Feed aggregator

ORA-12154 Error Connecting to A Database Using ODBC (ONLY) (Using SQLPlus It connects Just Fine)

Tom Kyte - Thu, 2017-05-11 17:26
I am trying to setup an ODBC connection on Linux. I have create the following odbcinst.ini file. <code> [OracleODBC-12.1] Description = Oracle ODBC driver for Oracle Driver = /u01/app/oracle/product/12.2.0/client_1/lib/libsqora.so.12.1 FileUs...
Categories: DBA Blogs

Calling PL/SQL packaged stored procedure from Java with TABLE OF RECORD

Tom Kyte - Thu, 2017-05-11 17:26
Dear Oracle Masters, I am trying to call an Oracle packaged stored procedure that has a formal input parameter of TABLE OF RECORD type. There are plenty of examples of calling a SP with either a RECORD or TABLE type but not both. I also want to ta...
Categories: DBA Blogs

Oracle Utilities Work And Asset Management V2. Released

Anthony Shorten - Thu, 2017-05-11 16:14

Oracle Utilities Work And Asset Management (WAM) V2. has been released and is available from Oracle Delivery Cloud. This version is also based upon Oracle Utilities Application Framework V4. (also known as 4.3 SP4).

Included in this release are usability enhancements, an update to the Esri GIS Integration, Preventive Maintenance Event processing, and Construction Work Management.  

With these new additions we are now able to support the full asset lifecycle, from design and construction to retirement, opening up the gas and electric distribution market.  Construction Work Management adds the final piece to the Asset Lifecycle process.

  • Asset Performance Management - The Asset Performance Management features have been enhanced to offer new ways to calculate Asset Health Index scores and to set up Preventive Maintenance triggers based on the Asset Health Index.   We also offer integration points for third party predictive maintenance products to affect the Asset Health Index.
  • Compatible Units - Compatible Units are job standards that can be used to provide consistency and assistance when creating work designs.  Compatible Units can be created for either internal resources or for contractors.
  • Construction Work Design - Work Designs are critical to utility distribution companies.  The work design process leverages the compatible units to quickly scope and estimate the costs of work.  You are able to create multiple versions to designs to compare various construction options such as overhead or underground work.  You can also create design versions to compare contractor work.  When you pick a design to execute, you are able to easily transition the work design into a work package without having to create new work orders from scratch.
  • Construction Work Orders - Construction work orders differ from regular work orders because we are creating new assets rather than maintaining existing assets.  A construction work order also manages Construction Work in Progress (CWIP) accounting to ensure the work in progress is accounted for correctly.  The closeout process allows you to create new WAM assets to start their lifecycle in WAM and also creates the fixed asset property unit data to feed the corporate accounting system.
  • "As Built" Reconciliation - One of the big challenges for organizations is the reconciliation of the work design to the actual construction.  The actual construction work often diverges from the estimate due to the wide variety of variables that occur on a project.  WAM v2.2 offers a full reconciliation process to allow you to revise the values of assets, move costs between construction and maintenance accounts, review and adjust property unit valuation, and provides support for mass asset valuations.
  • PM Event Processing -  You can now package up a group of work templates into a PM Event and trigger that event as a group rather than one work template at a time.  This can be used for outage work or any repetitive work that requires multiple work orders to be created.

  • Esri GIS Integration - The user experience of the Esri GIS Integration was completely revised to provide a more intuitive experience.  Esri mapviewer components are directly integrated into the Work and Asset Management product.  Customers can publish any map component as an Esri Web Map and enroll that Web Map into WAM.  This includes feature layer maps as well as any thematic maps or metrics that customers choose to publish.

Esri Integration


SQL Server 2017: Python server

Yann Neuhaus - Thu, 2017-05-11 08:17

After my article SQL Server 2017: first steps with Python Service, I write this article about my first test with the Python Server feature in SQL Server 2017.

The installation is very simple, in the features Selection window, you have in the Shared Features, you have a Machine Learning Server (Standalone) with R and Python.
I check Python to install the Python Server and here we go.
Like for the Python services, you need to accept “Consent to install Python”
Don’t forget to give access to Internet to your server. If not, the installation failed and you have this message:
With Internet, the installation is successful.
At the end of the installation, I open the summary file to analyze what is installed.
I find feature parameters for the script installation for the Python Server:

  • SQL_SHARED_AA for the Machine Learning Server (Standalone) – AA is for ADVANCED ANALYTICS
  • SQL_SHARED_MPY for Python

At this point, I have a Python Server but, now, what is a Python Server?
On my server, I open the search and tape Python as keyword…
No result found… Ok. Old method, go to the folder and search manually.
I go directly in the folder “C:\Program Files\Microsoft SQL Server\140” and I see a folder “PYTHON_SERVER”:
I open the folder “PYTHON_SERVER” and see three executables:

  • Uninstall-Anaconda: to uninstall the python server
  • Python: Command Console to execute Python code
  • Pythonw: Command Console to execute Python code without Window

To Test the Python server, I run the executable python (to have a cmd window) and use the same example as my article for the Python service.
The Python query is:

Import pip
Installed_packages = pip.get_installed_distributions()
Installed_packages_list = sorted([“%s %s” % (i.key, i.version) for I in Installed_packages])

As you can see in the picture, the same 125 packages as for the Python Service are installed on the Python Server.
:idea: Let yourself be tempted


Cet article SQL Server 2017: Python server est apparu en premier sur Blog dbi services.

Emerson Adopts Oracle HCM Cloud Suite to Unify its Global Workforce

Oracle Press Releases - Thu, 2017-05-11 07:00
Press Release
Emerson Adopts Oracle HCM Cloud Suite to Unify its Global Workforce Global technology and engineering solutions company implements Oracle HCM Cloud to achieve a holistic view of its 80,000 employees

Redwood Shores, Calif. —May 11, 2017

Oracle today announced that Emerson, a global technology and engineering solutions company, has adopted Oracle Human Capital Management (HCM) Cloud to gain an in-depth view into its global employee base. The full Oracle HCM Cloud suite implementation for Emerson includes: Core HR, Payroll, Performance Management, Goal Management, Career Development, Talent Review & Succession Management and Workforce Compensation. The data analytics delivered by Oracle HCM Cloud will enable Emerson to support the complexities of a varied and shifting workforce as it transforms its business model from traditional manufacturing to a value-added, solutions provider.

To better assess and manage changes across its global workforce, Emerson needed a single global human resources solution that could align common global HR processes, support local compliance needs across 100 countries and engage its workforce. By seamlessly integrating Oracle HCM Cloud with its existing deployments of Oracle E-Business Suite and Oracle Enterprise Resource Planning (ERP) Cloud, Emerson can leverage powerful data analytics to identify and address HR trends and issues, such as recruitment and turnover.

“At Emerson, we pride ourselves in delivering the latest technologies to improve the processes and performance of our industrial, commercial and residential customers. In that same vein, we also aim to empower our employees by giving them easy access to the latest innovations,” said Jim Rhodes, vice president of human resources information systems at Emerson. “With Oracle HCM Cloud, we will be able to proactively support employees worldwide with truly integrated solutions for everything from performance and payroll to recruiting and employee records.”

Emerson’s previous on-premises solution was unable to provide a complete view of its employee base and required technical specialists to manage and maintain the system. With Oracle HCM Cloud, Emerson expects to drive efficiencies across its global business by taking advantage of in-house digital deployment services to provide unified, timely and accurate reports. Oracle HCM Cloud also delivers high-level data security features relevant for the management of sensitive employee information.

“When organizations are able to quickly and easily gain actionable insights into their global employee base they can improve both the employee and customer experience,” said Gretchen Alarcon, group vice president, HCM Product Strategy at Oracle. “Oracle HCM Cloud will enable Emerson to uncover valuable business insights that will ultimately help its transition to a value-added manufacturer.”

Emerson plans on implementing the Oracle HCM Cloud in a three-phase approach and will work with an Oracle implementation partner and Oracle Customer Support for trusted, secure and comprehensive support throughout the implementation process. 

Contact Info
Jennifer Yamamoto
Additional Information

To learn more about Oracle HCM Cloud, follow @OracleHCM on Twitter or Facebook, or read the Modern HR in the Cloud blog

About Emerson Emerson (NYSE: EMR), headquartered in St. Louis, Missouri (USA), is a global technology and engineering company providing innovative solutions for customers in industrial, commercial, and residential markets. Our Emerson Automation Solutions business helps process, hybrid, and discrete manufacturers maximize production, protect personnel and the environment while optimizing their energy and operating costs. Our Emerson Commercial and Residential Solutions business helps ensure human comfort and health, protect food quality and safety, advance energy efficiency, and create sustainable infrastructure. For more information visit Emerson.com.

About Oracle

The Oracle Cloud delivers hundreds of SaaS applications and enterprise-class PaaS and IaaS services to customers in more than 195 countries while processing 55 billion transactions a day. For more information about Oracle (NYSE:ORCL), please visit us at http://cloud.oracle.com.


Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Safe Harbor

The preceding is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle Corporation.

Talk to a Press Contact

Jennifer Yamamoto

  • +1.916.761.9555

Reminder: Upgrade Microsoft Vista Desktops

Steven Chan - Thu, 2017-05-11 02:00
Vista logoMicrosoft ended support for Windows Vista on April 11, 2017.  The official support dates are published here:  

Windows Vista is certified for desktop clients accessing the E-Business Suite today.  Our general policy is that we support certified third-party products as long as the third-party vendor supports them.  When the third-party vendor retires a product, we consider that to be an historical certification for EBS.

What can EBS customers expect after April 2017?

After Microsoft desupports Vista in April 2017:

  • Oracle Support will continue to assist, where possible, in investigating issues that involve Windows Vista.
  • Oracle's ability to assist may be limited due to limited access to PCs running Windows Vista.
  • Oracle will continue to provide access to existing EBS patches for Windows Vista.
  • Oracle will provide new EBS patches only for issues that can be reproduced on later operating system configurations that Microsoft is actively supporting (e.g. Windows 7, Windows 10)

What should EBS customers do?

Oracle strongly recommends that E-Business Suite customers upgrade their desktops from Windows Vista to the latest certified equivalents.  As of today, those are Windows 7, 8.1, and 10

Related Articles

Categories: APPS Blogs

Oracle is hanging after few days (intermittent) and cannot connect as user sys even with prelim option and lsnrctl do not work too

Tom Kyte - Wed, 2017-05-10 23:06
I have several clients that is having this intermittent issue where Oracle just hang. Only solution is stop and start the win DB service and sometimes it needs to be done twice. When the DB is hanging both CPU and memory are good. I tried co...
Categories: DBA Blogs

Object No Longer Exists - Non DDL Issue

Tom Kyte - Wed, 2017-05-10 23:06
We have partitioned tables (with indexes) with about 12 million records in each partition. We transfer data to non-partitioned (no indexes) table, perform calculations, and move data back to partitioned table when finished. These are all parallel INS...
Categories: DBA Blogs

expdp with same schema

Tom Kyte - Wed, 2017-05-10 23:06
I have export schema of production (CPG_PROD) now i want to restore on development server where i have alredy CPG_PROD schema. Now i want to restore production CPG_PROD On development but same name is already there so How can i import the produc...
Categories: DBA Blogs

ORA-01400: cannot insert NULL into ( blob )

Tom Kyte - Wed, 2017-05-10 23:06
Hello Tom, I have table with two column, this is sql code : CREATE TABLE AVR_xml ( x_xml NUMBER(10) GENERATED BY DEFAULT ON NULL AS IDENTITY NOT NULL, xml BLOB NOT NULL ) STORAGE (INITIAL 101204K NEXT 9200K) TABLESPACE "EX_DBS" ...
Categories: DBA Blogs

APEX Connect 2017 – Day 2

Yann Neuhaus - Wed, 2017-05-10 15:48

After the Keynote about “Oracle Application Express – Ahead of it’s time. Leading the way forward” by Joel Kallmann (Director of Software Development for APEX) and some overall presentation about Development with APEX 5.1, I decided to attend presentations on following topics oriented towards tools to make developer’s life easier:
– APEX OOS Tools and helper
– Useful APEX plugins
– LESS is more
– JavaScript Debugging and Tuning
– Introduction to Oracle JET

Oracle Application Express – Ahead of it’s time. Leading the way forward:
In 2008 APEX was already matching the definition of cloud given by the NIST (National Institute of Standards and Technology) and even matching the definition of PaaS in 2002: APEX was ahead of it’s time!
APEX allows to increase productivity and consistency, reducing complexity due to it’s declarative framework setup. It’s therefore to be seen as lowcode development environment: https://apex.oracle.com/lowcode/
What is impressive about APEX is that a packaged app written in 2008 is still able to run on apex.oracle.com today.
It’s the most used development platform within Oracle for running there internal business.
There is now an online APEX curriculum available for free on Oracle academy: APEX on Oracle academy
Oracle database free services online will be launched, replacing apex.oracle.com.

Upcoming features in APEX 5.2:
The next version of APEX may contain features like:
– Blueprint wizard: allows to integrate features from existing packaged apps in your on application declaratively
– Improved packaged apps
– Update of JET and JQuery versions
– Enhancements in Page designer:
-* Dialogs/pop-overs
-* Client side dialogs
-* Adaptive UI based on preference options declaratively enabled/disabled
-* Removal of legacy component view
– Enhancements on JET Charts:
-* New Gantt chart
-* New pyramid report
-* New Box Plot
-* New interactive report and websheet charts
-* Removal of 32k limit of data visualization
– Improved interactive grids
-* Flexible row height
-* Group by view
-* Pivot view
-* Region button position
-* Printing
-* Subscription
-* Computation
-* Required filtering
-* Complex filtering and highlighting
-* No stretch columns
-* Copy down facility
-* API documentation
-* Migration for interactive reports
– Improved REST services
-* Declarative support of REST services
-* REST services as data source for APEX components
-* Simple access to Cloud services
-* ORDS remote SQL data access
-* SQL execution on remote DB
All very nice and promising features :-)

APEX OOS Tools and helper::
Oracle Open Source Tools and other useful Open Source projects can be found in GitHub within different repositories.
Most famous OOS tools for APEX developers are:
– oracle-db-tools
– oraclejet
– db-sample-schemas
– node-dboracle
– docker-images
Link to oracle GitHub: https://github.com/oracle
Beside that to Open Source community provides various other tools for APEX developers:
– oxar (automated installation of full development environment)https://github.com/OraOpenSource/OXAR
– docker images https://github.com/Dani3lSun/docker-db-apex-dev
– Logger https://github.com/OraOpenSource/Logger
– APEX Diff (comparison of application exports based on JSON using node.js and sqlcl) https://github.com/OraOpenSource/apex-diff
– APEX Client extension https://github.com/OraOpenSource/apex-frontend-boost
– PL/SQL libraries like Alexandria https://github.com/mortenbra/alexandria-plsql-utils
– APEX backup scripts https://github.com/OraOpenSource/apexbackup
There is a lot out there to make you life easier. Enjoy them!
Thanks a lot to all contributors!

Useful APEX plugins::
APEX is a very nice development framework but it sometimes needs more than what is provided by Oracle.
Fortunately APEX allows to write extensions to fill-in the gap: plug-ins
There are many to be found on apex.world
Here is an non exhaustive list of useful plug-ins that were presented at APEX connect:
– select2 https://select2.github.io/
– Date range (based on JS moment library) http://apex.pretius.com/apex/f?p=105:DATERANGE:::NO:::
– Help text tooltip http://apex.pretius.com/apex/f?p=105:HELPTEXT:::NO:::
– Dropzone (for multiple file upload) https://github.com/Dani3lSun/apex-plugin-dropzone
– Excel to collections http://www.apex-plugin.com/oracle-apex-plugins/process-type-plugin/excel2collections_271.html
– Enhanced notification http://apex.pretius.com/apex/f?p=105:NOTIFICATIONS:::NO:::
– Nested reports http://apex.pretius.com/apex/f?p=105:NESTED_REPORTS:::NO:::
Thanks to all developers who provide those plug-ins and make APEX be even more enjoyable!

LESS is more::
What is LESS?
LESS is a CSS pre-processor which allows to use variable, mix-ins and nested rules to facilitate the rules CSS management.
It’s already in use in APEXso that you can leverage thattool to adjust your application to your Corporate identity guidelines.
The Theme roller of APEX 5.x make use of it, but the core.css of APEX is not modified that way.
I would suggest you to visit following website if you are interested in who LESS works:

JavaScript Debugging and Tuning::
APEX makes use of JQuery.
In some cases you might run into performance issues while loading or using your application pages.
Here are some tips and tricks to optimize JavaScript in your application based on experience.
– Use the right selector to reducing searches in the DOM (from the most to the less selective: id, element, class, attribute, pseudo)
– Use loops the right way (arrays can help)
– Use variables to reduce DOM access
– Use detach function to have an “offline” DOM and reduce the cost of parsing and accessing the DOM
– In some case native JavaScript is faster than JQuery
There are tools to help you measure the performance of your page:
– jsperf.com
– ESBench.com
– Chrome Canary developer tools
When it comes about page load performance, the size of your JavaScript library file is key. This can be reduced using tools like uglifyJS.
For Debugging and Logging purpose you can make use of the client console.log or even better the APEX.debug wrapper on it. Unfortunately those logs are only visible on the client console during runtime. One option to centralize them would be to write the result of the logs into a DB table using AJAX. Also stacktrace.js is of help as it captures the user context which can then be put with the logs to better understand the issue.
Ultimately REST service could also be an alternative to send back the logs to the DB.

Introduction to Oracle JET:
Oracle JET: JavaScript Extension Toolkit
It supports multilingual and follows W3C standards.
A JET module is always made of at least 2 parts:
– JavaScript file (view Models)
– HTML file (views)
When using JET modules you always have to take care of the required libraries/modules (dependencies).
APEX only makes use of the JET Charts for now.
I can only recommend to visit the Oracle web page on that subject:


Cet article APEX Connect 2017 – Day 2 est apparu en premier sur Blog dbi services.

Oracle SOA Suite: Two-way SSL with TLS1.2 made easy (slightly less complicated)

Amis Blog - Wed, 2017-05-10 14:14

Transport layer security (TLS) is not an easy topic. Many blogs have been written about this already. Surprisingly though, I did not find a single blog which was more or less complete and provided me with everything I needed to know to get this working on SOA Suite 12.2.1. In this blog I try to make the topic more easy to understand and provide a complete end to end example.

Suppose you only want an implementation and do not care much about the explanation, you can skip the ‘Some basics’ section, only execute the commands in bold in the ‘Lets get started!’ section and the steps in the ‘WebLogic and SOA Suite’ section. Do take into consideration any existing SSL related configuration on your own system.

Some basics SSL/TLS

SSL stands for Secure Sockets Layer. SSL is the predecessor of TLS. SSL should be considered insecure since in October 2014 the POODLE attack was announced. TLS currently has 4 versions. TLS 1.0, 1.1, 1.2 and 1.3. 1.3 is not widely supported/adopted yet. SSL/TLS provide integrity checks, security and authentication.


A server which hosts traffic on a port which has SSL/TLS enabled, has an identity keystore. This identity keystore contains a private key and a public key/certificate. The public key/certificate can safely be given to other parties. With websites when visiting an HTTPS website (HTTP with SSL enabled), the public key is send to you. The other party / client can use the public key to encrypt messages meant for the server. The only one who can decrypt the messages is the one having the private key of the server. This is usually only the server.


Can you trust a server? You can use a certificate authority to create a signed public key. If someone trust the certificate authority, that someone also automatically trusts the signed key. With websites you often see a green lock when a certain website uses HTTPS with a public certificate signed by a (by your webbrowser) trusted certificate authority.

Usually a truststore is used to store trusted certificate authorities or specific trusted certificates. If you have many servers in your application landscape, it is recommended to use a certificate authority since it is cumbersome to load every public key of every server in every truststore. Trusting a single certificate authority makes things a lot easier.

Certificate authority

A certificate authority has a private key which it can use to sign a so-called certificate signing request. From this certificate signing request you can create a signed public key.

Certain companies such as Google and Microsoft provide certain checks to confirm someones identity before providing them with a signed public key. You can pay these companies to provide those checks and give you a signed certificate. Most of these companies are trusted certificate authorities by default in several OSs and browsers. This way for a website for example, you do not have to make changes on a client for your certificate to be trusted.

If you run several servers within your internal company network, you often do not require these external checks. You can create your own certificate authority private key and create a signed public key yourself. This certificate authority is not trusted by default so you should trust the public certificate of your self-signed certificate authority in order establish trust.


A cipher is an algorithm for encryption and decryption. With SSL, during the handshake phase (the phase which establishes an SSL session), a cipher is determined. The client usually provides a list of the ciphers it supports and the server chooses which one to use. During an SSL handshake you can see in logfiles which cipher is chosen.

Lets get started!

I used 2 SOA Suite installations (complete, no quickstart) in 2 different VM’s for this example. soaserver1 and soaserver2. I used a host-only network with fixed IP’s in VirtualBox and added IP/hostname mappings in the hosts files of the two servers.

Create a self-signed certificate autority

A blog explaining the topic on creating your own certificate authority can be found here. This is just my short summary with some corrections. Do read it for some easy to understand background information.

This simple example uses OpenSSL. OpenSSL is installed by default on most Linux environments and can also be installed on other OSs.

First create a private key for your certificate authority:

openssl genrsa -des3 -out rootCA.key 2048

I create an RSA key and protect it with the DES3 cipher algorithm based on a password. I want my key to have a length of 2048 bytes. You can also choose for ECC keys. They can be smaller when comparing to RSA keys to provide the same level of protection. ECDSA (Elliptic Curve Digital Signature Algorithm) ciphers use ECC keys. Keep this key private! It allows you to sign public keys (see later in this post) and create trust.

Next I self-sign this generated key. This creates a public signed key for the certificate authority. I can load this key in truststores to achieve trust for keys which are signed with this certificate:

openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.pem -subj ‘/CN=Conclusion/OU=Integration/O=AMIS/L=Nieuwegein/ST=Utrecht/C=NL’ -extensions v3_ca

Lets break this down:

  • req: do a request
  • x509: this defines the format of the key to be generated. In the x509 standard, several pieces of metadata can be stored with the certificate and the certificate authority structure is also part of the x509 standard. Read more here.
  • new: generate a new key
  • nodes: this is actually ‘no DES’. My public key does not need to be protected with a password.
  • key: specifies the private key to sign
  • sha256: secure hash algorithm. Hashing is used to provide data integrity functionality. Creating a hash of a transmission allows you to check at a later time if the transmission has been tampered with.
  • days: specifies the validity of the generated certificate
  • subj: provides some metadata for the certificate
  • extensions v3_ca: this adds a metadata field to the certificate indicating that it is a certificate of a certificate authority. If this extension is not added, certain validations might fail

You can use the certificate authority private key and certificate as server identity but you shouldn’t. This will give certain validation errors because of the ‘extensions v3_ca’.

Create server identity keys

Next we create a private key which will be used as identity of the WebLogic server

openssl genrsa -des3 -out soaserver1.key 2048

After we have created this private key, we can create a certificate signing request for this private key

openssl req -new -key soaserver1.key -out soaserver1.csr -subj ‘/CN=soaserver1/OU=Integration/O=AMIS/L=Nieuwegein/ST=Utrecht/C=NL’

This is pretty similar as to what we have done for the certificate authority. However mind the subj clause here. The common name should match the server hostname. This will be used later for verification of the identity of the server by the client. In order to allow two-way SSL, I added the server hostname to IP mapping to every servers hosts file. In an enterprise you would use a DNS (domain name system) for this since you do not want to maintain every mapping in every server locally.

Next sign the certificate using the information in the private key and certificate of the certificate authority.

openssl x509 -req -in soaserver1.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out soaserver1.crt -days 1024 -sha256

This is very similar to signing the certificate authority certificate. Mind that a validity with a longer period than the validity of the certificate authority key is of course useless. Createserial creates a new file rootCA.srl. This serial number is unique for every signed certificate. You should save it so at a later time you can check if a certificate has been tampered with.

The next time you sign a certificate, you can use:

openssl x509 -req -in soaserver1.csr -CA rootCA.pem -CAkey rootCA.key -CAserial rootCA.srl -out soaserver1.crt -days 1024 -sha256

This will increase the previous serial with 1, making sure it is unique.

Creating an identity keystore

Now you have a signed certificate and a private key. Time to make a Java keystore (JKS) which can be used in WebLogic server and SOA Suite and other pieces of Java.

openssl pkcs12 -export -in soaserver1.crt -inkey soaserver1.key -chain -CAfile rootCA.pem -name “soaserver1” -out soaserver1.p12

keytool -importkeystore -deststorepass Welcome01 -destkeystore soaserver1identity.jks -srckeystore soaserver1.p12 -srcstoretype PKCS12

The above steps;

  • creating a private key
  • creating a certificate signing request
  • signing the certificate with the private key of the certificate authority
  • creating an identity keystore

need to be done for every server.

Creating a trust keystore

Here you can pick the fruits of the above work of using a certificate authority to sign your server private keys. You can use the certificate authority certificate in a truststore and every key signed with the certificate is trusted. You do not need to load every specific server certificate into every truststore the server needs access to. Creating a truststore is easy and you can do this once and use the same trust.jks file in all your servers.

keytool -import -alias rootCA -file rootCA.pem -keystore trust.jks -storepass Welcome01

WebLogic and SOA Suite

It is interesting to notice the incoming WebLogic configuration differs from the SOA Suite outgoing configuration. This is of course not surprising since a server usually only has a single identity, but an integration product like SOA Suite should able to interact with multiple protected external resources, maybe requiring different ciphers and keys for each of them. Also SOA Suite in the past (I’m not sure if that is still the case) could run on IBM WebSphere instead of WebLogic Server. Thus I can understand Oracle chose to provide a more generic implementation of SSL in the SOA Suite than the WebLogic specific one.


The WebLogic server configuration is pretty straightforward. In this example I’m only looking at SSL for incoming and outgoing messages for SOA Suite. The WebLogic specific configuration is only relevant for incoming connections. Basically the steps are as followed:

  • Enable SSL for the managed server
  • Specify keystores for identity and trust
  • Configure incoming SSL specifics
  • Force the server to use TLS1.2
Enable SSL for the managed server

First Enable the listen port for SSL. In WebLogic console, environment, servers, specify your server, configuration, general and indicate ‘SSL Listen port enabled’. You can also specify the SSL port here.

Specify the keystores for identity and trust

In WebLogic console, environment, servers, specify your server, configuration, keystores. You can specify the identity and trust keystores you have created during the above steps.

Configure incoming SSL specifics

In WebLogic console, environment, servers, specify your server, configuration, SSL. You can specify the identity key used for the server and several checks which can be done when establishing the SSL connection.

Some important settings:

  • BEA Hostname verifier. This indicates the CN field in the certificate is checked against the server hostname.
  • Client certs requested and enforced. If set, Two-Way SSL will be used and the client won’t be able to connect unless it presents a trusted certificate.
  • Buildin SSL Validation and Cert Path Validators. This checks the certificate chain.

It is important to understand what these checks do. A host name verifier ensures the host name in the URL to which the client connects matches the host name in the digital certificate that the server sends back as part of the SSL connection. This helps prevent man in the middle attacks where the client might connect to a different URL.

The below situation is something you won’t prevent even with this checks. I could connect without problems with the soaserver2 WebLogic server from soaserver1 with the certificate of soaserver2. Also when using the private key of soaserver1 as identity on soaserver2, soaserver2 would not complain about this. FireFox would though and most likely also other clients.

Force TLS1.2

If you want to force WebLogic / SOA Suite to use TLS 1.2 you can specify the following JVM parameters in the setDomainEnv.sh file.

-Dweblogic.security.SSL.minimumProtocolVersion=TLSv1.2 -Dhttps.protocols=TLSv1.2

SOA Suite

The SOA Suite configuration is a bit more elaborate in that it requires configuration in different places of which not all can be done from the GUI.

The steps which need to be performed are:

  • Specify the identity store used by SOA
  • Create a keystore password credential in the credential store
  • Configure composite to use two-way SSL
Specify identity store

First you have to specify the identity store which the SOA Suite will use for outbound connections. You can find this setting by going to SOA, soa-infra, SOA Administration, Common Properties, (scroll down), ‘More SOA Infra Advanced Configuration Properties…’

Here you have to specify the servers identity keystore. In my case /home/oracle/certs/soaserver1identity.jks.

Create a keystore password credential in the credential store

Next you have to specify the keystore password. If you forget to do this, you will encounter errors like:

On the client:
<May 7, 2017, 12:58:43,939 PM CEST> <Error> <oracle.integration.platform.blocks.soap> <BEA-000000> <Unable to create SSL Socket Factory>

On the server:
[2017-05-07T12:26:02.364+02:00] [soa_server1] [NOTIFICATION] [] [oracle.integration.platform.common.SSLSocketFactoryManagerImpl] [tid: [ACTIVE].ExecuteThread: ’25’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [userId: <anonymous>] [ecid: cd874e6b-9d05-4d97-a54d-ff9a3b8358e8-00000098,0] [APP: soa-infra] [partition-name: DOMAIN] [tenant-name: GLOBAL] Could not obtain keystore location or password

You can set the keystore password by going to your domain, Security, Credentials. You can create a credential map SOA with a keyname/user of KeyStorePassword with the password you have used for your keystore. It will use the same password for the key as for the keystore if not specified. You can create a KeyPassword entry for the password for the key if they differ.


Configure composite to use two-way SSL

This step is easy. You have to add a binding property to your reference which indicates you want to use two-way SSL.

In the composite.xml file on your reference you can add:

<property name=”oracle.soa.two.way.ssl.enabled”>true</property>

This causes the composite binding to use the identity (with the credential store password) for outbound SSL specified in the previously configured MBean.

You should of course also not forget to set the endpoint to a port which hosts HTTPS and indicate in the URL that it should use HTTPS to call this endpoint. In my example I’ve overridden the URL in the EM. Be aware though that overriding the endpoint URL might still cause the original endpoint to be called when the overridden endpoint is not accessible (if for example the SSL connection has issues).

Some useful tips

If you want to debug SSL connections, the following tips might help you.


It might appear strange to use a webbrowser to test SSL connections, but which piece of software uses SSL more than a browser? FireFox is very clear in its error messages what has gone wrong which greatly helps with debugging. FireFox uses its own certificate store and can provide certificates to login to a server. You can configure them from FireFox, Preferences, Advanced, Certificates, View Certificates. Here you can import client certificates such as the p12 files you have generated in an earlier step.

This provides for a very easy way to check whether a server can be accessed with SSL and if the server certificate has been correctly generated / set-up. FireFox also extensively checks certificates to provide the green-lock icons people are quite familiar with.

In this case I have SSL enabled for soaserver1 on port 7002. I open https://soaserver1:7002 in FireFox (do not forget the HTTPS part). Since I have enabled ‘Client certs requested and enforced’ in the WebLogic SSL configuration, it will ask me for a client key.

In this case you can check whether a client certificate will be trusted. When opening https://soaserver1:7002 and you get a 404 message, the WebLogic server is responding to you after the SSL handshake has succeeded.

In FireFox you can tweak the cipher suites which are used. Read about this here. Do mind that SSL connections can be cached and FireFox can remember to send specific keys. If you run FireFox on soaserver1 and open a link on soaserver1, Wireshark (read below) will not detect traffic on the same interface which is used to access soaserver2.


Use Wireshark to monitor connections/handshakes.

  • You can confirm the SSL/TLS version being used
  • You can see the number of messages which have crossed the wire (allows you to distinguish retries of for example a handshake fails)
  • Allows you to decrypt SSL traffic (if you have the private key)
  • It allows you to confirm an SSL connection is actually being set up. If you do not see it in Wireshark, no message has been send and the connection build-up fails on the client. This for example happens when the SOA, KeyStorePassword entry has not been set in the SOA Suite credential store.

SSL debug logging

If you want to see what is happening with your SSL connection, it is very helpful to provide some JVM switches in setDomainEnv.

-Dweblogic.security.SSL.verbose -Djavax.net.debug=all -Dssl.debug=true

You can also enable WebLogic SSL debugging in WebLogic console. Open a server and enable weblogic.security.SSL


Portecle is a handy and freely available tool if you want to manage keystores and look at key details.

Which service is called?

Suppose you have process A on server X which calls process B on server Y. For testing you first deploy process B on server X and use the WSDL of process B locally from process A. Next you override the endpoint to refer to the SSL port of server Y. What happens if the SSL connection cannot be established? By default, there are 3 retries after which the process falls back to using the endpoint as specified in the WSDL file. When testing it might seem the call from process A on X to B on Y works but it is actually a local call because the local call is the fallback for the remote call. In this case you should confirm an instance of B is created on Y.

Finally Performance impact

Using SSL of course has a performance impact. 1-way SSL is faster than 2-way SSL. Using encryption is slower than not using encryption. Key length and cipher suites also play a major role in how fast your SSL connection will be. I have not measured the precise cost of the different options, but you should consider what you need and what you are willing to pay for it in terms of performance impact.

  • One way SSL allows the client to verify the server identity (certificate, hostname). The server provides the client with a public key but not the other way around.
  • Two way SSL also allows the server to verify the client. The client also needs to provide a public key.

SSL verifies host identities, keys, certificate chains. It does not allow you to provide (specific user) application authentication or authorization. You could do it with SSL but it would require giving every user a specific certificate. There are better ways to do that such as WS-Security, SAML or OAuth.


If you use a server which has a lot of SSL connections, the random number generator is asked often for a new random number. Random numbers are generated by using entropy (a measure of randomness/disorder), which is a limited resource, especially in virtualized environments.

There is a setting which allows WebLogic server to recycle random numbers at the cost of security (the random number generator becomes predictable). Read more about that here.


Oracle does not recommend using this recycling mechanism in production environments since if you can predict the random number generator, you have introduced a security vulnerability which can be exploited. Next to speeding up SSL connections, your server startup will most likely also be improved.


I’ve not talked about a lot of things such as certificate revocation lists (CRLs). These lists contain keys which have been compromised. Compromised means the private key of a certificate authority has become public. Using the private CA key, someone is able to create new certificates which are being trusted by people who trust the CA. If a person can do such a thing, he is able to gain access to systems. Remember private keys can also be used to decrypt traffic? This is of course an issue on the internet but also when you have your own certificate authority. More generally speaking, if a private key is compromised, all trust should be revoked since you cannot count anymore on that for example a server is the sole owner of the key and is the only one who can decrypt traffic.


Read more about this in the whitepaper here. It requires Oracle Advanced Security (OAS), which is an Oracle Database Enterprise Edition option. The US Government does not allow double encryption (you can imagine why..). If you configure Oracle Advanced Security to use SSL encryption and another encryption method concurrently, then the connection fails. See SSL Usage issues here.

Other things

I have not talked about securing the connection between managed servers in a cluster and between the NodeManager and managed servers. You can read more about that here. Do mind though that using trust can be more efficient than specifically putting every public key in every truststore. Especially when you have many servers.

The post Oracle SOA Suite: Two-way SSL with TLS1.2 made easy (slightly less complicated) appeared first on AMIS Oracle and Java Blog.

Oracle JET Hybrid Mobile Application on Google Play

Andrejus Baranovski - Wed, 2017-05-10 12:57
Oracle JET Hybrid mobile application can be published to Google Play and installed on Android device. We have tested this process from beginning to the end. Of course JET Hybrid mobile app can be published on Apple Store too, but we are using Google Plain and Android for now.

Where to get started if you want to publish your own Oracle JET Hybrid (open source and free to use) mobile app? First of all you need to build APK (if building for Android) file in release mode. Read about it in my previous post - How To Package JET Hybrid Mobile Application for Release (Android Platform).

Search for JellyHouse in Google Play to install and test our JET app:

You can use demo data account redsam/welcome1 to login and check how JET runs on your Android mobile:

Let's walk through the main steps about how to upload and publish JET APK file in Google Play. First of all you need to login into Google Play Developer console and pay license fee 25 USD (if you are publishing first time). Second, prepare APK file compiled in release mode (read above how to do it). APK file typically is located in hybrid folder, build/outputs directory:

In Google Play Developer console create new application - press Create Application button:

Before you could publish APK to Google Play, you will be asked to complete various forms with information about the app, content rating and upload application graphics:

APK file is uploaded under Release Management -> Artifact library:

To verify upload, click on show details icon and you should see additional information for uploaded APK:

There are options to manage test releases. But you could opt out directly for production - this is what I did. Press publish button and wait about 30 - 60 minutes. Status should be changed to published:

Once published, search for your app in Google Play. Google Play for JellyHouse app:

Upgrade to Oracle 12.2 with dbupgrade utility

Yann Neuhaus - Wed, 2017-05-10 10:24

Oracle 12.2 is released and we will have to upgrade. And in this blog we are going to talk about upgrading to oracle 12.2 using the dbupgrade utility.

Of course the dbua tool is still available and can be also used.

Oracle Database 12.1 introduced the Parallel Upgrade Utility, catctl.pl. This utility reduces the total amount of time it takes to perform an upgrade by loading the database dictionary in parallel, and by using multiple SQL processes to upgrade the database.

In Oracle 12.1 catcpl.pl had to be run using perl like
$ORACLE_HOME/perl/bin/perl catctl.pl -n 8 -l /home/oracle catupgrd.log
Starting with Oracle 12.2, we can use dbupgrade utility which starts up catctl.pl instead to run it from perl.

In this article we will describe the steps for upgrade using dbupgrade.

The first step is to run the preupgrade information tool preupgrade.jar tool which replaced the preupgrd.sql and utluppkg.sql scripts. This tool can be run from operating system command line. Remember that in 12.1, the Pre-Upgrade Information Tool was run within SQL*Plus as a SQL file.

Following environment variables must be set. Indeed ORACLE_HOME must point to the earlier release.

[oracle@serveroracle ~]$ export ORACLE_HOME=/u01/app/oracle/product/12.1.0/dbhome_1
[oracle@serveroracle ~]$ export ORACLE_BASE=/u01/app/oracle
[oracle@serveroracle ~]$ export ORACLE_SID=ORCL
[oracle@serveroracle ~]$ export PATH=.:$ORACLE_HOME/bin:$PATH

The preupgrade.jar file is located to the oracle 12.2 $ORACLE_HOME/rdbms/admin. We can execute it using the TERMINAL or FILE options. The TERMINAL option will send output in the terminal and with FILE we will have the output in a file.

oracle@serveroracle:~[ORCL] $ORACLE_HOME/jdk/bin/java -jar /u01/app/oracle/product/ TERMINAL TEXT
Report generated by Oracle Database Pre-Upgrade Information Tool Version
Upgrade-To version:
Status of the database prior to upgrade
Database Name: ORCL
Container Name: ORCL
Container ID: 0
Blocksize: 8192
Platform: Linux x86 64-bit
Timezone File: 18
Database log mode: ARCHIVELOG
Readonly: FALSE
Edition: EE
Preupgrade generated files:

As specified if we want the output in a file, we can use the option FILE instead of TERMINAL. The output directory is $ORACLE_BASE/cfgtoollogs/$ORACLE_SID

[oracle@serveroracle ~]$ $ORACLE_HOME/jdk/bin/java -jar /u01/app/oracle/product/ FILE TEXT
Preupgrade generated files:
[oracle@serveroracle ~]$

Once the execution done, the tool will identify possible issues during the upgrade and will also generate 2 scripts
 preupgrade_fixups.sql: fixes issues that an automated script can fix safely. This script must be run before the upgrade
 postupgrade_fixups.sql: fixes the upgrade issues that can be automatically fixed after the upgrade.
For all other issues we have to manually fix them.

Connected to:
Oracle Database 12c Enterprise Edition Release - 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options
SQL> @preupgrade_fixups.sql

Once done we are ready to run the dbupgrade utility.

Prepare the environment

oracle@serveroracle:/home/oracle/ [rdbm12201] which dbupgrade
oracle@serveroracle:/home/oracle/ [rdbm12201] echo $ORACLE_HOME
oracle@serveroracle:/home/oracle/ [rdbm12201] export ORACLE_SID=ORCL

Copy the parameter file to the oracle 12.2 ORACLE_HOME/dbs

oracle@serveroracle:/home/oracle/ [ORCL] cp /u01/app/oracle/product/12.1.0/dbhome_1/dbs/spfileORCL.ora /u01/app/oracle/product/
oracle@serveroracle:/home/oracle/ [ORCL]

Start the database in the new environment in an upgrade mode

oracle@serveroracle:/home/oracle/ [ORCL] which sqlplus
oracle@serveroracle:/home/oracle/ [ORCL] sqlplus
SQL*Plus: Release Production on Thu May 4 16:24:22 2017
Copyright (c) 1982, 2016, Oracle. All rights reserved.
Connected to an idle instance.
SQL> startup upgrade
ORACLE instance started.
Total System Global Area 394264576 bytes
Fixed Size 8621136 bytes
Variable Size 293602224 bytes
Database Buffers 83886080 bytes
Redo Buffers 8155136 bytes
Database mounted.
Database opened.

And then run the dbupgrade utility

oracle@serveroracle:/home/oracle/upgrade/ [ORCL] dbupgrade -n 2 -l /home/oracle/upgrade
Argument list for [/u01/app/oracle/product/] Run in c = 0
Do not run in C = 0
Input Directory d = 0
Echo OFF e = 1
Simulate E = 0
Forced cleanup F = 0
Log Id i = 0
Child Process I = 0
Log Dir l = /home/oracle/upgrade
Priority List Name L = 0
Upgrade Mode active M = 0
SQL Process Count n = 2
SQL PDB Process Count N = 0
Open Mode Normal o = 0
Start Phase p = 0
End Phase P = 0
Reverse Order r = 0
AutoUpgrade Resume R = 0
Script s = 0
Serial Run S = 0
RO User Tablespaces T = 0
Display Phases y = 0
Debug catcon.pm z = 0
Debug catctl.pl Z = 0
catctl.pl VERSION: [] STATUS: [production] BUILD: [RDBMS_12.] ...
LOG FILES: (/home/oracle/upgrade/catupgrd*.log)
Upgrade Summary Report Located in:
Grand Total Upgrade Time: [0d:1h:38m:21s] oracle@serveroracle:/home/oracle/upgrade/ [ORCL]

Once the upgraded finished without errors, we can run the postupgrade_fixups.sql.

SQL*Plus: Release Production on Thu May 4 23:17:10 2017
Copyright (c) 1982, 2016, Oracle. All rights reserved.
Connected to:
Oracle Database 12c Enterprise Edition Release - 64bit Production
SQL> @postupgrade_fixups.sql

Hope that this article will help


Cet article Upgrade to Oracle 12.2 with dbupgrade utility est apparu en premier sur Blog dbi services.

Introducing the New Digital Asset Management Feature Set for Oracle Content and Experience Cloud

WebCenter Team - Wed, 2017-05-10 09:04

Authors: Mark Paterson and Marc-Andre Houle, Oracle Content and Experience Cloud Product Management

Enterprise users of Oracle Content and Experience Cloud can now easily review, and collaborate on digital assets. Creative teams can now take advantage of great new digital asset management features including:

  • A new digital assets area where teams can easily search, access, and view assets— such as corporate graphics, designs, logos, stock photography, videos, presentations, documents, audio, and more
  • Ability to author structured content likes blogs and news articles with different layouts tailored for different channel delivery
  • Collections gives teams a way to organize needed assets for a new site, marketing campaign, or project
  • Streamlined and simplified asset approval workflow and publishing

Check out our latest HOW TO video to learn more about our new Digital Asset Management and Content Item features:

If you need to collaborate on the go we’ve made sure that right from your mobile device, you are still able to manage and approve your company’s valuable digital assets as well as contribute new assets using your device.

  • Masonry view which optimizes the viewing experience
  • Preview and move seamlessly from asset to asset like a slide show using an enhanced asset previewer
  • Contribute images and videos taken right from your mobile device
  • Real time alerts when assets are awaiting their review

Take a closer look at these Digital Asset Management features available to mobile users in action:

Don’t have Oracle Content and Experience Cloud yet? You can start a free trial immediately. Visit cloud.oracle.com/content to get started on your free trial today.

You can always find Oracle Content and Experience Cloud mobile app in both the AppStore and Google play.



Whoa! Release News for PHP OCI8, node-oracledb, Python cx_Oracle, Instant Client and ODPI-C

Christopher Jones - Wed, 2017-05-10 07:57

I'm just catching up on some releases that happened prior/during my vacation. Here are some things you may have missed tweets on:

  • PHP OCI8 2.1.4 for PHP 7 was released to PECL. This version corresponds to the OCI8 code in PHP 7.0.18 and 7.1.4. If you are on earlier versions, you should upgrade to avoid an uninitialized memory issue, which is bound to cause random things when you least want them.

  • Node-oracledb 1.13.1 was released, fixing a regression binding NULL to PL/SQL procedures.

  • An Instant Client Docker image was released on the Docker Store and on the Oracle Container Registry. This image has the Basic, SDK and SQL*Plus packages, making it ideal for deploying your favorite scripting language.

  • Python cx_Oracle 6.0 Beta 1 was released to PyPI. More on this in a future dedicated post. In brief, there was an underlying re-architecture. The full release notes are here. Install it with python -m pip install cx_Oracle --pre and let us know what you find.

  • ODPI-C 2.0 Beta 3 was released on GitHub. There were a few tweaks that you can read about here.

Yes, it has been busy.

Quantum Space

Jonathan Lewis - Wed, 2017-05-10 07:31

Here’s a not very serious note that makes a serious point.  I’ve got a small tablespace made up of 4 files, and here’s a little report I can run against the data dictionary for that tablespace:

select 'File space' What, nvl(sum(user_bytes)/1048576,0) MB from dba_data_files where tablespace_name = 'LOB_TEST'
union all
select 'Free space',      nvl(sum(bytes/1048576),0)         from dba_free_space where tablespace_name = 'LOB_TEST'
union all
select 'Extents',         nvl(sum(bytes/1048576),0)         from dba_extents    where tablespace_name = 'LOB_TEST'
union all
select 'Segments',        nvl(sum(bytes/1048576),0)         from dba_segments   where tablespace_name = 'LOB_TEST'

The name of the tablespace isn’t significant – it happens to be a tablespace I created to do some tests relating to space allocation with securefile LOBs, and it’s been hanging around ever since.

The query first reports the “user” space defined by the files – remember that there will be some space for header information and other metadata, and there may be some space near the end of the file which is smaller than the minimum extent allowed for that tablespace.

After the statement of total possible usable space we get: the free space, the space taken up by used extents, and the space taken up by segments.

Here’s the result I get currently:

WHAT               MB
---------- ----------
File space        196
Free space        196
Extents             0
Segments          196

The total usable space is 196MB, of which 196MB are free with no space allocated to extents — except 196MB HAS been allocated to segments. Depending how you look at it the tablespace is either full, or empty.

If you’re in the know the puzzle resolves itself if you query for the segment names, which look like: “BIN$TrDKUCvcVQbgUwEAAH9K2Q==$0” – I have one segment that is in the recycle bin, so I can recover it from the bin if I need it, but until I do Oracle can reuse the space if it wants it. Like Schrodinger’s cat the objects is both alive and dead until someone decides to peek.

After a call to “purge recyclebin” the result changes to:

WHAT               MB
---------- ----------
File space        196
Free space        196
Extents             0
Segments            0

On a production system you might need to issue “purge dba_recyclebin” (if you have the appropriate privilege) to resolve the apparent contradiction as the call to “purge recyclebin” applies only to objects in your own schema.

This note was prompted by a question on the OTN database forum about contradiction between a traditional SQL statement to report free and used space and a screen dump from Enterprise Manager.  I don’t think the thread reached a firm conclusion – but apart from the potential for the recyclebin to confuse the issue, there are extra possibilities thanks to auto-extensible data files, and the Enterprise Manager’s scope for querying a complete different set of views such as dba_tablespace_usage_metrics and v$filespace_usage. In fact the EM code clearly had at least one error in it (which makes any of its results suspect) because it managed to report the critical tablespace as 390% used!



Oracle API Platform Cloud Enables Customers to Drive Business Transformation and API-First Thinking

Oracle Press Releases - Wed, 2017-05-10 07:00
Press Release
Oracle API Platform Cloud Enables Customers to Drive Business Transformation and API-First Thinking Helps developers monetize new opportunities and deliver better customer experiences

Redwood Shores, Calif.—May 10, 2017

Oracle today expanded Oracle Cloud Platform’s integration offerings with the availability of Oracle API Platform Cloud Service. Bringing together leading API-first design and governance capabilities from recently acquired Apiary and API management from Oracle, the new cloud service delivers end-to-end capabilities for designing, prototyping, documenting, testing, and managing the proliferation of critical APIs. Through a completely new and simplified API management experience, users can easily support changing business demands while having clear visibility into who is using APIs for better control and monetization of digital assets.

“Data is the new corporate currency and APIs are critical to business modernization and agility, enabling users to easily connect and share key information across applications and devices—mobile, IoT, in the cloud or on-premises,” said Amit Zavery, senior vice president, Oracle Cloud Platform. “The Oracle API Platform Cloud enables developers to capitalize on new opportunities by enabling users to simply and securely manage the entire lifecycle of their APIs.”

Part of the Oracle Cloud Platform, Oracle API Platform Cloud Service is designed to eliminate the complexities associated with transforming on-premises API solutions into the cloud, so companies can thrive in the digital economy. Users can grant external developers and partners access to data locked behind firewalls, inside applications, and within data stores, enabling them to power a larger community to innovate and develop new monetization strategies. It also empowers developers to manage different interfaces for a variety of audiences using advanced, but easy-to-use, API management capabilities.

“As organizations continue to adopt not one but multiple cloud vendors, information has never been more federated. Real time access to such assets via APIs has therefore become a priority for our customers,” said Luis Weir, Chief Architect, Application Services, Capgemini UK. “Oracle API Platform Cloud Service delivers a pure-play third-generation API solution capable of creating and managing APIs that run in any vendor’s cloud and/or on-premises—while keeping the entire platform operations and API lifecycle central in the Oracle Cloud. The incorporation of Apiary into the platform, only makes it better as developers also get the tools they need to help ensure that those APIs are well designed, documented and are easy to consume.”

“Customers want to unlock the value in their systems by delivering APIs to internal developers and even customers to re-invent and remix critical business functions,” said Steve Giovannetti, CTO and Founder, Hub City Media. “Oracle API Platform Cloud reduces the administrative burden of launching services by handling API discovery, security, throttling, and versioning in an innovative hybrid cloud solution.”

“Trunk Club has been able to develop new solutions quickly with Oracle Apiary,” said Brian Lee, engineering manager at Trunk Club. “Originally, a lack of API documentation left a lot of room for interpretation, but since implementing Oracle Apiary, API documentation has been a game changer. Front-end and back-end teams have been able to focus on better API design, and the integrated mock server has allowed us to develop in parallel. Not only has development time gone down, but using Oracle Apiary also brought the architecture and payload discussion earlier in the development process, making it easier for us to collaborate across teams and platforms.”

Key capabilities in the Oracle API Platform Cloud Service include:

  • Design: Collaborate company and customer requirements via API Descriptions and Build API semantic guides for governance and control.
  • Build: Create APIs on top of existing services to enable access to data formerly locked inside legacy apps and data stores.
  • Security Features: Assign industry-standard security and threat protection to APIs with no coding, including OAuth 2.0, IP filtering, and rate limiting.
  • Hybrid Deployment: Choose to deploy the gateway on-premises, in Oracle Cloud or through third-party clouds with the ease of a single-click. Create API policy once, deploy everywhere—a rich lifecycle management tool.
  • Publish: Browse a comprehensive list of proven APIs from Oracle, the community, and your own organization.
  • Consume: Register third-party apps easily to allow them the same seamless API utilization as pre-loaded Oracle SaaS APIs.
  • Monitor: View operational API metrics on a single dashboard to take action quickly.

When used in combination with Oracle’s larger cloud portfolio, Oracle API Platform Cloud can deliver API management as part of a comprehensive and unified PaaS solution to simplify the use of API-related tools including identity management, process management, content management, integration and applications development.

Contact Info
Nicole Maloney
Kristin Reeves
Blanc & Otus
About Oracle

The Oracle Cloud delivers hundreds of SaaS applications and enterprise-class PaaS and IaaS services to customers in more than 195 countries while processing 55 billion transactions a day. For more information about Oracle (NYSE:ORCL), please visit us at cloud.oracle.com.


Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Safe Harbor

The preceding is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle's products remains at the sole discretion of Oracle Corporation. 

Talk to a Press Contact

Nicole Maloney

  • +1.415.235.4033

Kristin Reeves

  • +1.415.856.5145

Video: CQRS or CRUD: Modeling Enterprise Applications

OTN TechBlog - Wed, 2017-05-10 07:00

Java Champion Sebastian Daschner discusses the Command Query Responsibility Segregation (CQRS) method for modeling enterprise applications, and how it compares to the create, read, update, and delete (CRUD) method, particularly with regard to event sourcing.

Sebastian has been a very busy guy, having presented sessions at the Oracle Code events in New York, Toronto, and London, and even found time to record a 2 Minute Tech Tip on boosting your JavaEE productivity with Live Templates. You'll find links to that video and other resources below.

Additional Resources

How to make rows to columns

Tom Kyte - Wed, 2017-05-10 04:46
Hi Tom, <code>create table emp_det ( name varchar2(15), occupation varchar2(15) ); insert into emp_det values('samantha','doctor'); insert into emp_det values('julia','actor'); insert into emp_det values('maria','actor'); insert into emp_...
Categories: DBA Blogs


Subscribe to Oracle FAQ aggregator