|Oracle® Fusion Middleware Mobile Developer's Guide for Oracle Application Development Framework
11g Release 2 (18.104.22.168.0)
Part Number E24475-01
|PDF · Mobi · ePub|
This chapter describes how application features with content from remote URLs can access (or be restricted from) device services.
This chapter includes the following sections:
By configuring the content type for an application feature in the overview editor for the
adfmf-feature.xml file as Remote URL as described in Section 5.9.1, "How to Define the Application Content," you create a browser-based application that is served from the configured URL. Such server-hosted applications differ from applications written in ADF Mobile AMX or a platform-specific language such as Objective-C in two ways: they are intended for occasional use and cannot access the device memory or services directly, as these interactions are contingent upon the capabilities of the device browser.
Browser-based applications targeted for smartphones are authored with Apache Trinidad components (described at
http://myfaces.apache.org/trinidad/) to enable proper rendering of a variety of feature phones and smartphones. An application that runs on a tablet can be created in the same manner as an ADF desktop web application.
Oracle recommends using ADF Mobile browser for application features that derive their content from remote URLs. ADF Mobile browser applications are comprised of JSF pages populated with Apache Trinidad components. For more information, see Oracle Fusion Middleware Mobile Browser Developer's Guide for Oracle Application Development Framework.
ADF Mobile supports the concept of whitelists, a registry of URLs that open within the application web view and can access various device services, such as GPS, a camera, or a file system. If a web page is not included on a whitelist (that is, it is not whitelisted), the ADF Mobile PhoneGap implementation opens a web page in the device browser (such as Safari) instead. Without whitelisting, a remote web page cannot open within a web view.
By default, the domains defined in the
connections.xml file, the repository for all of the connections defined in the ADF Mobile application, are whitelisted automatically. These connections are defined using the Create URL Connection dialog, shown in Figure 12-4. ADF Mobile parses the domain from each of the connection strings and adds these domains to the whitelist.
JDeveloper then populates the
connections.xml file, located in the Application Resources panel, with the connections information and also creates the connection resources, such as oracle and connection 1 in Figure 12-2.
Only whitelisted domains open in the web view; all other (non-whitelisted) domains open in the device browser.
By editing the
adfmf-application.xml file, shown in Figure 12-2, you can restrict access to the PhoneGap-enabled device services on a per-application feature basis. By default, all application features have such access, meaning that any whitelisted domain configured for the ADF Mobile application can also access the device. In addition to the domains that ADF Mobile includes from the
connections.xml file, you can also whitelist domains using the Security page of the
adfmf-application.xml file, as described in Section 12.3.2, "How to Create a Whitelist."
The Source editor illustrated in Figure 12-2 shows the
<adfmf-feature-reference> element populated with the
allowDeviceAccess attribute. JDeveloper populates all application features with remote URL content with this attribute, which by default, is set to
true. This default setting signifies that all URLs can access the PhoneGap APIs.
Before you begin:
Using the overview editor for the
adfmf-feature.xml file (located in the Application Navigator in the Project panel under the View Controller and META-INF nodes), you must designate the content for an application as Remote URL and then create the connection as described in Section 5.5.1, "How to Designate the Content for a Mobile Application."
Open the overview editor for the
adfmf-application.xml file by double-clicking the
adfmf-application.xml file (located Application Resources panel under the Resources and ADF META-INF nodes, as shown in Figure 12-2).
You can use the Source editor, Structure Window, and the Properties editor to configure this attribute.
To restrict access to device services:
adfmf-application.xml file and then open the Feature References page.
Using the dropdown menu from the Allow Device Access column of the Feature References table, change the default value (
<default> true) to
false, as shown in Figure 12-3.
You configure the whitelist in the Security page of
adfmf-application.xml, shown in Figure 12-4.
Before you begin:
Be aware that some URLs configured in the ADF Mobile application may open to other domains.
To create whitelists:
adfmf-application.xml file and then select the Security page.
Click Add and then enter the domains that can be called from within the web view of the application feature. These domains can include a wildcard (*). For example,
*.example.com is a valid domain entry as is
*.example.*. You cannot enter a fully qualified path.
Entering only the wildcard allows the web view to request all domains and can pose a security risk; adding all domains to the whitelist not only enables all of them to open within the web view, but also enables all of them to access the device (whether or not it is intended for them to do so).
When you add a domain, JDeveloper updates
<adfmf:remoteURLWhiteList> element as illustrated in Example 12-1.
Some URLs are redirected to a URL that may not be part of the whitelist domain. These URLs may open in the device browser rather than the application web view. For example, if you whitelist
<adfmf:domain>www.oracle.com<adfmf:domain>) and open that site on the device, ADF Mobile redirects to the mobile version of this site (
www.oracle.mobi), because it does not pass the whitelist. Figure 12-5 shows a web page that has not been whitelisted and has opened within the device browser.
www.oracle.com to open within the application web view, you must specify
www.oracle.* as shown in Example 12-1.
Because ADF Mobile whitelist is at the domain-level, you cannot restrict an individual page within a whitelisted domain from opening with an application feature web view; all pages are allowed.
Use a whitelist for pages that contain links to URLs that point to another domain. Such pages would otherwise open in the device browser instead of the ADF Mobile web view. In such a case, you can create an anchor tag or an
<amx:goLink> component with a
url attribute for the
<amx:goLink> component that points outside of the application, such as the
url attribute in
<goLink2> in Example 12-2.
Example 12-2 <amx:goLink> with a url Parameter
<?xml version="1.0" encoding="UTF-8" ?> <amx:view xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:amx="http://xmlns.oracle.com/adf/mf/amx" xmlns:dvtm="http://xmlns.oracle.com/adf/mf/amx/dvt"> <amx:panelPage id="pp1"> <amx:panelGroupLayout id="panelGroupLayout1"> <amx:goLink text="This opens in the device browser" id="golink1" url="http://www.example.com" shortDesc="Opens in device browser"/> <amx:goLink text="This opens in the web view" id="golink2" url="http://www.example2.com" shortDesc="Accesses device services"/> </amx:panelGroupLayout> </amx:panelPage> </amx:view>
ADF Mobile enables you to add a navigation bar with buttons for back, forward, and refresh actions for application features implemented as remotely served web content that open within the ADF Mobile web view, as shown in Figure 12-6. The forward and back buttons are disabled when either navigation forward or back is not possible.
The back button is disabled on Android-powered devices.
You enable users to navigate through, or refresh remote content through the Content tab of the overview editor for the
Before you begin:
Designate an application feature's content be delivered from a remotely hosted application by first selecting Remote URL and then by creating the connection to the host server, as described in Section 5.9, "Defining the Content Types for an Application Feature."
Ensure that the domain is whitelisted.
To enable a navigation bar:
Select the Remote URL application feature listed in the Features table in the
Select Show Browser Navigation Buttons, as shown in Figure 12-7.
JDeveloper updates the
adfmf:remoteURL element with an attribute called
showNavButtons, which is set to
true, as shown in Example 12-3.
Example 12-3 The showNavButtons Attribute
<?xml version="1.0" encoding="UTF-8" ?> <adfmf:features xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:adfmf="http://xmlns.oracle.com/adf/mf"> <adfmf:feature id="oraclemobile" name="oraclemobile"> <adfmf:content id="oraclemobile.1"> <adfmf:remoteURL connection="connection1" showNavButtons="true"/> </adfmf:content> </adfmf:feature> </adfmf:features>
After you deploy the application, ADF Mobile applies the forward, back, and refresh buttons to the web pages that are traversed from the home page of the Remote URL application feature, as shown in Figure 12-8.