Senthil Murugan's Blog

Home » Apex

Category Archives: Apex

APEX up and running in few steps!

Thanks to Joel (https://www.blogger.com/profile/01915290758512999160)

January 2017, I had a meeting with Dr. Sriram Birudavolu from Hyderabad.  He got my attention when he said he would love to start a 1000-person APEX Meetup group in Hyderabad (gotta love aggressive goals!).  However, he spent much of December and January just trying to figure out how to get APEX installed, configured and running.  He won’t profess to be an expert, but he’s exactly the type of person we want to enable.  He was correct in saying that if a potential customer struggles to get APEX installed, we’ve already lost.

Recently, Gerald Venzl asked for some assistance in creating a Docker image for APEX.  His goal was to create an APEX Docker image on top of the base Oracle Database Docker image.  He knows a lot about Docker, but he won’t claim to be an expert in APEX.  He wanted something that is scriptable and can result in APEX being installed, configured and up and running, along with ORDS, in as few steps as possible.  A “silent install”, if you please. This was the final bit of motivation I needed for this blog post and video.
While the installation documentation is complete and detailed, it’s also lengthy and sometimes confusing – especially for the new person.  Thus, I wanted to provide the simplest set of instructions with as few steps as possible to get APEX installed, configured and up and running, along with ORDS configured and up and running.  It can be done in two steps.  That’s right, two.  While I explain the individual steps executed from SQL*Plus in detail below, you can combine all of these SQL commands into a single SQL script.  I prefer the name “hookmeup.sql”.

1. Download and unzip APEX http://www.oracle.com/technetwork/developer-tools/apex/downloads/index.html

2. cd to apex directory

3. Start SQL*Plus and ensure you are connecting to your PDB and not to the “root” of the container database (APEX should not be installed at all):

1

sqlplus sys/your_password@localhost/your_pdb as sysdba @apexins sysaux sysaux temp /i/

4. Unlock the APEX_PUBLIC_USER account and set the password:

1

alter user apex_public_user identified by oracle account unlock;

5. Create the APEX Instance Administration user and set the password:

1

2

3

4

5

6

7

8

9

10

11

begin

    apex_util.set_security_group_id( 10 );

    apex_util.create_user(

        p_user_name => ‘ADMIN’,

        p_email_address => ‘your@emailaddress.com’,

        p_web_password => ‘oracle’,

        p_developer_privs => ‘ADMIN’ );

    apex_util.set_security_group_id( null );

    commit;

end;

/

6. Run APEX REST configuration, and set the passwords of APEX_REST_PUBLIC_USER and APEX_LISTENER:

1

@apex_rest_config_core.sql oracle oracle

7. Create a network ACE for APEX (this is used when consuming Web services or sending outbound mail):

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

declare

    l_acl_path varchar2(4000);

    l_apex_schema varchar2(100);

begin

    for c1 in (select schema

                 from sys.dba_registry

                where comp_id = ‘APEX’) loop

        l_apex_schema := c1.schema;

    end loop;

    sys.dbms_network_acl_admin.append_host_ace(

        host => ‘*’,

        ace => xs$ace_type(privilege_list => xs$name_list(‘connect’),

        principal_name => l_apex_schema,

        principal_type => xs_acl.ptype_db));

    commit;

end;

/

8. Exit SQL*Plus.  Download and unzip ORDS http://www.oracle.com/technetwork/developer-tools/rest-data-services/downloads/index.html

9. cd to the directory where you unzipped ORDS (ensure that ords.war is in your current directory)

10. Copy the following into the file params/ords_params.properties and replace the contents with the text below (Note:  this is the file ords_params.properties in the “params” subdirectory – a subdirectory of your current working directory):

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

db.hostname=localhost

db.port=1521

# CUSTOMIZE db.servicename

db.servicename=your_pdb

db.username=APEX_PUBLIC_USER

db.password=oracle

migrate.apex.rest=false

plsql.gateway.add=true

rest.services.apex.add=true

rest.services.ords.add=true

schema.tablespace.default=SYSAUX

schema.tablespace.temp=TEMP

standalone.mode=TRUE

standalone.http.port=8080

standalone.use.https=false

# CUSTOMIZE standalone.static.images to point to the directory

# containing the images directory of your APEX distribution

standalone.static.images=/home/oracle/apex/images

user.apex.listener.password=oracle

user.apex.restpublic.password=oracle

user.public.password=oracle

user.tablespace.default=SYSAUX

user.tablespace.temp=TEMP

11. Configure and start ORDS in stand-alone mode.  You’ll be prompted for the SYS username and SYS password:

1

java -Dconfig.dir=/your_ords_configuration_directory -jar ords.war install simple –preserveParamFile

That’s it!!  You should now be able to go to http://localhost:8080/ords/, and login with:

Workspace: internal

Username:  admin

Password:  oracle
IMPORTANT, PLEASE READ:
By no means is this a recommended or secure installation.  These are minimal instructions to get someone from zero to up and running easily and quickly.  In a production instance, I would create different tablespaces for APEX and ORDS, I would use far more complex and distinct passwords, I would use HTTPS and not HTTP, I would deploy ORDS on a physically distinct server, and more.
The above steps were tested with Oracle Application Express 5.1.1.00.08, Oracle REST Data Services 3.0.9, and Oracle Database 12.2.0.1 running on Oracle Linux.

 

https://www.youtube.com/watch?v=amF01SpNLUo

Advertisements

Automatic Refresh of Interactive Report–Apex

Create a Dynamic Action:
  After Report Refresh
    True = Execute JavaScript Code (fire on page load):
        setTimeout(function(){
            $(‘#R47772796555758493_search_button’).click();
        }, 6000);
Where R47772796555758493 is the ID for you IR.

Oracle Application Express 5.2

Thanks to Oracle

http://www.oracle.com/technetwork/developer-tools/apex/application-express/oracle-application-express-sod-1596338.pdf

Oracle Application Express 5.2 will focus on both new features and enhancements to existing functionality, and it is planned to incorporate the following:

• Remote SQL Data Access – Extend common components such as Interactive Grids, Classic Reports and Charts to interface with data stored in remote databases using ORDS and REST.

• REST Service Consumption – Provide declarative methods to define references to external REST APIs and generic JSON data feeds and to use these references as data sources for Interactive Grids, Reports and Forms.

• Declarative App Features – Introduce a new Create App Wizard that allows for adding components and app features to new and existing applications

• Interactive Grid enhancements – Add additional reporting capabilities such as Group-By and Pivot, support for subscriptions and computations, flexible row height and general UI improvements.

• Page Designer – Provide client-side wizards for the creation of more complex components like Dynamic Actions, Forms and Shared Components, User interface improvements.

• Upgrade Oracle JET and jQuery – Adopt the most recent versions of the integrated JavaScript libraries to take advantage of new Data Visualizations such as Gantt charts and new Form widgets and controls.

• New REST Workshop – Provide declarative methods to support the development of ORDS enabled REST web services, taking advantage of the latest features and functionality of ORDS.

• Packaged Applications – Improved framework and enhancements to the packaged applications

"The file you are trying to open … different format than specified by the file extension" while opening XLS (HTML saved as XLS)using Excel 2007, 2010 or 2013

Dear Friends,

Due to various reason, software are saving HTML file as XLS and allowing users to open the file using excel software.

Users are getting the above error message, to avoid this error message, you can add the below entry in registry, so that this warning message will disappear while opening the file.

Excel 2007
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Excel\Security]
“ExtensionHardening”=dword:00000000

Excel 2010
[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security]
“ExtensionHardening”=dword:00000000

Excel 2013
[HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Excel\Security]
“ExtensionHardening”=dword:00000000

 

Thanks to IBM Support Team

Oracle Apex Community Application

Dear Friends,

The below is the useful information about Oracle Apex, you can get most of the information in this place.

https://apex.oracle.com/pls/apex/f?p=411:1:::NO:::

APEX 5 New Substitution Features

Thanks to Roels Blog

You’ve probably all heard about XSS, a.k.a. Cross Site Scripting. One of the ways you make yourself vulnerable to XSS is by creating JavaScript in your APEX applications that accepts unescaped user input – either direct or data retrieved from the database.

As a – very stupid and simple – example, create a Page with a Text Item (say P3_TEXT).  Next create a Dynamic Action that executes this snippet of Javascript on Page Load :

alert(“You entered &P3_TEXT.”)

When you now enter some text like “Hello world” and submit the page, the response is an alert box with “You entered Hello world“. But now enter something like:

the dark world”);window.open(“http://www.google.com

This looks like half a piece of code – and in fact it is. It is completed by the (other) Javascript snippet that’s using this snippet as input. Now you get an alert saying “You entered the dark world” and an extra window is opened showing the Google search page. That’s quite harmless, but you can invoke any JavaScript – also loading additional data and scripts from other servers etc… So you have to protect your application for this kind of hack. And of course there are many ways to do so, like escaping the value in JavaScript. 

But in APEX 5 you’ve got a new and simple option: Use the Extended Substitution Syntax. So instead of &P3_TEXT. , you should use &P3_TEXT!JS. So including the ampersand the exclamation mark and the dot at the end… Now the input text is properly escaped – and harmless ;-). Just like a call to theapex_escape.js_literal function would do.

There are more variants on this “Extended Substitution Syntax” theme: 

&P3_TEXT!HTML. => escape all HTML, like the apex_escape.html function

&P3_TEXT!ATTR. => escape all HTML attribute values, like the apex_escape.html_attribute function

&P3_TEXT!RAW. => Don’t escape (so dangerous….) 

So in APEX 5 you’ve got even more possibilities to make your application secure – and less excuses 😉

Oracle APEX 5.0.1 now available

Oracle Application Express 5.0.1 is released on and available 15th July for download.

  • If you wish to download the full release of Oracle Application Express 5.0.1, you can get it from the Downloads page on OTN.