Friday Sep 04, 2015

Quick Tip: Changing Button Icon in Response to Button Action

A question on the Oracle MAF forum on the Oracle Technology Network  was about how to change the icon displayed on a command button in response to a button action. The solution to this challenge is to think Java and managed bean. Below is a quick outline to the solution of this problem.

AMX page content

The AMX page content shows a command button with an icon attribute that points to a managed bean in view scope (no need for a larger scope).

  <amx:commandButton text="commandButton1" id="cb3" inlineStyle="height:150px; width:150px;"

Managed Bean

The managed bean that you configure either in the adfc-mobile-config.xml file or a task flow specific configuration file contains a property for setting the image ("imageName" in the example) along with its setter/getter methods and two final variables that hold the two image icon names and locations.

import oracle.adfmf.amx.event.ActionEvent;

public class SampleBean {
  private static final String IMAGE1 = "/img/4.png";
  private static final String IMAGE2 = "/img/5.png";
  String imageName = IMAGE1;
  private PropertyChangeSupport propertyChangeSupport = new PropertyChangeSupport(this);

  public SampleBean() {

  public void setImageName(String imageName) {
     String oldImageName = this.imageName;
     this.imageName = imageName;
     propertyChangeSupport.firePropertyChange("imageName", oldImageName, imageName);

  public String getImageName() {
     return imageName;

  public void addPropertyChangeListener(PropertyChangeListener l) {

  public void removePropertyChangeListener(PropertyChangeListener l) {

  public void onButtonPressed(ActionEvent actionEvent) {
    if (imageName.equalsIgnoreCase(IMAGE1)){

Important for this to work is that the property change support is added to the managed bean and the image name setter methods. This can be generated for you by Oracle JDeveloper and also in OEPE (Eclipse). With the property change event fired MAF will be notified about a data change and then refreshes the UI of the component the Java code is bound to.

The "onButtonPressed" method is invoked by the command button's action listener attribute and compares the current icon with the two images names in the bean to determine which one to set.

Friday Aug 28, 2015

MAF MCS Utility: Accessing Oracle MCS from MAF Made Simple

With the recent release of Oracle MAF 2.1.3 a new utility becomes available that simplifies access to Oracle Mobile Cloud Services (MCS) from Oracle MAF applications. Oracle MAF MCS Utility (MAF MCS Utility in short) is a Java library for Oracle MAF applications and exposes  MCS client platform REST API calls as native Java calls. This blog post introduces Oracle MAF MCS Utility, explains what it does, how it works and where to find it.

Oracle Mobile Cloud Service client API

Oracle MCS is all about REST! Any mobile client that is capable of sending REST requests and to handle JSON responses can invoke MCS mobile platform functionality exposed on a mobile backend (MBE). This includes calls to Analytics, Notification, Storage, User Information and Custom API.

About MCS client SDK

REST is a good choice for Oracle MCS and ensures an understandable and very easy to use application development interface.

From the perspective of mobile application developers however, accessing REST interfaces from mobile applications is a mental mismatch. To access REST APIs from a mobile application developers need to "think REST" though their comfort zone is within their favorite programming language, which for mobile usually means Objective-C, Java or scripting.

To address this lack of developer comfort and to improve developer productivity, Oracle MCS provides development language specific client SDKs. The MCS client SDK provides a native language abstraction to the underlying REST calls (for Android and Objective-C at current, as well as Xamarin), plus handy infrastructure functionality like offline synchronization and support for push notification registration and handling.

The image below shows the basic architecture pattern implemented by all Oracle MCS SDKs. All in all, using the MCS SDK makes developers more productive, requiring them to write less code.

MCS SDK Architecture

A MBE Manager object, a singleton, is configured with information required to access mobile backend(s) exposed on an Oracle Mobile Cloud Service instance. Mobile applications access the MBE Manager to obtain an instance of an MBE object representing a specific mobile backend in MCS.

The MBE object itself exposes Service Proxy objects that abstract the MCS platform API access. When using the service proxy objects to read and write to the remote mobile backend on the remote MCS instance, the MCS SDK takes care for all required request headers to be added (e.g. Oracle-Mobile-Backend-Id, Authorization, etc.), thus reducing the error surface for application developers. 

You can tell from the above description and image that the MCS client SDK is a simple but effective solution for mobile application developers to stay in their comfort zone.

About MAF MCS Utility

Oracle MAF is a Java based framework that uses Apache Cordova to deploy mobile applications to the Android and iOS platform (and Windows in a future release). MAF uses Java as a shared language across mobile platforms. The use of Java and the cross platform nature of MAF don't allow the use of one of the existing MCS client SDKs. This is where MAF MCS Utility comes in.

MAF MCS Utility provides functionality similar to those of the Oracle MCS client SDKs with some minor differences explained in the following with the help of the image below.

MAF MCS Utility Architecture

MAF MCS Utility needs to be added as a JAR file to MAF applications and is deployed to the mobile device as part of the application.  For this, MAF application developers add the mafmcsutility.jar file to the ApplicationController and/or ViewController project.

The MBE Manager, a singleton, manages MBE object instances that are created from a MBE configuration object. A copy of the MBE configuration object is stored and updated within the MBE instance. MAF application developers can access the MBE configuration object at runtime to e.g. dynamically enable or disable MBE specific logging or to enable or disable collecting analytic events. Service Proxy objects in MAF MCS Utility expose MCS platform REST API calls as typed native Java method calls.

To issue REST requests and handle JSON reponses, MAF MCS Utility wraps the MAF framework RestServiceAdapter class to benefits from MAF features like the security framework and the declarative REST connection framework.

MAF MCS Utility example

The code snippet below creates a MBE configuration object to then obtain a MBE instance from the MBE Manager to showcase how easy MCS integration becomes with MAF MCS Utility
MBEConfiguration mbeConfiguration = 
    new MBEConfiguration(
          <mbe rest connection>,<mobileBackendId>,
          <anonymous key string>,<application key string>, 
MBE mobileBackend = MBEManager.getManager().
         createOrRenewMobileBackend(<mobile backend Id>, mbeConfiguration);

As you can see, the majority of the code lines above are to define the mobile backend specific information like the MCS MBE id, its base URL, as well as the anonymous key (for public access) and the application client key, which allows MAF MCS Utility to register a MAF application with MCS to receive push notifications from MCS. Once you have a handle to the MBE object you call service proxy objects for a specific MCS platform interface as shown below.

UserInfo userInfo = mobileBackend.getServiceProxyUserInfo();
Analytics analyticsProxy = mobileBackend.getServiceProxyAnalytics();
Storage storageProxy = mobileBackend.getServiceProxyStorage();
CustomAPI customApiProxy = mbe.getServiceProxyCustomApi();

Where to get MAF MCS Utility

MAF MCS Utility ships as part of the MAF 2.1.3 public samples. The sample contains the MAF MCS Utility source code, a compiled ready-to-use mafmcsutility.jar library file and a MAF application that demonstrate how to use MAF MCS Utility.

The MAF MCS Utility sample application (shown in the image below) is a generic Oracle MCS tester that can be configured to run against any MCS public cloud instance.

MAF MCS Utility public sample application

MAF MCS Utility Positioning

MAF MCS Utility provides MCS SDK functionality for Oracle MAF application developers to easily integrate calls to Oracle Mobile Cloud Services in their mobile applications. It improves developer productivity by shifting the "think REST" development style to "think Java" when accessing Oracle MCS platform APIs from MAF applications, which also means less code to write.

Because MAF MCS Utility implements the same architecture access pattern as the existing (and future) MCS SDK there is no extra learning curve to it. If you can do it in Android and iOS, you can do it in MAF as well (and vice versa).

MAF MCS Utility in the SDK Architecture

MAF MCS Utility Developer Guide

MAF MCS Utility is further explained in a developer guide, which also covers the MAF MCS Utility public sample application. For each service proxy, the developer guide points you to where in the public sample you find sample code to study and reuse.

MAF MCS Utility Support

As other samples that are distributed with the Oracle MAF public samples, we do our best to provide end user support on the MCS forum on OTN and the MAF forum on OTN.

Monday Aug 24, 2015

New Features : Oracle Mobile Security Suite Integration in Oracle MAF 2.1.3


MAF 2.1.3 provides a tighter integration with Oracle Mobile Security Suite (OMSS) integration offers capabilities like, Android Containerization, Data Leak Protection, Data Encryption, Application Tunneling, Container Authentication and Single Sign-On. Features like Containerization, Data Leak Protection and Data Encryption are already supported on iOS from previous MAF releases.

New Features

1. Support for Android Containerization

Mobile app containerization allows customers to add a standardized security layer to native mobile apps. 

The containerization process is simple, and developers do not need to change a line of code. MAF developers just need to deploy the application to OMSS, in JDeveloper or Eclipse. During the deployment, the app is first compiled and an unsigned version of the app is generated that is intended to be signed with an enterprise distribution certificate for distribution within the company. After deployment, a wrapped APK file is generated which is signed with the signing certificates which are configured in the MAF JDeveloper / Eclipse Preferences, in the Android platform section.

Enable OMSS deployment in JDeveloper 

Enable OMSS deployment in Eclipse 

2. Data Leak Protection on Android

Once a MAF app is containerized with OMSS, IT administrators can apply various data leak protection policies and restrict how and if users can share data within the app

  • Email allowed can restrict the ability to send email from an app.

  • Instant Message allowed can restrict the ability to send Instant Message from an app.

  • Video chat allowed restricts the ability to share information via services such as FaceTime.

  • Social Share allowed restricts the ability to share information via services such as Facebook or Twitter.

  • Print allowed restricts the ability of the user to print.

  • Restrict file sharing restricts the ability of the user to share files outside the secure enterprise workspace.

  • Restrict copy/paste allows copy/paste inside the secure container, containerized apps or between containerized apps, but not to apps outside the secure enterprise workspace.

  • Redirects to container allowed prevents any app outside the Mobile Security Container workspace from redirecting a URL into the container.

  • Save to media gallery allowed prevents images, videos and audio files from being saved to media gallery and photo stores.

  • Save to local contacts allowed prevents contacts inside secure enterprise workspace apps from being saved down to native device contacts app.

  • Redirects from container allowed prevents any vApp from the Mobile Security Container workspace or containerized app from redirecting a URL outside the Mobile Security Container workspace or containerized app.

3. Data Encryption on Android

OMSS Containerization provides the ability to encrypt the data stored offline within MAF android applications. Starting with 2.1.3 this functionality is available for MAF applications as well. Encrypted data storage includes application data, including files, databases, application cache, and user preferences. Developers can use MAF encryption with OMSS containerization without having to worry about double encryption. Within a containerized application, MAF frameworks delegates encryption to the container this ensures that there are no code changes needed based on whether an app is Containerized or not. 

4. Application Tunneling

MAF 2.1.3 release provides support for application tunneling through Oracle Mobile Security Suite on both Android & iOS. Application tunneling provides a secure way to access the corporate resources behind the firewall, within a mobile client, without the need of device level VPN. Tunneling functionality allows administrators to intercept, and manage, all the requests coming from a specific MAF application. Administrators can configure the requests coming from a specific URL to go through a proxy on MSAS server. They can also either completely block the requests, or redirect the requests directly to the internet.You can find more details on how to configure application tunneling in the Web Settings section of Administrative Console Guide for Oracle Mobile Security Suite.

5. Container Authentication & Single Sign-On

When Web SSO authentication type is used in MAF apps with Oracle Access Manager and Oracle WebGate used in the back-end for authentication, the end user is not challenged for credentials in the application after Container authentication. The user identity from the Container is propagated to the App and the back-end services. SSO across multiple apps in the Container is also supported, i.e. user can login once to the Container and access all the apps in the Container with out additional authentication challenges. 


Here is a quick demo which shows all three features (Android Containerization, Data Leak Protection, and File Encryption) 

Using Oracle MAF Authentication To Access Secure Services From Oracle MCS

Oracle MAF 2.1.3 release makes it easy to authenticate against Oracle Mobile Cloud Service (MCS) and access secure data from services hosted on MCS.  Below are the steps to configure MAF application to authenticate against MCS:

1. Create Login Connection : In maf-application.xml go to security tab and create a login server connection. Select authentication type as "HTTP Basic" as shown below 

create login connection

create login connection

The login server URI is of the form https://<host>:<port>/mobile/platform/users/login . You can obtain the host & port from a Mobile Backend(MBE) settings page in you MCS instance. The above URI can be used for any MBE in the MCS instance.

2.  Configure Custom Header : During authentication MCS requires a custom header with the MBE id to be injected with the request. Configure the header in the Custom Headers tab  as follows:

configure custom header

You can get the MBE Id from the MBE settings page in MCS. The header name should be "Oracle-Mobile-Backend-Id"

3. Configure Security Policy : Now that we have the login connection created, the next step is to create a connection to API end point on MCS.  In the Web Service Security Policies section :

  1. Create a REST/HTTP Connection to an API end point in connections.xml, in the example below it's named "fiftechnician".  
  2. Associate the "fiftechnician" connection with the login connection created in steps 1 & 2. This allows the framework to inject the user identity obtained during authentication for any service calls to the connection.    
  3. In the "Policy" column, double click on the pencil icon to launch a dialog to select the security policy to be used for the connection. Select "oracle/wss_http_token_client_policy". This policy can be used for Basic-Auth protected connections with either HTTP and HTTPS. 
configure security policy

select the correct policy :

configure security policy

The above steps would allow mobile app developers using MAF to securely access data from API hosted on MCS through simple configuration without writing any code and be assured that you are following security best practices.

Wednesday Jul 01, 2015

From the Cloud Launch - Focusing on Mobile, the Other Side of the Proverbial Coin

No doubt you tuned into the big Oracle Cloud Platform as a Service (PaaS) launch last week. Lots of new and exciting cloud based offerings including:

  • Oracle Database Cloud - Exadata Service
  • Oracle Archive Storage Cloud Service
  • Oracle Big Data Cloud Service and Big Data SQL Cloud Service
  • Oracle Integration Cloud Service
  • Oracle Process Cloud Service

And last but certainly not least Oracle Mobile Cloud Service! The Cloud is touching every facet of IT infrastructure - and the other side of the coin, that's Mobile, which is changing the interfaces to all those systems.  Mobile is the new first screen, overtaking television and growing. The web browser reached hundreds of millions of people, but yet somehow, Mobile has taken it 10X, a magnitude greater than before, reaching billions of people. It's predicted that by 2020, 80% of the world, will have a smartphone.

Get a quick intro into Oracle Mobile Cloud Service in the following easy on the eyes, mind sharpening assets:

  1. Watch the overview video here (< 3min), it's the main video on the page
  2. Watch the subsequent videos (< 1 min each) in the Learn More tab
  3. Read the eBook, the big eBook button on the page ;-)

Then get down to business in strengthening your mobile strategy by simplifying mobility.

Follow @OracleMobile 

Wednesday Jun 24, 2015

Introducing Oracle Mobile Cloud Service

Oracle has released the much anticipated Mobile Cloud Service (or MCS for short). Unlike other cloud offerings, MCS is focused not only on providing enterprise quality Mobile Backend as a Service (MBaaS), but also providing easy to use tools for business professionals to analyze and mine data about the usage of the MBaaS.[Read More]

This blog is is dedicated to announcements,tips and tricks and other items related to developing, integrating, securing, and managing mobile applications using Oracle's Mobile Platform. It is created and maintained by the Oracle Mobile product development team.

Archive of past entries

Even More Mobile Development Blogs

Oracle A-Team Site - Mobile Related Entries

Code samples from the Community

Fusion Middleware Blogs


« October 2015