Thinking Anew

Tell Lora I Need Her

I have written on two occasions, “Just a Drop of Oracle APEX“ and “APEX and the Affordable Cloud!“, about how easy it is to get up and running on hosting providers like Linode and DigitalOcean. The approach largely involves Vagrant, and though it is an easy to use tool, it still needed a little bit of DevOps heroism, and sometimes, dealing with API keys may not necessarily be a priority for someone looking for a quick way to setup a consistent and robust Oracle Application Express environment.

Read More

Certs for APEX Social Sign-In

Verified!

Updated November 18, 2018
Added a help utility to populate an Oracle Wallet with root certificates

Oracle Database 18c Express Edition comes with a usable Oracle Wallet. In a previous article, I had described how to:

  1. Obtain the certificates necessary to make a successful SSL/TLS connection.
  2. Create and add these certificates to the Oracle Wallet.
  3. Configure the APEX instance to use the wallet.

Someone had asked in the comments, what certificates were necessary for Social Sign-in in Oracle Application Express (APEX) to work. It’s something that I think most of us would like to know too, so I did a little more digging and here’s what I found for three of the more popular social platforms: Google, Facebook and Microsoft.

Read More

APEX and XE - A Match for Data Science

APEX and ORE in Action

I wrote, quite a while ago, on how Oracle Application Express (APEX) developers could integrate R functionality/code in their applications. This was done primarily through Node.js packages and exposed as RESTful Web Services. Not the ideal solution, but useful for people wanting to integrate R statistical calculations and complex charting, but could not afford the hefty price tag for an Oracle Database Enterprice Edition license, plus the Oracle Advanced Analytics database option.

The revolutionary 18c release of the Oracle Database Express Edition (XE) significantly changed the Data Analytics playing field. The no-cost platform has resource caps (2 CPU, 2 GB RAM and 12 GB data storage). It’s not going to help perform complex GWAS (Genome-wide Association Study), but should suffice for many smaller research projects, statistical reporting and creating useful prediction models.

Unfortunately, the XE website has only a single line that says anything about this cool feature of the database:

If you prefer R programming, Oracle Database supports that too.

How do we get started?

Read More

For Your Eyes Only - Redact to Protect

Photo by Kaleidico

In a previous blog post, I provided a recipe for enforcing encryption for data-at-rest. However, it is important to remember that Transparent Data Encryption (TDE) protects your data from bad actors, who might have illegally gained access to the data files. Data exists unencrypted when loaded and accessed in the database. Malicious attacks can come from internal sources as well. When storing user confidential information, data stewards need to take greater responsibility in ensuring that data is only seen by staff who are authorized and require access to privileged information. That could mean creating tiered access and other protections like data redaction.

For example, an e-commerce website that handles credit card transactions, may require call centre staff to have access to the last four digits of a credit card number for verifying customers’ identity when support call are received. Or an insurance claims website that requires claimants to submit their health identity number. The application displays the partially or fully-masked ID, enough to suggest that the data has been captured, but insufficient for a passerby to steal a glance.

Oracle’s Data Redaction makes this possible, and with the latest release of Oracle Database 18c Express Edition, this technology is now acessible to developers for FREE! If you are new to Data Redaction, here’s a simple recipe to get started!

Read More

Preview PDF Uploads in an APEX App (Cross-post)

Photo by Kaleidico

Came across an interesting question on stackoverflow this morning, so I thought I’d give it a shot. Turned out to be an exciting morning of learning and a pretty lengthy response that I thought I’d cross-post to keep a copy for myself. If you have any suggestions for improvement, please feel free to contribute to the thread. Thanks!

Read More

Protect Your Data with Transparent Data Encryption

Photo by TheDigitalArtist

Transparent Data Encryption (TDE) is a powerful database feature that allows developers and administrators to very quickly, persist data encrypted at-rest. Applications do not require explicit coding to encrypt data for storage. TDE manages encryption during storage, and decryption when data is read, transparently and automatically.

TDE can also be used during backups. In the typical “tape falls off the back of the truck“ scenario, malicious actors would not be able to decipher the data on the lost tapes without the crucial encryption key stored in the Oracle Wallet. Assuming of course, the wallet was not backed up to the same tape.

This enterprise-grade feature is found in the Oracle Advanced Security Database Option. That requires user to be licensed for database enterprise edition. However, with Oracle Database 18c Express Edition (18cXE), Oracle has made it free and accessible by everyone!

This post was specially written for Oracle Application Express (APEX) developers who are new to this technology. It provides a simple workflow for creating an encrypted tablespaces. Since APEX application live on the database, placing the parsing schema on a TDE-enabled tablespace, automatically protects the entire application. Hopefully this will encourage you to use it for protecting Personally Identifiable Information (PII) or any other sensitive and confidential data.

Read More

We Have a Wallet

Photo by Pexels

Updated November 17, 2018
Please read this follow-up post as well. It contains an important note about intermediate certificates and where to download the root certificates.

One of the difficulties working with web services in the previous version of Oracle Database Express Edition (XE) was the lack of a usable Oracle Wallet. This was fast becoming a huge problems for developers, as many API providers started enforcing requirements to that clients accessed services through secured channels. When working with 11g XE, I often relied on proxies within a sandbox to mask the need for SSL/TLS. I discussed this somewhat at length in a previous blog post.

With the 18c release, Oracle has opened up and provided us developers the opportunities to make our apps safer. We now have access to the (orapki) tools needed to manage an Oracle Wallet. I don’t do this a lot, so I keep a snippets of what I do to make this easy.

Read More

Sweet 18 - A New Oracle XE Release

Photo by danny howe

What a prelude to Oracle OpenWorld 2018 (OOW18)! ICYMI, the next-generation Oracle Database 18c Express Edition (18cXE) was released late last week. The database software comes with a bunch of free enterprise features and options that usually come with a hefty price tag. Among them, Oracle Advanced Analytics, Oracle Advanced Security and Oracle RDF Semantic Graph are my favourites! See the Features Availability for more details on the Oracle great giveaway!

Since Saturday, I have been kept busy working on getting the development environment ready for Fabe. It was just weeks ago since we had the environment up and running on 11gXE. The instance is fully driven on the back of Docker that made it easier to swap out the database.

Read More

Build Two Walls

The Great Wall of China

Authentication is an essential component of any enterprise application. These days though, it isn’t enough to protect your applications with only a username and password. These are easily stolen by key loggers, sniffing non-encrypted HTTP traffic, phishing, hacked Internet services and the list goes on. To make matters worse, many users have a poor habit of reusing passwords that thieves then use to penetrate other systems. I have had my fair share of that experience.

The question is, can we implement two-factor authentication (TFA) in Oracle Application Express (APEX)?

Read More

ODC Appreciation Day: Goodbye Oracle Multimedia

Salmon Run - Honour the Dead

Here’s my first contribution to the annual ODC Appreciation Day that was initiated by Tim Hall three years ago.

The product feature that I’d like to pay special tribute to this year is Oracle Multimedia (OMM). By now, I believe most would have heard that OMM has been deprecated. Mike Dietrich made special mention of it in a blog post earlier this year, with some clarity as to exactly when we can expect to see this useful feature go away for good.

Read More