Sie sind auf Seite 1von 5

What is ADF?

The Oracle Application Development Framework (Oracle ADF) is an end-toend application framework that builds on J2EE standards and open-source
technologies to simplify and accelerate implementing service-oriented
applications. If you develop enterprise solutions that search, display, create,
modify, and validate data using web, wireless, desktop, or web services
interfaces, Oracle ADF can simplify your job. Used in tandem, Oracle
JDeveloper 10g/R12 and Oracle ADF give you an environment that covers the
full development lifecycle from design to deployment, with drag-and-drop
data binding, visual UI design, and team development features built-in.

MVC Architecture
ADF is based on the industry-standard J2EE MVC design pattern. Developers
manipulate the application's metadata using Oracle JDeveloper OA Extension,
while ADF uses the most efficient manner to execute the application. The
MVC architecture is a component-based design pattern with clean interfaces
between the Model, View, and Controller.
The Model is where the application implements its business logic. Eg.
EO,AM,etc
The View is where the application implements its user interface Eg. VO
The Controller is where the application handles user interaction and directs
business flow. Eg. Backing bean,controllers.

ADF can be utilized in any of following technologies


Business Services Technologies Supported by ADF Model In the model layer,
Oracle ADF Model implements the JSR-227 service abstraction called the data
control and provides out-of-box data control implementations for the most
common business service technologies. Whichever ones you employ,
JDeveloper and Oracle ADF work together to provide you a declarative, dragand-drop data binding experience as you build your user interfaces.
Supported technologies include
Enterprise JavaBeans (EJB) Session Beans Since most J2EE applications require
transactional services, EJB session beans are a logical choice because they offer
declarative transaction control. Behind the EJB session bean facade for your
business service, you use plain old Java objects (POJOs) or EJB entity beans to
represent your business domain objects. JDeveloper offers integrated support for
creating EJB session beans, generating initial session facade implementations, and
creating either Java classes or entity beans. You can also use Oracle TopLink in
JDeveloper to configure the object/relational mapping of these classes
. JavaBeans You can easily work with any Java-based service classes as well,
including the ability to leverage Oracle TopLink mapping if needed.
Web Services When the services your application requires expose standard web
services interfaces, just supply Oracle ADF with the URL to the relevant Web
Services Description Language (WSDL) for the service endpoints and begin building
user interfaces that interact with them and present their results.
XML If your application needs to interact with XML or comma-separated values
(CSV) data that is not exposed as a web service, this is easy to accomplish, too. Just
supply the provider URL and optional parameters and you can begin to work with
the data.
ADF Application Modules These service classes are a feature of the ADF Business
Components module, and expose an updateable dataset of SQL query results with
automatic business rules enforcement.

Jdeveloper 12c

Creating Web Service Data Controls


The most common way of using web services in an application developed using
JDevelopers ADF framework is to create a data control for an external web service,
and a usual reason for this is to add functionality that is readily available as a web
service but which would be time consuming to develop with the application, or to
access an application that runs on a different architecture. Also, you can re-use
components created by the ADF framework to make them available as web services
for other applications to access.

How to Create a Web Service Data Control


JDeveloper allows you to create a data control for an existing web service using just
the WSDL for the service. You can browse to a WSDL on the local file system, locate
one in a UDDI registry, or enter the WSDL URL directly.
To create a web service data control:

1. In the Application Navigator, right-click an application and choose New.


2. In the New Gallery, expand Business Tier in the Categories tree, and select Web
Services.
3. In the Items list, double-click Web Service Data Control.
4. Follow the wizard instructions to complete creating the data control.

Alternatively, you can right-click on the WSDL node in the navigator and select the
Create Data Control from the context menu.
Note: If you are working behind a firewall and you want to use a web service that is
outside the firewall, you must configure the Web/Browser Proxy settings in
JDeveloper. Refer to the JDeveloper online help for more information.

Securing Web Service Data Controls


Web services allow applications to exchange data and information through defined
application programming interfaces. SSL (Secure Sockets Layer) provides secure
data transfer over unreliable networks, but SSL only works point to point. Once the
data reaches the other end, the SSL security is removed and the data becomes
accessible in its raw format. A complex web service transaction can have data
multiple messages being sent to different systems, and SSL cannot provide the endto-end security that would keep the data invulnerable to eavesdropping. Any form
of security for web services has to address the following issues:
The authenticity and integrity of data.
Data privacy and confidentiality.
Authentication and authorization.
Non-repudiation.
Denial of service attacks.

WS-Security Specification
The WS-Security specification unifies multiple security technologies to make secure
web services interoperable between systems and platforms. The specification can
be viewed at http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-mes
sage-security-1.0.pdf. WS-Security addresses the following aspects of web services
security issues: Authentication and Authorization The identity of the sender of the
data is verified, and the security system ensures that the sender has privileges to
perform the data transaction. The type of authentication can be a basic username
password pair transmitted in plain text, or trusted X509 certificate chains. SAML
assertion tokens can also be used to allow the client to authenticate against the
service, or allow it to participate in a federated SSO environment, where in
authenticated details are be shared between domains in a vendor independent

manner Data Authenticity, Integrity and Non-Repudation XML digital signatures,


which use industry standard messages, digest algorithms to digitally sign the SOAP
message. Data Privacy XML encryption that uses industry standard encryption
algorithms to encrypt the message. Denial of Service Attacks Defines XML
structures to time stamp the SOAP message. The server uses the time stamp to
invalidate the SOAP message after a defined interval.
Securing Web Service Data Controls
21-6 Oracle Application Development Framework Developers Guide
Throughout this section the "client" is the web service data control, which sends
SOAP messages to a deployed web service. The deployed web service may be: a
web service deployed on OC4J for testing purposes. web service running on Oracle
Application Server. A web service running anywhere in the world that is accessible
through the Internet

Das könnte Ihnen auch gefallen