPs, thus relying on the process laid out above. For those pages relying on stored procedures, the process for serving up pages is as follows:

1. The user clicks on the link of a function on an OSSWA menu.

2. The URL's source code calls for a stored procedure.

3. Apache routes the request to mod_plsql.

4. Mod_plsql forwards the request to the RDBMS PL/SQL engine, making use of the DAD file to connect mod_plsql to the database and prepare the parameters for the stored procedure call.

5. The stored PL/SQL generates the HTML page using data stored in the database.

6. The response is returned to mod_plsql.

7. Mod_plsql returns the response to Apache HTTP Server and then back to the requesting client.

OSSWA and Security

Data security in OSSWA is controlled in several ways. Secure Sockets Layer (SSL) is used to secure the communication between the client machine and the middle tier server. SSL uses the strongest cryptographic encryption method possible, employing nearly impossible to break encryption keys. SSL is a de facto standard means by which commerce is conducted over the Internet. Further, HTTP cookies are employed in the securing of data. Encryption of passwords, parameters to functions and session identifiers, and session expiration all lend to the ultimate OSSWA security.

Cookies are utilized in session management. Each session is assigned a unique identifier that gets stored in a database table. This session identifier is returned to the requesting browser via an encrypted cookie along with the session expiration details (hours or number of hits allowed).