Oracle ADF with Google Firebase (Part II - Secure CRUD)

Source: GitHub

In my previous blog - Oracle ADF with Google Firebase - I wrote about integrating ADF Faces with a NoSQL database like Google Firebase. Till now I only discussed about fetching data from an insecure connection. But in a real world scenario, we would want the REST APIs to be secured so that only an authenticated user should be able to access the database.
This article will extend the previous application further by securing the REST APIs with a web token, and will ensure that a Bearer token is required in order to access the data. This article will also showcase generic crud operations.
Google Firebase also allows provides it's own authentication system, however, we will not be using that, since our application will be hosted on WebLogic server, which is supposed to take care of authentication and authorization. What we would do is to generate a secure token once WebLogic authenticates and authorizes the user, and use this token to access the databa…

Oracle ADF with Google Firebase

JDev: Source: GitHub
This article talks about an interesting integration of Oracle ADF with Google's Firebase database. For those of you who are not aware of this, Firebase is a NoSQL cloud database service, provided free of cost (well, it's free for most of the way) by Google.
Reference: Google Firebase
We also had our eye on MongoDB cloud , but Firebase won the race for one simple reason - it provides out-of-the-box REST API connectors for it's entire data structure, and wrappers for query purposes. You do not need to write or manage a single line of code. Additionally, it provided access for firestore - an online storage space to upload documents.
The data-structure of firebase is quite unique - it stores data as a JSON tree. Every node of that tree is exposed as a REST URL, and all you need is to use the URL in your application.
To show an example, here's what Department and Employee structures look like in Firebase:

To access the desired node, appropri…

Custom 401 unauthorized error page

Sources: 1) ErrorCodeDemo1-GitHub , 2) ErrorCodeDemo2-GitHub

Quite often I see developers ignoring proper error redirection for 401 unauthorized access scenarios. The usual behaviour is to put an enterprise/application role constraint for the homepage and relying on the J2EE container to deliver the default error page. Not only does it look ugly, but it also breaks the application flow, as the end user has no other option provided to rectify the error.
This article talks about two simple approaches to display our own error page when an unauthorized user accesses your application. The end-result would be displaying something like this:

Approach 1: Declarative This is a simple, one-step approach. You just define a reference to your own error page inside web.xml file, which gets called for a 401 error code.

Approach 2: Programmatic The second approach is slightly elaborate. But effectively, there is no difference in the end-result. In this approach, I create a task-flow…

RichInputListOfValues - accept unlisted values and update model

Source: GitHub

Business requirements can be strange and demanding at times. They would make you look deeper into the framework and try to find out mechanisms to bypass usual behaviour.
I recently worked on a requirement where the customer was in love with Input-List-Of-Values component and wanted to know if I could stretch it further. Here's what he wanted:
1. Allow the Input-List-Of-Values to accept values which were not in the list. 2. On entering such a value, fire a validation which would show a warning message that the value is not in the list. 3. From the developer's stand-point, we also wanted to update the model then and there, as we were using the current row's attributes for some other logic processing. Of course, this third point was our concern, not the customer's.
So let's see how to go ahead with this. I have an application which displays one row of a transient view object. The "FirstNameAttr" attribute of this view has one…

SQL Authentication Provider for Oracle ADF


Using SQL authentication provider turns out to be a much needed feature for applications which have been transformed into ADF web applications from legacy forms. For applications with really large user bases, it becomes quite tedious to transfer users from database tables to other providers like LDAP.

We do have quite a lot of discussions on this topic. This article will be an extension of two great blogs by Edwin Biemond and Chris Muir, and intends to provide a complete solution with this approach.

The detailed initial steps of this approach are mentioned in the above two blogs. So I will quickly run through them.

I set up a new auth provider from WebLogic console - I will call it CustomSQLAuthenticator.

I would want this authentication system to take precedence over the DefaultAuthenticator. In order to do that, I would do the following:

1) Re-order the providers, to bring up CustomSQLAuthenticator above DefaultAuthenticator.

2) Set the control flag for both Custom…

Programmatic DVT charts in Oracle ADF

Source: GitHub

This article talks about programmatic approach of creating dvt components or charts, using Java objects, and more importantly, without ADF bindings. This is quite helpful when you deal with data which does not change often and can be pre-loaded into Java objects. The biggest advantage of this is of course, performance, since you do away with any database interaction.

The sample code has a table based on Department pojo. Each department object has a List of Employee pojo. On table row selection, I retrieve the list of employees, and I use this list to create the Object array required for each chart type.

There are a couple of key points to this approach:
1) Your Java data model should be prepared to provide all the required information to the chart.
2) You need to know the "Tabular Data" format for each graph.

My data-model consists of a Department object, having a list of Employee objects.

Each graph's tabular data format is an array of O…

Send mail using gmail from Oracle ADF

Source: GitHub

This article talks about using Google services (Gmail) to send email from an ADF application. I doubt that there would be a real-world use-case for this, but nonetheless, the email integration would be the major takeaway from this blog.

This does not use any ADF related package. Any Java application is good enough for this.

To start with, I have an ADF application, with just the ViewController project. I don't need any Model support for my sample project. The UI captures the required details.

However, before you start sending emails from your Google account, you need to allow "less secure apps" to access your Google account. Now this is not recommended, but try it out for once. Visit, scroll down till the end and set "Allow less secure apps: ON".

The emailing will be taken care of by javax.mail package. Let us break up the activities into the following sections:

Note: multiple recipients (to…