Friday Jun 24, 2016

Mobile in Chicago

Time flies! Summer is there, and ODTUG KScope is next week. This year, the conference is in Chicago and will run from Sunday June 26 to Thursday June 30. The agenda is full of great mobile sessions, and there’s even a two-hour lab where attendees will get to play with the brand-new Oracle Mobile Application Accelerator (MAX)!

Here is a comprehensive list of everything mobile at KScope 16.

 Day  Time Title Speaker
Sunday (06/26) 9:30 am - 10:30 am Rethink Mobile...for a Great User Experience Frédéric Desbiens, Oracle
Monday (06/27) 11:30 am - 12:30 pm Digital Transformation: Your First Steps with Oracle Mobility Mia Urman, AuraPlayer
Monday 3:15 pm - 4:15 pm Build a Mobile App in 60 Minutes with MAF John King, King Training Resources
Monday 4:30 pm - 5:30 pm Three's Company: Going Mobile with Oracle APEX, Oracle MAF, and Oracle MCS Frédéric Desbiens, Oracle
Tuesday (06/28) 3:30 pm - 4:30 pm Going Mobile: Mobile Application Design Principles for ADF Development Peter Koletzke, Quovera
Tuesday 4:45 pm - 5:45 pm Oracle Applications User Experiences: Trends and Strategy Noel Portugal, Oracle
Wednesday (06/29) 12:45 pm - 1:45 Give MAF a REST: Using REST/JSON Services in MAF John King, King Training Resources
Wednesday 3:15 pm - 5:30 pm Pedal to the Metal: How to Build Mobile Applications with Just a Browser (Hands-on lab) Frédéric Desbiens, Oracle
Wednesday 4:30 pm - 5:30 pm Customer Stories: Oracle Mobile Cloud in Action Mia Urman, AuraPlayer

Even if you can’t make it to Chicago, you should keep your eyes open. Many of the sessions above will likely become an ODTUG webinar in the next few months… And don’t forget that ODTUG members can playback past webinars whenever they like. Membership is affordable; you should consider it!

See you next week in the Windy City!

Friday Jun 17, 2016

Simplify on-boarding experience for enterprise mobile users with EMM managed app configurations

Enterprise mobile app developers, and stake holders from specific line-of-businesses, work very hard to get mobile apps to their end-users very quickly.  The last thing they want to see is their users go through a terrible on-boarding experience . A simplified on-boarding experience for enterprise mobile users is not optional , but an absolute necessity.  Oracle Mobile Application Framework simplifies on-boarding for enterprise mobile users through it’s built in ability to support EMM managed app configurations. 

What are Managed App Configurations ?
Managed App Configurations are native APIs provided by iOS and Android, which provide the ability to dynamically set the properties of an application through an EMM console. This feature is extremely useful to manage the life cycle of an enterprise mobile application.

What are the benefits offered by Managed App Configurations ?
Managed App Configurations offer various advantages, and some of them are listed below.

1.Simplified on-boarding experience for enterprise mobile app users
Setup process for end users can be simplified , and help desk , documentation burden can be alleviated .For example, IT Administrators can leverage managed app configurations to pre configure the parameters of an enterprise mobile application, like Url, Email, Host, Port , Tenant Id etc so the end-users don’t have to enter them manually. This significantly improves the on-boarding experience for end-users.

2. End-Point Management
IT Administrators can change the API Endpoints, or any other backend connectivity related end-points which are used by the mobile application.

3. UI Customization
Change the look and feel of an application by loading different skins which are pre-seeded within the application.

Since Managed App Configurations provide a dynamic way to publish configuration related data to enterprise mobile apps, developers can use this for any use case which involves changing the behavior , look & feel , or functionality of the application dynamically. This feature can be used to support wide set of use cases related to enterprise mobile app lifecycle. 

Also, the community provides excellent best practices on how to leverage the native Managed App Configuration feature on iOS and Android (for Work) platforms.

How can enterprise mobile app developers , IT Administrators benefit from Managed App Configurations ?

Even though the Managed App Configuration is a native feature of iOS and Android, the process of leveraging this feature is a coordinated effort between an enterprise mobile app developer, and an EMM IT Administrator. 

  • Role of an enterprise mobile app developer:
Enterprise mobile app developers must define these configurations (examples : Url, Email, Host, Port ,Tenant Id etc) within their apps. Also, these configuration values must be read within the app during the lifecycle of the app to appropriately change the behavior of the app. For example, the mobile app developers can define the routing of their application in such a way that, if the Url,Email,Host values are already pre populated in the app, the application skips the configuration page and switches over to the login page. 

While handing over the app to the IT Administrator, the mobile app developer provides some documentation on the type of configurations which are supported by the app. IT Administrators need this information while uploading and configuring the apps in the enterprise app catalog.

  • Role of an EMM IT Administrator:
EMM IT administrators receive the mobile app, and the documentation on the app configurations which are supported by the app. The IT Admin then logs into the EMM console, uploads the app, and then sets these configuration values on the app. IT Admin can also import the  apps which are listed in the public app store like iTunes,  Google Play and set configurations on them.

How can developers define, and read, Managed App Configurations in Oracle Mobile Application Framework ?

 Developers can define the Managed App Configurations in maf-application.xml file by adding the <adfmf:emmAppConfig> element, as shown in the example below. Each property tag has name , type and description attributes. For more details on the supported data types, MAF developers, and IT Administrators must refer to the documentation from their EMM vendor.

<adfmf:property name=“remoteurl” type=“String” description=“URL of a remote web page“/>
<adfmf:property name="port" type="Integer" description=“Port number of the backend service”/>
<adfmf:property name=“enableEncryption" type=“Boolean" description=“Turn on app level encryption”/>
<adfmf:property name=“refreshDate" type=“Date" description=“Date on which application will be refreshed”/>

You can read the property values at any time in the application lifecycle of your MAF application using the #{EMMConfigProperties} EL expression. For example, write an EL expression as follows to read the value of the remoteurl property: .


You can also register your property change listener to listen to property changes by invoking the following code in a Java bean which implements the PropertyChangeListener interface. For a complete example, look at the snippet of code at the bottom of the blog.


After successfully reading the Managed App Configuration values, how can developers update the endpoints within the MAF application ?

After reading the configuration values, developers can invoke MAF ConfigService APIs to update the endpoints used by the MAF application. Endpoints used by MAF application are typically defined in connections.xml file which comes pre seeded with the application. The code snippet shown below uses the MAF ConfigService APIs to update the endpoint of a connection. In this specific example, line 1 is clearing the existing values of a connection called ‘RemoteURL’. Line 2 is updating the url attribute of a connection called ‘RemoteURL’.  Line3 is updating the application information without navigating away from the current feature. 

1. AdfmfJavaUtilities.clearSecurityConfigOverrides(“RemoteURL”);
2. AdfmfJavaUtilities.overrideConnectionProperty(“RemoteURL”, “urlconnection”, “url”, serverURL);
3. AdfmfJavaUtilities.updateApplicationInformation(false); 

Here is a complete snippet of code which reads , and updates the managed app configurations.

package application;

import javax.el.ValueExpression;
import oracle.adfmf.framework.EMMAppConfigScope;
import oracle.adfmf.framework.api.AdfmfContainerUtilities;
import oracle.adfmf.framework.api.AdfmfJavaUtilities;
import oracle.adfmf.util.Utility;

public class EMMBean implements PropertyChangeListener {

    public EMMBean() {


    // This method reads managed app configurations and updates the connection end points. 
    public void updateConnectionsEndpoints() {
        ValueExpression ve = AdfmfJavaUtilities.getValueExpression(“#{emmAppConfig.remoteurl}”, String.class); // reading a managed app configuration called ‘remoteurl’ which is defined in maf-application.xml
        String remotePageURL = (String)ve.getValue(AdfmfJavaUtilities.getELContext());
        if (!Utility.isEmpty(remotePageURL)) {
            AdfmfJavaUtilities.clearSecurityConfigOverrides(“RemoteURL"); // Clear the existing connection
            AdfmfJavaUtilities.overrideConnectionProperty(“RemoteURL”, “urlconnection”, "url", remotePageURL);// Set a new value (remotePageURL) to the connection

    // This method is invoked when the #{emmAppConfig.remoteurl} property changes
    public void propertyChange(PropertyChangeEvent evt)

    public void addPropertyChangeListener(PropertyChangeListener l)

    public void removePropertyChangeListener(PropertyChangeListener l)

    private PropertyChangeSupport propertyChangeSupport = new PropertyChangeSupport(this);

    public void setPropertyChangeSupport(PropertyChangeSupport propertyChangeSupport) {
        PropertyChangeSupport oldPropertyChangeSupport = this.propertyChangeSupport;
        this.propertyChangeSupport = propertyChangeSupport;
        propertyChangeSupport.firePropertyChange("propertyChangeSupport", oldPropertyChangeSupport,

    public PropertyChangeSupport getPropertyChangeSupport() {
        return propertyChangeSupport;

Which version of MAF supports the ability to read Managed App Configurations ?

MAF 2.3.1, and future releases.

Which EMM vendors are supported by MAF’s Managed App Configuration API  ?

This feature is certified and supported with AirWatch, MobileIron but it is expected to work with any EMM vendor which supports the native Managed App Configuration feature of iOS and Android.

What are the minimum iOS and Android versions required for Managed App Configuration support ?
iOS9, and Android5.0 (needs Android for Work environment)

MAF Documentation: (Resource for MAF developers )

AirWatch Documentation : (Resource for AirWatch IT Administrators)
Here is a link to AirWatch Mobile Application Management Guide which talks about how to create and apply managed app configurations in AirWatch console. Navigate to Chapter 4 : Internal Applications > Advanced section, which covers this information .

MobileIron Documentation: (Resource for MobileIron IT Administrators)
Here is a link to MobileIron CORE Device Management Guide which talks about how to create and apply managed app configurations in MobileIron CORE console (Resource for IT Administrators)
Look for the section on 'Managed app configuration settings'

Resources from
Here is a link to Managed App Configurations for App Developers guide which is created by the AppConfig community. This guide explains this topic in detail, and covered iOS and Android platforms. 

Wednesday Jun 08, 2016

Oracle MAF 2.3.1 Released

We are very glad to announce the availability of MAF 2.3.1 release. This release includes several exciting features including the long awaited offline support! Below is a brief summary of key features introduced in this release.

1. Offline Read, Write & Client Data Model Support : We are really excited about this new feature that provides full offline read, write and sync capabilities. This includes JDev design time support for generating client data model for REST services and persist the data from the services on the device. This allows developers to easily build mobile apps the can read, query and update data when the device is offline and synchronize the changes to the server when back online. Please refer to the developer guide here to learn more about this feature.

2. Enterprise Mobile Management Application Configuration support : This feature allows app developers to enable their application to be configured by MDM administrators with end points and other configuration such that end users do not have to deal with complex app set up before using the app. Please check out the AppConfiguration section in dev guide for more details on this feature. 

3. Deployment Performance Improvements : This feature provides significant performance improvements to deploying applications to iOS and Android simulators and Emulators. While there are no significant changes to initial application deployment, for subsequent deployments with changes to amx, xml and other metadata files you should see significant improvements in deployment times.

4. UI Enhancements:

  • New Component Picto Chart uses discrete icons to visualize an absolute number or relative sizes. It is extensively used in infographics as a more interesting and effective way to present numerical information than traditional tables and lists.
  • Ability to programmatically navigate to another page in a FilmStrip component
  • Support for easier centering of the content of the tiles inside the masonry layout on various devices  

5. OAuth Client Credentials Grant Support : This feature allows developers to use MAF OAuth support to authenticate using client credentials configured in the app instead of end user credentials. This will come in handy when using  MCS services secured with anonymous authentication or any other services secured using the standard OAuth grant type. 

6. Good Technologies Integration: Support for Enterprise Mobile Management functionality for Good Technologies customers using BlackBerry Enterprise Server. In earlier releases we had announced support for Airwatch & MobileIron, in this release we are extending the support to include Good Technologies. To learn more about the best practices around native EMM capabilities offered by iOS , and Android, visit the AppConfig Community web site. It provides recommendations for enterprise mobile app developers to secure their applications in an EMM vendor neutral approach, by leveraging the native capabilities in the operating systems. Please refer to MAF certification document for specific versions of Good Technologies software used for the certification.  

Monday May 02, 2016

MAF Released

MAF is a minor update that contains a couple of critical bug fixes related to application deployment. These deployment issues affected customers using iOS for development.

Fixes delivered in this patch:

  1. Intermittent failures when deploying application to iOS simulator.  Application deployment failed with CopyStringsFile errors in the log.
  2. Deployment errors when iOS Simulator target is changed in deployment profile

A new extension is now available in JDev update center with the above fixes. There is no migration impact of this patch on existing applications using MAF 2.3. If you are directly picking up this extension from earlier versions of MAF, please follow the migration instructions provided in MAF 2.3 migration guide and other important 2.3 uptake information available here.

This patch uptake should be seamless and customers should be able update the extension from JDev update center, restart JDev and get going. Of course, be sure to do clean all after the extension installation on all your existing applications.

Tuesday Apr 19, 2016

Secure Oracle MAF applications with MobileIron, AirWatch

Overview :

Oracle Mobile Applications Framework (MAF) 2.3 release offers a new feature which supports integration with 3rd party EMM vendors. This integration is focused on leveraging the native capabilities in mobile operating systems,to enable a more consistent, open, and simple way to configure and secure mobile applications. These native capabilities are commonly referred as App Configurations For Enterprise , and are supported by popular EMM vendors like AirWatch, and MobileIron. The supported vendors at this point are AirWatch, and MobileIron, but we expect the solutions from other EMM vendors, who are listed on App Config Community also to work with MAF 2.3. To learn more about the best practices around native MDM / MAM capabilities offered by iOS , and Android, visit the AppConfig Community . The App Config Community is supported and maintained by EMM vendors like AirWatch, MobileIron. It provides recommendations for enterprise mobile app developers to secure their applications in an EMM vendor neutral approach, by leveraging the native capabilities in the operating systems.

MAF’s integration with AirWatch, and MobileIron does not support their respective SDKs , or wrapping solutions. Instead, the integration is focussed around their ability to use a standard approach offered by iOS, and Android, to manage applications, and application configurations. 

From recent versions of iOS , and Android , Apple, and Google have rolled out a standard approach to manage applications, and application configurations, through native operating system capabilities. These native OS capabilities remove the need for containers, and dual workspaces, that frustrate users and hinder productivity.  Also, by leveraging the native OS capabilities, mobile developers can build applications which are EMM vendor neutral.

AirWatch, and MobileIron's support for standards based application management, and application configuration, offers various advantages for Oracle MAF developers, and enterprises.

  • Building enterprise-ready applications can now be faster, as the most common use cases do not require the need of an SDK, or a wrapping solution.
  • Developers can build applications which are EMM vendor neutral, as they are built on native standards supported by mobile operating systems.
  • Various organizations within an enterprise can provide a better on boarding experience to their users, by leveraging the native application level configurations.
  • Faster turn around time to build enterprise-ready mobile applications, provides an ability for the enterprises to rollout greater selection of business apps for their users.

MAF integration with AirWatch, and MobileIron, supports the following use cases on Apple iOS, and Google's Android for Work platforms.

1. Application Security :
  • Encryption : Offline content stored within the sandbox of a MAF application, can now be encrypted using the native device level encryption provided by the mobile operating system. This can be done by enforcing a passcode on the device. Encryption within MAF applications can be enabled by enforcing a device passcode by pushing down a policy through the EMM console. 
  • Managed Open-In : Control end-user’s ability to open managed documents stored offline within a MAF application, into unmanaged personal applications like, Dropbox .etc. 
  • Disable Screen Capture : Control end-user’s ability to take screen shots.
  • Remotely Wipe Application : Remotely wipe the application.
  • Disable Copy / Paste : Control end-user’s ability to copy and paste content between managed and unmanaged applications. Since iOS does not provide a native restriction to control this capability, leveraging this feature within an iOS app might involve some custom work in MAF application. There is no development work involved in leveraging this capability within Android apps which are published within in Android for Work environment.
  • Disable Camera :Control end-user’s ability to use camera within managed applications.

AirWatch Mobile Device Management Guide for iOS ,and MobileIron CORE Device Management Guide for iOS can provide you detailed information on how to create security restrictions on iOS.
AirWatch Integration with Android for Work Guide and MobileIron CORE Device Management for Android for Work can provide you detailed information on how to create security restrictions on Android for Work.

2. Application Tunneling : MAF applications which may require access to web services residing behind a corporate firewall, can leverage a secure app tunnel connection between the app on the device, and the backend services. This can be done by distributing, and enabling a Per-App VPN configuration on a device.

Per-App VPN configuration is a native capability provided by the mobile operating system to enable VPN on an application level . A Per-App VPN configuration comprises of information about the VPN server, or tunneling server , to which the network calls from the applications get routed. Per-App VPN configurations can be provisioned on devices through an Agent application, and can be applied to specific MAF applications. Once the Per-App VPN configurations are applied to specific MAF applications, all the network requests initiated from these applications are routed through the VPN server, or the tunneling / proxy server specified in the configuration. 

AirWatch, and MobileIron currently support a long list of commercial VPN providers like Cisco AnyConnect, Juniper ,Check Point , Palo Alto Networks, F5 Networks, Pulse Secure etc and more. To configure Per-App VPN, enterprises can either use one of the supported VPN providers , or they can use the tunneling server provided by the EMM vendors. AirWatch provides a tunneling server called AirWatch Tunnel, and MobileIron provides a tunneling server called MobileIron SENTRY.

You can find more details about the Per-App VPN support on the App Tunnel section on AppConfig Community. Also, for more details on AirWatch, and MobileIron tunneling setup, refer to AirWatch Tunneling Guide , and MobileIron SENTRY Guide respectively.

3. Single - Sign On:

The single sign-on capability documented by the AppConfig community specifies the best practice for how an app developer should invoke the IDP from the app in order to facilitate a single sign-on experience.  Most Single Sign-On scenarios will be handled by the MAF framework, and developers might not have to do much of changes to their application. The native OS capabilities on iOS, and Android, support certificate based authentication, and username / password based authentication. The Single Sign-On capabilities listed on AppConfig community are expected to work with MAF 2.3 release.

3rd Party EMM Certification :
From MAF 2.3 release onwards, all the future releases of MAF shall publish information on certified EMM vendors as part of the certification matrix.

 Product Certified & Supported OS Minimum OS Version Server Console
Certified on iOS
Supported with Android For Work
iOS 9
Android 5.0
AirWatch console
Certified on iOS
Supported with Android For Work
iOS 9
Android 5.0
Mobile Iron Core 

Following use cases are targeted for future releases of MAF, and are currently on the roadmap:

Managed Application Configuration :

Enterprise applications require users to enter URL, port, email address, and various configurations as part of a one time setup of an application. These manual configurations can impact the adoption and success of an organization’s mobile app initiatives, increase the burden on a help desk fielding calls from users, and add the burden of maintaining documentation that needs to be updated frequently as new updates to the application are made available.

By leveraging the native APIs recommended by the AppConfig Community, these configurations can be automatically set remotely by the EMM server. This simplifies the setup process for end users, and alleviates the help desk and documentation burden. Developers can define a set of configuration keys within their apps.  An IT administrator can simply set the same keys and values in the EMM provider’s management console and they will be pushed to the app.

Apps commonly implement the following types of configurations:
Backend service configuration: server URL, port, use SSL, group/tenant code
User configuration: username, email, domain

In future releases, MAF will provide an ability to read the configurations set by the IT administrators in the EMM console. MAF developers can then read these values, and leverage them within the application lifecycle to provide a better on boarding experience for the end-users.

Monday Apr 11, 2016

Cordova updates in MAF 2.3

MAF 2.3 introduced a number of new & exciting features, as described in this blog post.  In addition to these, the embedded Cordova engines for each platform were upgraded to the following versions: 

  • Android: 4.1.1
  • iOS: 4.0.1
  • Windows: 4.0.0

So what does this mean for you, the MAF app developer? 

Plugin updates

These are significant upgrades for both Android and iOS, with a number of deprecated APIs being removed.

The core plugins contained with the MAF 2.3 release have been updated accordingly, but if you are using any 3rd party plugins, you should verify that they are compatible with each of the Cordova platform versions listed above. You may need to update to a later version of some 3rd party plugins.

If you have developed your own Cordova plugin for use in your MAF apps, you should ensure that it is compatible with these Cordova platform versions. A list of API changes in v4.0.0 of Cordova for iOS can be found here.

Android security

The Cordova for Android update contains a number of security fixes.

When uploading your MAF 2.2.2 app to the Google Play Developer Console, you may have received emails with the subject “Google Play warning: You are using a vulnerable version of Apache Cordova” that state the following:

Your app(s) listed at the end of this email utilize a version of Apache Cordova, an open-source mobile development framework, that contains one or more security vulnerabilities. If you have more than 20 affected apps in your account, please check the Developer Console for a full list.

Please migrate your app(s) to Apache Cordova v.4.1.1 or higher as soon as possible and increment the version number of the upgraded APK. Beginning May 9, 2016, Google Play will block publishing of any new apps or updates that use pre-4.1.1 versions of Apache Cordova.

The vulnerabilities were addressed in Apache Cordova 4.1.1. If you’re using a 3rd party library that bundles Apache Cordova, you’ll need to upgrade it to a version that bundles Apache Cordova 4.1.1 or later.

This has been addressed in MAF 2.3 with the upgrade to Cordova for Android. If you migrate your app to MAF 2.3 and upload it to the Google Developer Console, you should not longer receive such emails.

Windows Universal Platform support

MAF 2.3 now supports deployment to Intel-based Windows 10 tablets, laptops and desktops. In this release, MAF apps must be side loaded onto Windows 10 devices, or deployed to the Windows 10 machine on which the MAF app is being developed.

Setup instructions can be found in the MAF 2.3 Installation Guide. Deployment instructions can be found in the MAF 2.3 Developer Guide.


These versions of Cordova use a new whitelisting mechanism. For iOS and Windows this is built in, but for Android you must include the cordova-plugin-whitelist plugin if you wish to maintain a whitelist.

The Cordova Whitelist Guide provides more information on the details of whitelist configuration and management.

MAF 2.3 no longer provides direct support for whitelisting, but if your MAF app makes use of a Remote URL that allows access to device services and you would like to use a whitelist, please refer to the MAF 2.3 Developer Guide for information on how to include and configure the required plugins.


This blog is is dedicated to announcements,tips and tricks and other items related to developing, integrating, securing, and managing mobile applications using Oracle's Mobile Platform. It is created and maintained by the Oracle Mobile product development team.

Archive of past entries

Even More Mobile Development Blogs

Oracle A-Team Site - Mobile Related Entries

Code samples from the Community

Fusion Middleware Blogs


« July 2016