Skip to main content

Posts

Showing posts from 2015

ADF Servlet Filter

This blog is to guide you how you can filter the requests and add your custom checks in ADF application. Follow below steps to create/configure a Servlet Filter in your ADF/Webcenter application. 1. From new wizard select Servlet and select Servlet Filter 2. Click on next 3. Enter the name of Servlet filter and package 4. Map to Servlet or JSP radio button should be selected and it is default selection. 5. Click on finish and you will get a servlet filter created. This is the class generated after you click finish, it is having init, destroy and doFilter methods.  We will write our logic in doFilter method. This will be called whenever a Servlet or jsp page request arrive to application.    As we created servlet filter with ADF steps so it has added our filter entry in web.xml file which is a mandate to work our filter.  We can create other filters also but we must register it in web.xml file. W...

Read data from ADF property file using java

package propertyfile; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.util.PropertyResourceBundle; import java.util.ResourceBundle; public class ReadPropertyFile {     public ReadPropertyFile() {         super();     }       public static void main(String args []){         try {             File file = new File("/opt/oracle/urls/test.properties");             FileInputStream fileInputStream = new FileInputStream(file);             ResourceBundle bundle =new PropertyResourceBundle(fileInputStream);             String appURL = bundle.getString("googleRedirectURL");             System.out.println(appURL);             fileInputStream.clo...

Java Design Patterns

Introduction : Design patterns represent the best practices used by experienced object-oriented software developers. Design patterns are solutions to general problems that software developers faced during software development. A design pattern is not a finished design that can be transformed directly into code. It is a description or template for how to solve a problem that can be used in many different situations. These solutions were obtained by trial and error by numerous software developers over quite a substantial period of time. In 1994, four authors Erich Gamma, Richard Helm, Ralph Johnson and John Vlissides published a book titled Design Patterns - Elements of Reusable Object-Oriented Software which initiated the concept of Design Pattern in Software development.These authors are collectively known as Gang of Four (GOF). As per the design pattern reference book Design Patterns - Elements of Reusable Object-Oriented Software, there are 23 design patterns which can be ...

Deployment - Session-Descriptor Parameters

Below list of will help you to configure cookies and do session related settings. You can do these settings at application or server level. 1. timeout-secs Sets the time, in seconds, that WebLogic Server waits before timing out a session. The default value is 3600 seconds. On busy sites, you can tune your application by adjusting the timeout of sessions. While you want to give a browser client every opportunity to finish a session, you do not want to tie up the server needlessly if the user has left the site or otherwise abandoned the session. This element can be overridden by the session-timeout element (defined in minutes) in web.xml. 2. invalidation-interval-secs Sets the time, in seconds, that WebLogic Server waits between doing house-cleaning checks for timed-out and invalid sessions, and deleting the old sessions and freeing up memory. Use this element to tune WebLogic Server for best performance on high traffic sites. The default value is 60 seconds. 3. sharing-ena...

ADF Faces configuration

ADF Faces configuration options are defined in the web.xml file using <context-param> elements. STATE_SAVING_METHOD : The JSF parameter javax.faces.STATE_SAVING_METHOD identifies where the state of the view is stored between requests.  By default, the state is saved in the servlet session. Set the STATE_SAVING_METHOD parameter to client in the context-param stanza of the web.xml file, so that JSF stores the state of the entire view in a hidden field on the rendered page. If you do not, then JSF may attempt to cache that state,  which is not serializable, in the session object. <context-param>     <param-name>javax.faces.STATE_SAVING_METHOD</param-name>     <param-value>client</param-value> </context-param> CLIENT_STATE_METHOD  :  org.apache.myfaces.trinidad.CLIENT_STATE_METHOD specifies the type of client-side state saving to use when client-side state saving is enabled by using javax.fa...

ADF Deployment - Security settings

To Avoid the Cross-Site Request Forgery (CSRF) attack in your application, make below settings in web.xml file. <!--Enable client-side state saving, to store the view state on the browser client.--> <context-param> <param-name>javax.faces.STATE_SAVING_METHOD</param-name> <param-value>client</param-value> </context-param> <!--- Specifies the type of client-side state saving to use when client-side state saving is enabled by using javax.faces.STATE_SAVING_METHOD-->  <context-param> <param-name>org.apache.myfaces.trinidad.CLIENT_STATE_METHOD</param-name> <param-value>token</param-value> </context-param> <!--Defined to specify context parameter to use framebusting in your application--> <context-param> <param-name>org.apache.myfaces.trinidad.security.FRAME_BUSTING</param-name> <param-value>differentDomain</param-value> </context-p...

LinkedList in Java

/* LinkedList is a linked list implementation of the List interface.  * Implements all optional list operations, and permits all elements (including null).  * In addition to implementing the List interface, the LinkedList class provides uniformly named methods to get,  * remove and insert an element at the beginning and end of the list.  * These operations allow linked lists to be used as a stack, queue, or double-ended queue.  */ package collection.list; import java.util.Collections; import java.util.Iterator; import java.util.LinkedList; import java.util.List; public class LinkedListDemo {     public LinkedListDemo() {         super();     }         public static void main(String[] args){ /* Linked list simple example  * LinkedList of type String */         simpleLinkedList(); /* LinkedList emaple with Employee class objects  * with sorting, it...

Vector in Java

/* The Vector class implements a growable array of objects.  * Like an array, it contains components that can be accessed using an integer index.  * However, the size of a Vector can grow or shrink as needed to accommodate adding and removing items after the Vector has been created.  */ package collection.list; import java.util.Collection; import java.util.Collections; import java.util.Vector; public class VectorDemo {     public VectorDemo() {         super();     }         public static void main(String []Args){ /*  * vector containing Integers  */         simpleVector(); /*  * vector containing objects of class Student  */        Vector<Student> students=vectorOfStudents();           }         public static void simpleVector(){         Vector<Integ...

ArrayList in java

/*  * Java ArrayList class uses a dynamic array for storing the elements.It extends AbstractList class and implements List interface.  * Can contain duplicate elements.  * Maintains insertion order.  * Non synchronized.  * Allows random access because array works at the index basis.  * Manipulation is slow because a lot of shifting needs to be occurred if any element is removed from the array list. */ package collection.list; import java.util.ArrayList; import java.util.Collections; import java.util.Iterator; import java.util.List; public class ArrayListDemo {     public ArrayListDemo() {         super();     }         public static void main(String args []){         /*  * creating old non-generic arraylist  */         ArrayList al=new ArrayList();         /*  * ArrayList with normal data or obje...

List interface in java

List Interface : A List interface is about the index . The one thing that List has that non-lists don't have is a set of methods related to the index. Those key methods are like get(int index), indexOf(Object o), add(int index, Object obj), and so on. All three List implementations are ordered by index position. position that you determine either by setting an object at a specific index or by adding it without specifying position.The three List implementations are.      ArrayList      Vector      LinkedList Some key points about these implementation classes are Refer below links for above classes examples. 1.  Array List implementation 2.  Vector Implementation 3.  LinkedList Implementation

Session Timeout

HTTP is a stateless protocol, the server receives no implicit notice that a client has closed his browser or it is idle. Therefore any Java EE-compliant server provides a standard, configurable session timeout mechanism to allow resources tied to the HTTP session to be freed when the user has stopped performing requests. We have to timeout mechanisams. 1. Implicit Timeout Due to User Inactivity and 2. Explicit HttpSession Timeout 1. Configure the Implicit Timeout Due to User Inactivity : You configure the session timeout threshold using the session-timeout tag in the web.xml file. The default value is 35 minutes. When the HttpSession times out the BindingContext goes out of scope, and along with it, any data controls that might have referenced application modules released to the pool in the managed state level. The application module pool resets any of these referenced application modules and marks the instances unreferenced again. 2. Explicit HttpSession Timeout  : T...

Encryption Decryption in java

In some use cases we require encryption and decryption of parameters. There are so many algorithm present for this implementation.  Java Encryption Algorithms When we are implementing the algorithm we need to consider our requirement and select the appropriate algorithm. In one of my use case i had one requirement to send some parameters after encryption and decrypt it wherever i am using those parameters. I used AES algorithm. You can use the same code in your application by creating a java file. import java.io.IOException; import java.nio.charset.Charset; import java.security.GeneralSecurityException; import java.util.regex.Pattern; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import sun.misc.BASE64Decoder; import sun.misc.BASE64Encoder; public class Encryption {    private static String key = "xyzBKabcccraSing";     public static void main(String[] args) {...

Exception Handling in ADF

Exception handling is one of the important aspect of any application. In below example i will explain how to handle exception/errors in adf taskflows with the help of taskflow-template. Create a generic taskflow-template which contains the exception handling logic may be a method(java code) or a page. Use the same taskflow-template when you are creating a taskflow. Whenever exception is thrown, taskflow-template will handle it. Below image show a method marked as exception handler in taskflow-template. It is nothing but one java code with some logic. Using this template create a taskflow as shown below. In this taskflow add 2 activities, one will be a page containing a button which will call processData method. This method throws an exception. Thrown exception will be handled in one method which is there in taskflow template. When exception is thrown you can see the below message. Java code handling exception : import j...

OWASP Top 10 Vulnerabilities in ADF

The Open Web Application Security Project (OWAS P) is a  501(c)(3)  worldwide not-for-profit charitable organization focused on improving the security of software. Their mission is to make software security  visible,  so that  individuals and organizations  worldwide can make informed decisions about true software security risks. OWASP publishes a list of top 10 critical web application security vulnerabilities identified each year.  For more information on OWASP  Click here To mitigate the OWASP Top 10 Security Vulnerabilities Oracle has provided a white paper. In this paper you can see what the vulnerabilities are and how we can protect those. The provided document is to help developers that know security identify tools and features in Oracle ADF that they can use to implement application security. This paper does not replace a formal code review process. Click on the below link to open the white paper. oracle white paper Or...