Extending Oracle Applications on Mobile Using Oracle MAF and Oracle Mobile Security

Transcription

1 Extending Oracle Applications on Mobile Using Oracle MAF and Oracle Mobile Security

2 Contents Executive Summary Building Mobile Centric Applications Business Challenges Development Challenges Choosing the Right Development Approach & Framework Oracle MAF One Platform for Complete Mobile Solution Benefits of Oracle Mobile Application Framework (MAF) Avoiding Using Heterogeneous Mobile Platform within IT Landscape Reducing Mobile Application Development Life Cycle Time using Oracle MAF Exploring Enhanced Security Features with Oracle MAF Oracle Mobile Security Suite Components Specific Learning Implemented by RapidValue, which is not available in a Developer Guide equipme Enterprise Mobile Applications Using Oracle MAF Conclusion About Us

3 Executive Summary The popularity of mobile applications can be seen in every aspect of the enterprise. Enterprise mobility solutions, and as a service, are increasingly gaining prominence. There are several factors which is influencing this growth. As per industry experts and leading market research firms: By 2017, 50% of employers will require employees to supply their own device for work purposes (BYOD) 87% of connected devices sales by 2017 will be tablets and smartphones Enterprise Mobility spend to double from 5% to 10-12% of total IT spend by 2020 By 2020, the Global Enterprise Mobility market opportunity has been pegged at $140 billion Source: Nasscom, Gartner and IDC Going with these numbers, the technology landscape is driving the entire mobile eco-system towards enabling mobility for organizations, across industry verticals. Right from retail, healthcare, financial services, manufacturing, logistics, construction, telecommunication and even real-estate are aligning their business strategy with mobility roadmap. There are many approaches to choosing the right mobile application framework and tools for building the mobile applications. This paper, specifically, explains extending Oracle Applications on Mobile using Oracle Mobile Application Framework (MAF) & Oracle Mobile Security. It addresses the framework, approach, architecture options to extend Oracle applications on mobile, why one should avoid heterogeneous mobile platforms within their IT landscape, how Oracle MAF can reduce the mobile app development life cycle time and the enhanced security features available in Oracle MAF. The paper, also, describes some of the key learning and benefits achieved using Oracle MAF, to implement several enterprise mobile applications by RapidValue Solutions. 03

4 Building Mobile Centric Applications Developing mobile applications is not easy, as there are several parameters to be considered, such as business and development challenges. Business Challenges The enterprise or business challenges are mainly: Securing corporate information Integration with systems Supporting BYOD or multiple devices Secure Corporate Information and Enterprise Systems: The CIOs would like to ensure that the mobile adoption does not make changes to the current security infrastructure and policy implementations. They would like to extend the current security methods. Also, they would like to decouple the authorization and authentication from the enterprise backend systems. High Performance and Transactions: The mobile application platform and architecture should be able to scale-up according to the transaction volumes. In the present age, several transactions will hit in the form of just queries, there will be users simply checking the products without actually purchasing one. Therefore, the mobile application platform should be able to handle high volumes. Also, the platform should have the ability to support concurrent applications, simultaneously. Integration: One of the major concerns is, how can the enterprise data and applications be exposed, using the existing tools and the technologies for integrating with mobile. Skilled Resources: The CIOs would like to have a platform for development which utilizes popular technologies like Java and available skill sets in the company, so that they can utilize the existing IT team for making changes and maintenance. Aggressive Timelines: On an average most organizations would like to develop 25 applications and add many new features to the application in a year. The time lines became aggressive from months to weeks. Therefore, the mobile application platform should have the ability to support quick development using declarative frameworks and pre-built components. 04

5 Development Languages & Testing Tools Specific Skill-set for Native Application Development Secure Enterprise Systems Skilled Resources Required Cost- Efficient Solution Cost Effective Solution required by Business Managers De-couple Corporate systems from front-end Extend Existing Corporate Security without Changes BUSINESS CHALLENGES Client pressure for Quick Time to Market Integration with other Systems Mobile Integration Integration High Performance & Scalability Aggressive Timelines Faster response time Higher Volume of Transactions High Availability Development Challenges Build & Integrate Complex Backend Functionality: The developers would like to focus on front-end functionality and UI coding. Almost 50% of their work is involved in writing code for APIs, developing backend functions like GPS, push notifications, chat etc. They prefer a development framework that will ease the complexity of device backend feature and provides quick integration capability, security features and other functions like chat, GPS etc. Some of the other challenges include multiple devices support and availability of wide-range of Integrated Development Environment (IDE). 50% of Time goes into coding Backend Functions Time for Writing Security Features Build Complex Back end Functions Development and Testing on Variety of devices Various Screen sizes and Form factor Multiple Devices Developer Challenges Integration with Device Functions Enabling Phone Capabilities Integrating Native features Wide-range of IDEs and Development Frameworks Integration to APIs BYOD Development Frameworks 05

6 Choosing the Right Development Approach & Framework There are multiple mobile application development options available, such as Mobile Web App (HTML5, JavaScript), Native mobile apps (ios, Android, Windows Phone, BlackBerry), Cross-platform (PhoneGap, Appcelerator, IBM Worklight, RhoMobile and Adobe AIR) and Mobile apps (ios, Android) using Oracle MAF. Developing Mobile Application can be a made easy, if you choose the right mobile application framework. I know that trying to code or Program everything myself would be a disaster 8 weeks of development were tedious. Many support engineers couldn t communicate in properly, and the final app couldn t be launched because of its bugs. All I got for spending effort & money was a terrible app. And this is how I tried to build a Mobile App using Oracle MAF 06

7 Oracle MAF One Platform for Complete Mobile Solution Develop Manage Integrate Deploy Secure Develop Developers should use MAF to build mobile applications using HTML5/Java/CSS3 environment i.e. to build cross-platform mobile applications. Since, Java and HTML5 are popular technologies, the organizations can leverage the existing IT skill sets. You can build mobile apps for ios /Android phones and tablets using a single source code. The applications can leverage the device features like camera, GPS, contacts etc. using the in-built Cordova. Also, developer should build offline capabilities using local SQLite database. Integrate Integration of corporate data and applications with external systems has been a major concern for organizations adopting mobility. Use Oracle FMW components for seamless integration of enterprise data and applications with mobile devices. Oracle SOA suite and OSB can be used for exposing enterprise data as web services and REST API s. The Web services and APIs can be created out of the existing systems without causing any change to the IT infrastructure using FMW components like SOA suite, OSB and adapters. Secure - Oracle MAF supports in-built security framework which can leverage the security and access features in Oracle Mobile Security components like OAM. MAF provides a unique Login authentication with EBS SDK for Java. Existing enterprise backend system authentication and authorizations can be federated or re-used using MAF without changing. MAF also supports multiple in-built security frame works like Mobile and Social, OAuth 2.0 and HTTPS. MAF can integrate easily with OAM / OID and use backend roles and privileges for secure authorizations. Deploy - The MAF applications are deployed on a robust web logic server to manage large volume of transactions. It ensures high availability and scalability. Manage Allows management of fraudulent activities, logins, device finger printing etc

8 Benefits of Oracle Mobile Application Framework (MAF) Oracle MAF addresses all the critical challenges and provides a cost-effective solution with quick deployment. It is a one platform to developers for a complete mobile solution. Some of the key benefits include: 1. Single Platform It handles end-to-end life cycle for enterprise mobility solutions 2. Hybrid Framework It supports developing Android and ios applications with Single Source Code 3. Easy for Developers - to adopt using existing skills a. It supports standard technologies such as HTML5, CSS3, JavaScript b. Java forms the core for Business Logic c. It is available as a plug-in for both JDeveloper and Eclipse IDEs 4. Speeds up UI development a. It is based on MVC framework b. It consists of in-built UI components and CSS features c. It uses declarative custom components for drag & drop development d. The platform enables accessing device features such as camera, contacts, GPS etc. using in-built Cordova plug-in e. Additional plug-ins which allows extension of app s functionality such as barcode scanning is also available f. It supports development of applications that can work in offline mode by using local SQLite database g. Developers can debug the applications using the framework 5. Security It includes extended enterprise security with in-built security framework 08

9 Avoiding Using Heterogeneous Mobile Platform within IT Landscape While extending Oracle applications, it is best and wise to use components from the Oracle stack. Oracle Mobile Platform now provides end-to-end infrastructure to develop, integrate, secure and manage your mobile applications. Oracle MAF provides in-built capabilities and configuration options to leverage the Oracle Fusion Middleware (FMW) stack of components which will ensure faster development time and lesser coding. All these integration and security can be implemented without even writing a single line of code. Let s analyze how major Oracle components can eliminate the need of heterogeneous systems and applications. Development This is the crux and the major foundation of this whitepaper. Oracle MAF can be the best mobile application development platform that can provide a cross-platform framework for developing ios and Android mobile applications. MAF includes pre-built configuration to enable Oracle Mobile Security and is compatible with Oracle FMW components which means lesser coding and quicker implementation of security. We can avoid using other cross-platform frameworks when we have MAF Integration Oracle provides Oracle Service Bus (OSB) and other FMW adapters. There is no need to look for other Enterprise Service Bus (ESB). OSB is a proven integration and routing mechanism, which also provides facility to implement Oracle web service security. Security Oracle FMW is rich in security components and is out-of-box compatible with MAF. Oracle EBS SDK for Java (JAAS Login) can be configured using MAF default HTTP basic authentication. MAF includes pre-built feature for implementing app containerization and security using OMSS (Oracle Mobile Security Suite). This is an extension of Oracle Identity Management (OIM) security that provides role based access to enterprise mobile applications. This helps developers to use this for MDM/ MAM and there is no need to use any third-party solution. We can implement risk based login using Oracle MAF. Oracle API gateway is an great tool that can provide first level defense security by implementing at the HTTP servers and between the firewalls. It provides the first check for API control and monitoring. Monitoring - Oracle MAF also provides consoles for API monitoring, detecting fraudulent activities, user activities etc. This eases the complexities of building a separate admin or web interface for monitoring and managing the mobile applications. 09

10 Reducing Mobile Application Development Life Cycle Time using Oracle MAF Oracle MAF includes several features and functionality which accelerates the implementation process. Some of the features provided, and configuration required to go-to-market quickly are: 1. Drag and Drop Components It allows developers to create task flows and create task flow views 2. Re-usable Components It can be created and stored in the library for other projects 3. Declarative Components Configuration 1: Create task flows for views using MAF task flow components 10

11 Configuration 2: Simplify the UI screens linking and definition using Control Flow Link the AMX views/ UI screens using control flow component Rename the View Title Provide user-friendly name for control flow case component Configuration 3: Create AMX Page Views and Navigation Create Default AMX page view layout component (e.g. Do you need Header, footer, primary buttons etc.) Click on the View to create AMX page default code layout 11

12 12

13 Configuration 4: Create Data Source by specifying the Source URL Data Controls are created automatically Data Controls created automatically 13

14 Configuration 5 - Defining AMX page Data-View and Layout Auto parsing of web service response using data controls Drag and Drop Data Control Components to create List View Drag and Drop Data Control Components to create List View 14

15 RapidValue Solutions 10 Configuration 6: Generate the List View Code without writing a single line of code 15

16 Configuration 7 - Web Services Integration using OSB Route web services from Oracle EBS using OSB Configure Logic within the OSB for message routing Transform web service using OSB from SOAP to REST/JSON 16

17 Configuration 8: Implement OWSM security using OSB Provide additional web service security using OWSM Implement various OWSM security policies Example - Username/Token security, SAML token, Kerberos token etc. 17

18 Exploring Enhanced Security Features with Oracle MAF OMSS is an enterprise mobile security suite that is placed on top of Oracle Identity Management (OIM) and Access Management (OAM) platforms. It is an extension of OID (Oracle Internet Directory)/OIM platforms. This is a MDM/MAM suite from Oracle that extends corporate security by providing client side App Containerization for ios/android apps. OMSS avoids the problems of personal apps being monitored and managed by corporate policies in the BYOD scenario. It creates a separate corporate app container which whitelists the app authentications and authorizations using OAM/OID services. It also has an optional PIM (Personal Information Manager) applications for securing s, contacts, tasks etc. and synchronizing with corporate exchange servers. Some of the key features are: It provides application containerization and isolates enterprise apps from personal apps It supports Remote wipe It restricts Data Transfer It extends Oracle Access Manager and IDM services for role based authentications and authorizations It provides Oracle secure workspace with Oracle Mail Manager tools for PIM apps such as , contacts, calendar, tasks etc. It provides Oracle mobile security admin console for remote wipe, locking apps, controlling access and monitoring MAF version includes default support for app containerization using OMSS. This is currently available only for ios apps of MAF With MAF 2.0.1, securing MAF application with OMSS is as simple as clicking a check box in the Deployment Profile Dialog Box, and the deployment process automatically generates the ios binary (ipa file), wraps the binary with Oracle Secure Workspace container and signs the application with the distribution certificates and provisioning profiles. MAF and OMSS consist of internal compatibility in-built. 18

19 Oracle Mobile Security Suite Components Using MAF s pre-built security framework: There is no need to write even a single line of code MAF by itself provides tight integration with OMSS. It is enabled by selecting the check box while deploying the application OMSS Containerized App DMZ SSO Integration (Kerberos) OMSS Admin Console OID OM INV PO APR Oracle API Gateway Oracle Secure Mail/ PIM Manager OAM App Tunnel Oracle Mobile Security Access Server OWSM Enterprise System OSM/ESB Personal App Oracle Mobile Security Suite (OMSS) Architecture Note: OID - Oracle Internet Directory, OAM - Oracle Access Manager, OWSM - Oracle Web Service Manager, OSB - Oracle Service Bus, ESB - Enterprise Service Bus 19

20 Specific Learning Implemented by RapidValue, which is not available in a Developer Guide 1. Train 2. Tab View 3. Team Calendar For displaying order status progression Train component was available in ADF faces but not in MAF Custom Train components are created from start by replicating the components from the ADF faces Used MAF panel group layout and MAF tables components, along with CSS for creating the train Also used Java logic for coloring the bubbles for changing train status For sorting orders according to Today, Week, Month time period MAF does not have a tab view component by default Used MAF tables and Command buttons, along with CSS Used Java logic for listing the orders according to the time period For sorting orders according to Today, Week, Month time period MAF does not have a tab view component by default Used MAF List View Component and Command buttons along with CSS Also used Java logic for displaying the leave data 20

21 equipme Enterprise Mobile Applications Using Oracle MAF This section illustrates some of the applications developed by RapidValue Solutions using Oracle MAF. 1. FSM Mobile Application The application allows field service technicians to view daily tasks lists, schedule customer appointments, view customer/ product & service details, real-time reporting of charges, optimize customer visits, based on location through maps, etc., while on the move. 21

22 2. Inventory Management Mobile Application The Inventory & PO receipt management application ensures that the store managers (in retail) and enterprises are well aware of the status of the goods that are being obtained and also, which are being sold/ shipped. The application has various privileges which have been allotted to each of the users. The users can access PO, Line items, create and place orders, scan barcodes, check order status, look up for SKU s etc. 22

23 3. Procurement Management Mobile Application The procurement mobile application helps to streamline your workflow and business processes. The procurement management application enables users to create and view PO, manage purchase requisitions, check order status, add line items, view receipts etc., from anywhere, and in a secure manner. 23

24 4. Expense Management Application The expense management application helps employees, who are travelling and not often near their desktop, to submit travel related expenses for reimbursements through the mobile. The employees can also scan and upload receipts and documents from the mobile application. It also facilitates the managers to approve the expense report, using the mobile application. 24

25 Conclusion Oracle MAF is Oracle s strategic platform for cross-platform mobile application development. MAF can be used to develop ios and Android mobile, as well as tablet applications using a single source code. The declarative components and quick integration mechanisms help developers to quickly develop mobile applications. The development framework along with Oracle Mobile Service Integration and Oracle Mobile Security provides a comprehensive mobile suite for extending enterprise systems to mobile, without compromising on security. Enterprises can extend their corporate security strategy using the Oracle Mobile Suite. This paper was presented by RapidValue Solutions, Rajesh Padinjaremadam, President & CEO and Abhijit Ramachandran, Product Manager Oracle Mobility at Collaborate 15 Conference in Las Vegas, USA. If you need more information, you can please write to the author, Abhijit Ramachandran at abhijitrc@rapidvaluesolutions.com RapidValue has a team of domain experts and mobility consultants to help you build innovative and comprehensive mobile applications for your enterprise. If you need guidance on building your first mobile application, please write to contactus@rapidvaluesolutions.com, we ll be happy to hear from you. 25

26 About RapidValue RapidValue is a leading provider of end-to-end mobility solutions to enterprises worldwide. Armed with a large team of experts in mobility consulting and application development, along with experience delivering global mobility projects, we offer a range of mobility services across industry verticals. RapidValue delivers its services to the world s top brands and Fortune 1000 companies, and has offices in the United States and India contactus@rapidvaluesolutions.com