By Tanu Sood-Oracle on Sep 17, 2015
Oracle Corporation - Worldwide Headquarters, 500 Oracle Parkway, OPL - E-mail Services, Redwood Shores, CA 94065, United States
Oracle Corporation - Worldwide Headquarters, 500 Oracle Parkway, OPL - E-mail Services, Redwood Shores, CA 94065, United States
Originally posted by Kundan Vyas-Oracle
MAF 2.1.3 provides a tighter integration with Oracle Mobile Security Suite (OMSS) 22.214.171.124.1.This integration offers capabilities like, Android Containerization, Data Leak Protection, Data Encryption, Application Tunneling, Container Authentication and Single Sign-On. Features like Containerization, Data Leak Protection and Data Encryption are already supported on iOS from previous MAF releases.
Mobile app containerization allows customers to add a standardized security layer to native mobile apps.
The containerization process is simple, and developers do not need to change a line of code. MAF developers just need to deploy the application to OMSS, in JDeveloper or Eclipse. During the deployment, the app is first compiled and an unsigned version of the app is generated that is intended to be signed with an enterprise distribution certificate for distribution within the company. After deployment, a wrapped APK file is generated which is signed with the signing certificates which are configured in the MAF JDeveloper / Eclipse Preferences, in the Android platform section.
Enable OMSS deployment in JDeveloper
Enable OMSS deployment in Eclipse
Once a MAF app is containerized with OMSS, IT administrators can apply various data leak protection policies and restrict how and if users can share data within the app
Email allowed can restrict the ability to send email from an app.
Instant Message allowed can restrict the ability to send Instant Message from an app.
Video chat allowed restricts the ability to share information via services such as FaceTime.
Social Share allowed restricts the ability to share information via services such as Facebook or Twitter.
Print allowed restricts the ability of the user to print.
Restrict file sharing restricts the ability of the user to share files outside the secure enterprise workspace.
Restrict copy/paste allows copy/paste inside the secure container, containerized apps or between containerized apps, but not to apps outside the secure enterprise workspace.
Redirects to container allowed prevents any app outside the Mobile Security Container workspace from redirecting a URL into the container.
Save to media gallery allowed prevents images, videos and audio files from being saved to media gallery and photo stores.
Save to local contacts allowed prevents contacts inside secure enterprise workspace apps from being saved down to native device contacts app.
Redirects from container allowed prevents any vApp from the Mobile Security Container workspace or containerized app from redirecting a URL outside the Mobile Security Container workspace or containerized app.
OMSS Containerization provides the ability to encrypt the data stored offline within MAF android applications. Starting with 2.1.3 this functionality is available for MAF applications as well. Encrypted data storage includes application data, including files, databases, application cache, and user preferences. Developers can use MAF encryption with OMSS containerization without having to worry about double encryption. Within a containerized application, MAF frameworks delegates encryption to the container this ensures that there are no code changes needed based on whether an app is Containerized or not.
MAF 2.1.3 release provides support for application tunneling through Oracle Mobile Security Suite on both Android & iOS. Application tunneling provides a secure way to access the corporate resources behind the firewall, within a mobile client, without the need of device level VPN. Tunneling functionality allows administrators to intercept, and manage, all the requests coming from a specific MAF application. Administrators can configure the requests coming from a specific URL to go through a proxy on MSAS server. They can also either completely block the requests, or redirect the requests directly to the internet.You can find more details on how to configure application tunneling in the Web Settings section of Administrative Console Guide for Oracle Mobile Security Suite.
When Web SSO authentication type is used in MAF apps with Oracle Access Manager and Oracle WebGate used in the back-end for authentication, the end user is not challenged for credentials in the application after Container authentication. The user identity from the Container is propagated to the App and the back-end services. SSO across multiple apps in the Container is also supported, i.e. user can login once to the Container and access all the apps in the Container with out additional authentication challenges.
Here is a quick demo which shows all three features (Android Containerization, Data Leak Protection, and File Encryption)
Crossposting from Greg Jensen's original post here
Oracle released a Press Release announcing the availability of Identity Management 11gR2 PS3 (Patchset 3). This update to the IDM 11gR2 solution brings forth some groundbreaking new capabilities for our customers to enable organizations to realize success in the areas of new digital business and unifying identities across applications. This greatly simplifies the on-boarding of new users, applications and services such as mobile and cloud.
Some of the new aspects of the PS3 update include a new "Business Friendly" user interface which provides a single console view of your provisioning, approval workflows, entitlement management, and more.
The update also introduces new capabilities around mobile security with the expansion of Oracle's Mobile Security offering to include Enterprise Mobility Management. This is achieved through the inclusion of Mobile Device Management capabilities as well as a consolidated policy management framework for simplified provisioning of devices, applications and access.
New materials that have been created to help you evaluate this new update include:
Stay tuned to the Oracle Identity Management product page for the latest information on how Oracle is able to solve today's business challenges, and stay on top of the latest information with Oracle's Twitter and Facebook pages.
By Ian Wallis, Director Mobile PaaS Business Development, Oracle EMEA
The first half of 2015 has seen big advances in mobile app, development, integration and mobile enterprise IT and these culminated for me at the Gartner AADI conference we took part in towards the end of May (see photo above).
There was a lot of talk about how IT is becoming a toxic brand inside the enterprise, holding back innovation and blocking progress in initiatives desperately needed by the business. Almost 40% of IT spend is now being decided on by teams outside of IT and according to Gartner this will rise to 50% by 2017.
We need to transform IT into an enabler rather than a blocker of change. This means layering IT with systems of innovation, which are fluid, adaptable and innovative on top of the core systems, which need to be safe and steady. These systems of innovation should allow the organization to take risk without jeopardising the core systems.
So when considering a mobile app integration strategy, two new considerations play out for CIOs and IT organizations:
Enterprises also need to evolve away from trying to enforce Mobile Device Management (MDM) through to managing Digital Risk. Given the low adoption of MDM of between 25% and 50%, enterprises need to start to trust the untrustworthy, as we move to more usage on personal mobile devices and “things”.
Businesses also need to expect unintended consequences as mobile throws up unexpected outcomes and need to be aware of amplification given the huge reach of mobile and social.
Businesses should look to surround themselves with digital assets and remove the physical constraints of doing business. This includes tapping in to Business Moments, where transient opportunities can be exploited dynamically. To do this we see more demand for Micro apps, where one app does one thing really well, most likely on a watch or mobile phone.
To support these business moments via micro apps, there are a number of key trends impacting how we use mobile app platforms. Richard Marshall outlined the following shifts happening in mobile application development:
It is very reassuring to see that Oracle’s Mobile Cloud Service aligns closely with these trends:
By Yoav Eilat-Oracle on Apr 22, 2015
We've just launched a new set of workshops in several U.S. cities: Oracle Platform as a Service for Application Development.
It’s another opportunity to test drive new Oracle Enterprise Manager capabilities, but it goes far beyond Enterprise Manager. This time we focus on Java development and testing in the private and public cloud, and the cloud operations needed to support them.
So bring your laptop, connect to our live environment and try it for yourself!
The day begins with an overview of APaaS benefits and the architectural choices for building your enterprise private or public cloud (or both). You then use step-by-step workbooks that guide you through creating an application platform / middleware cloud environment. The event is perfect for application developers, IT managers and anyone developing, testing and deploying Java applications.
The time is evenly split between private and public cloud labs. These are the workbooks we’ll go through:
· Middleware as a Service
· SOA as a Service
· Fusion Middleware Provisioning
· Creating and Exploring Java Cloud Service
· Building and Deploying an Application with Java Cloud Service
· Managing Java Cloud Service Operations
Looks interesting? Register for an event near you.
Oracle Mobile Security Suite (OMSS) addresses BYOD challenges by isolating corporate from personal data on consumers’ personal mobile devices without needing to lockdown the entire device. Using a technique called containerization; the Oracle Mobile Security Suite creates a Secure Workspace (SWS) in which corporate applications,email and data are stored. Only authenticated users can access the secure workspace to run applications and access data and only applications provisioned or approved by corporate IT can be installed and executed from within this secure workspace. If the device is lost or stolen, corporate IT can remotely wipe the secure workspace without affecting any personal data.
The OMSS Secure Workspace (SWS) leverages OAM infrastructure for secure authentication (or even strong authentication/risk based access in the upcoming PS3 release) and seamless single sign on to corporate resources for all containerized apps. In this blog post I'll describe how the OAM Mobile & Social (M&S) OAuth Service allows OAM to provide secure authentication and enterprise single sign on to Oracle's Mobile Secure Workspace (SWS) .
How it Works
In order for the Mobile Security Access Server (MSAS) to authenticate users against Oracle Access Manager and retrieve Oracle Access Manager and OAuth tokens for integrated single sign on, the Mobile Security Access Server (MSAS) is registered as an OAuth Client with the M&S OAuth Service. In the current PS2 release we support the Confidential Client OAuth flow only; however in the upcoming PS3 release we will support Dynamic Client Registration as well.Confidential Client Flow - In this flow MSAS is the OAuth 2.0 Confidential Client and M&S is the OAuth Server as well as the Resource Server. MSAS uses the clientid and secret entered in the container as confidential credentials for this flow. The confidential client first obtains an JWT User Token (referred to as User Identity Assertion) using this clientid, secret and the userid and password entered by the user in the secure workspace. The confidential client then obtains an OAuth2.0 Access Token using a standard OAuth 2.0 JWT user assertion flow on behalf of the resource owner. The OAM Tokens to access 11g or 10g protected resources are then obtained using the extension OAM Credential grant type using this JWT User Token. MSAS stores the encrypted JWT UT and the OAM MT (corresponds to an OAM_ID cookie for OAM protected web resources) in an STOKEN which is returned to the secure workspace app. This allows an authenticated secure workspace app user to single sign on to OAM protected resources with the OAM MT in the STOKEN and to any OAM OAuth REST interface using the JWT UT in the STOKEN.
Dynamic Client Registration - In this authentication model, a workspace is dynamically registered with M&S through MSAS and the workspace itself obtains the JWT Client Token after successful workspace registration. Compare this to the Confidential Client Flow flow above where the workspace app uses the client credential of MSAS. The registration of the workspace basically involves app and device profile attributes to be automatically sent to the M&S OAuth Server which creates a JWT Client token based on the unique "fingerprint" specific to the app and the device of the workspace app. The rest of the flow is similar where the workspace app itself is the OAuth Client (mobile OAuth client) and M&S is the OAuth Server as well as the Resource Server. In this flow we support step up authentication (using KBA or OTP) and device context based fine grained authorization during both user authentication to the workspace app and subsequent single sign on to corporate resources from any of the containerized apps. This is now possible because M&S uses its built-in integration with OAAM (using the Security Handler Plugin) to perform risk analysis based on the device and app context now available in this authentication.
by Ruma Sanyal, Senior Principal Product Director, Oracle
By the end of 2015, end-user
spending on cloud services is expected to exceed $180 billion. The shift toward cloud is undeniable, as
is the need for hybrid cloud. Driven by legal, political, security, control,
historical, cultural [add more reasons here] needs, organizations will continue
to run some of their applications inside their firewall (in addition to running
many of their applications on a public cloud), which will ultimately drive the
need to create a private cloud infrastructure.
From the extensive insights we’ve compiled as leaders from our product and consulting teams have engaged with customers architecting their cloud infrastructure, we have developed an assessment for you to determine your IT organization’s private PaaS readiness. The tool comes with a 4-tiered dashboard based on the cloud adoption & maturity levels we’ve seen from hundreds of our customers, ranging from “preliminary” to “strategic.” Your organization’s current readiness rating is coupled with specific action items to help you reach the “strategic” level.
Take 10 minutes now to begin your
private PaaS journey. Once you go through this assessment, you will receive a
comprehensive 12-page report describing your PaaS adoption vis-a-vi your
business strategy, governance, organization, integration and more. Not only
that, we will compare your maturity with those of your peers, hundreds of whom have
already taken the assessment, and include that comparison data in the report so
you have a benchmark of your PaaS adoption readiness.
Don’t get left behind. Take
the assessment now!
 Gartner: http://www.informationweek.com/cloud/infrastructure-as-a-service/gartner-tells-outsourcers-embrace-cloud-or-die/d/d-id/1110991
by Jens Eckels, Senior Principal Product Director, Oracle
|DevOps continues to be a strong buzzword in IT, but oftentimes there's a bit of confusion on what it means. It's certainly important, but how can you get started and change your culture to adapt to this new amalgamated approach to development?
As you'd expect coming from us, we believe we have a very comprehensive set of products and tools to help you achieve your goals. See the below Slideshare for details.
A lengthier presentation that covers broader topics and Oracle product sets is available here.
Happy New Year! Hope 2015 is off to a great start for you.
One of the biggest highlights for us in 2014 was getting an opportunity to visit and spend some time with the IT Leaders of successful organizations around the world. The objective of each of these documentaries was to understand the business imperatives of such organizations, get insights from the IT Leaders on how they align their IT objectives with the company's business goals and how they measure the impact of their IT & business investments on their customers, vendor ecosystem, the company's employees and of course, the company's bottom line. And we then have technology experts walk us through the technical implementations that has made all that possible.
Based on their business imperatives, organizations had taken different paths and driven diverse IT roadmaps to deliver business success. Northumbrian Water in the UK enabled mobility for its remote workforce to drive 24 X 7 operations. Pella, a major windows and doors manufacturer in the USA built a contextual web experience for its online visitors while creating a self-service portal for its sales and dealers network and an online appointment scheduling tool to deliver a unique and superior digital experience. Grupo Farmacos, a major medical supplies distributor in Mexico has set up an optimized IT infrastructure that is suited to each of its four different business units, one dealing with high transaction volume, other requiring 24 X 7 availability and the other requiring high level of reliability with high performance for health needs. Ricoh Americas, an IT services and office equipment company, is delivering on its "Anytime, Anywhere" promise to its customers by allowing them to scan their products and either troubleshoot issues themselves or easily log those while in the backend, the seamless cloud to on-premise integration delivers the desired results. And Siram, an energy distribution company in Italy has automated its RFP process to deliver efficiency, bring transparency and drive cost control with automated business process management.
We were incredibly fortunate to have gotten some time with the executives of such elite companies and to be able to share their stories with you. For your convenience, we have made all these documentaries available in one place, that can be played on-demand. Hope you enjoy and benefit from these as we have enjoyed pulling these together.
It's not common that I'd refer to IBM in a a blog post, but it's the holidays, so there you go - a present for all of us.
It seems Lloyds Register was trying to mobilize some big iron (mainframes) to the 21st century and needed some help. So it happens that Oracle Mobile Application Framework was deemed best suited for the needs. ;-) A few key points:
Apparently, soup to nuts, it only took a couple of months and voila! Old iron is was now mobile iron, thanks to Oracle MAF.
You can read the article on Computer Business Review.
December 17, 2014 - Mark your calendars to get an update on Oracle's mobile strategy: Rethink Mobile: Beyond Mobile First with Oracle. We will be available to answer your questions via live chats. The Oracle guest lineup includes: Suhas Uliyar, Vice President, Mobile Strategy, Product Management, Laurent Pacalin, Group Vice President, Product Management, Jeanne Lowell, Vice President, E-Business Suite, and Rimi Bewtra, Sr. Director of Product Marketing.
And if you happen to be at Gartner AADI this week (Las Vegas!) stop by and say hello. I'll give you a mobile tour at no extra charge and perhaps some free poker lessons. ;-)
Here's a great trailer for the main event you do not want to miss.
The November edition of Oracle Fusion Middleware is now out. This post Oracle OpenWorld 2014 issue spotlights Oracle Executive Vice president, Thomas Kurian's middleware keynote where he outlined the company's strategy and middleware roadmap. His session also featured some key announcements and discussed new innovations in Oracle Fusion Middleware products spanning the areas of Service-Oriented Architecture (SOA), Business Process Management (BPM), Identity Management, Content Management and Sites, Data Integration, Java and Developer tools, Application Infrastructure and more. If you missed the OpenWorld keynote or are looking to catch up on all the latest in Oracle Fusion Middleware, don't miss this feature.
And offering more details on some of the new cloud services that were announced in Thomas Kurian's keynote, the additional news features include overviews of Document Cloud Service, Java Cloud Service and Integration Cloud Service.
As always, the newsletter has a great compilation of latest news announcements, new product and industry materials, upcoming events and webcasts (including the just released on-demand replay of the Northumbrian Water mobility webcast), training sessions and more. So, don't miss the latest edition of the newsletter. And to make sure you don't miss a beat in the happenings, we recommend you subscribe to the complimentary newsletter. Happy reading!
Cross posting for Joe Huang, Oracle Mobile Application Framework Product Team
As everyone probably already known, Apple iOS 8 and iPhone 6/6+ were released with great fanfare, delivering a number of new features. In the past, in general the upgraded phones will continue to run existing applications without any issues. Furthermore, testing against beta versions of the iOS are typically provides accurate feedback on the compatibility between MAF and new iOS. However, unfortunately, this was not the case with iOS 8, as there were some late breaking changing that were introduced only with the GA version of iOS 8 that were sent to all devices as updates. On the Mac itself, application upload check to the Apple AppStore has also changed. Furthermore, Mac 10.9.5 introduced changes in the certificate format, which necessitates further changes and workarounds. Let's look at each one of them more closely:
If you are running MAF 2.0.1, you are covered. MAF 2.0.1 has been fully certified against iOS 8. What you will notice, however, is that you may be prompted for allowing "Notifications" when you run the MAF application. This typically shows up during feature navigation. This "Notification" refers to the framework ability to be able to, for example, set badging numbering on the application icon. In older versions of iOS, this permission was automatically granted to the application. In iOS 8, users would be explicitly prompted to allow this. The user may pick "Yes" or "No", and in any case the application should behave as expected. This only showed up in the released version of iOS 8 so it's a late breaking change, but nevertheless it is an expected behavior. In future versions, investigations are underway to see if it's possible to allow developers to more finely control the display of these dialog boxes.
MAF 2.0.1 also addressed a couple of changes Apple introduced when verifying IPA files during the upload process to the iTunes Connect Portal. The Application Loader program in Xcode now perform some extra checks, and MAF 2.0.1 contains the changes that fully comply with these changes.
If you have developed MAF 2.0.0 - MAF 2.0.0 was tested against iOS 8 and we found its behavior to be consistent with MAF 2.0.1 when running iOS 8 devices. Nevertheless, we strongly recommend moving to 2.0.1 as soon as possible, since it contains the latest bug fixes. Furthermore MAF 2.0.0 does not contain the changes necessitated by the changes in the AppStore upload process referenced above. This is detailed in this Blog Article.
For applications built using ADF Mobile, we discovered a critical issue when running on iOS 8 - for which we have already delivered a patch. This issue impacts programmatic feature navigations and login screen navigation - so if you invoke feature navigation programmatically or simply enabled security/login, then you will see application "hang" during navigation to the next feature. It also appears to impact display of custom SpringBoard. To download and apply the patch addressing this hanging issue, please follow the instructions in Oracle Support Document 1929990.1 (ADF Mobile Application Feature Navigation and Login Hanging While Running on iOS8 Devices).
In general, however, please consider moving from ADF Mobile to Mobile Application Framework. Mobile Application Framework contains a number of major enhancements such as new IDE support, and will be the focus of new features going forward.
Mac OSX 10.9.5 (as well as the upcoming Yosemite release) introduced a new certificate format (Version 2). The technical details for Version 2 certificates are outside the scope of this article, but this Apple Technical Note does provide a little background. However, this change does impact MAF developers who have upgraded their Mac to 10.9.5 - the updates can be fairly silent so many of you may have upgraded without knowing it. After upgrading the Mac to 10.9.5, when you try to deploy a MAF application to an IPA file, the deployment will appear to fail, and the last line of the deployment log will state "...resource envelop is obsolete". This issue will be addressed in a patch for MAF 2.0.1 coming shortly. In the meantime, there are two possible workarounds:
If this file is not available or does not install, then try the following workarounds using Xcode 5.1.x:
1. Deploy from JDeveloper to "Distribution Package"
2. Open Oracle_ADFmc_Container_Template.xcodeproj located in MyApp/deploy/iOS1/temporary_xcode_project
-> This will launch Xcode
3. In Xcode select Product > Destination and select "iOS Device"
4. In Xcode select Product > Archive
->This will create an archive file and will automatically launch Organizer
open to the Archives tab with the archive selected
5. In Organizer select Distribute...
6. Select Save for Enterprise or Ad Hoc Deployment and hit Next
7. Select your provisioning profile, which will most likely be defaulted and hit Export
8. Specify the name and location for the IPA file -> This will create a signed IPA file for deployment or distribution
Mobile technologies are ever-changing, but Oracle is committed to work as fast as possible to support our customers by delivering these changes either as a new release or as patches. Stay tuned on this blog site for any news of future versions and major patches.
Oracle Mobile Application Framework Product Team
To get real time mobile news, follow us @OracleMobile
Another successful Oracle OpenWorld! We saw drones cruising over Howard St. as well as the America’s Cup trophy and championship sailboat, plus the concert Wednesday night had some great weather. We dialed in the weather. Tthere’s an app for that, I think it’s called Oracle ExaWeather Control Center and it's built on Oracle MAF ;-) There were a myriad of mobile sessions and hands-on-labs as mobile at Oracle continues into into high gear. Some highlights included:
Are you developing with Eclipse? These two were announced prior to OpenWorld, and worth repeating - a new version of Oracle Mobile Application Framework development is now available on the latest update of Oracle Enterprise Pack for Eclipse!
And as with the continued adoption and use of Oracle Mobile Application Framework throughout Oracle and its customers, there are 14 New mobile apps for Oracle E-Business Suite!
Need to go hands on with mobile? Mobile Application Framework Challenge - The Oracle Mobile Application Challenge invites developers to demonstrate how the Oracle Mobile Application Framework can be used to create and/or extend an enterprise application through mobile technology and then deploy that application to a handheld device.
What do Suhas Uliyar and David Letterman have in common? Well, besides their off camera witty banter, they both share the good use of a top 10 list. I love a good top 10 list! While Dave has few equals in terms of comedy, Suhas has him covered in terms of a mobile top 10 list entitled: Rethinking Mobile - Ten Trends in Enterprise Strategy and Development. Enjoy!
Going to Oracle OpenWorld? You can catch Suhas and many others mobile experts there. Check out the Focus on Mobile listing.