Oracle9i Application Server Release 2
by
LTC
John Garmany
2008 Update
- For a complete treatment of the topic of Oracle security on
the web, see these books and resources:
Oracle Forensics, by Paul M. Wright, Rampant TechPress
Oracle Privacy Security Auditing, By Arup Nanda, and
Donald K. Burleson, Rampant TechPress
The
evolution of successful, streamlined business applications has
been challenged by the difficulty of integrating them with
complex network architectures. The tools necessary for the
application to communicate between separate frameworks have been
difficult to coordinate into a seamless system. Oracle designed
the Oracle9i Application Server (Oracle Application Server) with the objective
of unifying all the diverse elements of the e-business
application into a single efficient, reliable, and secure
server.
Oracle Application Server has revolutionized the industry by being the first
product to integrate the technology required to develop and
deploy business portals, transactional applications, and Web
services. It has accomplished all this while still managing to
be the fastest and most reliable J2EE certified application
server on the market.
Oracle Application Server provides a unified method of developing, deploying,
and managing applications on the total network, including the
Internet and intranet, in a single package. Oracle Application
Server was
designed to comply 100 percent with standards. It gives
developers the ability to create a wide variety of Internet
applications, including dynamic and static Web sites, J2EE
applications, Web services, enterprise portals, and wireless
business intelligence applications. Oracle Application Server contains
enterprise-level support for fault tolerance, clustering, online
upgrades, and maintenance, and can scale from a single CPU to
multiple CPUs.
Oracle
believes that applications should be based on an application
server rather than the desktop to meet the demands of ubiquitous
Internet access. This implementation allows the application to
take advantage of the additional information-sharing
capabilities available to a dedicated server. Once deployed, the
application can communicate easily with other servers. The
business runs more efficiently because the service-based
architecture (such as Web services) eliminates human
intervention. The network is all around us, and the mobile
access from handheld phones, Palm Pilots, and laptops, as well
as access from traditional desktop computers, will have to be
seamless and efficient to be useful. The Oracle application
server offers a business streamlined client communications by
linking efficiently and securely to both internal and external
networks.
Performance of Oracle Application Server
The
application server has to be robust, capable, and efficient to
support the growing trend in communications complexity.
Oracle Application Server runs standard J2EE and Web Services very efficiently.
This highly optimization facility extends to all the additional
frameworks using the infrastructure for other services such as
portals and business intelligence.
The
Oracle Application Server Web Cache further enhances performance by
significantly reducing the need to regenerate information. The
Web Cache is positioned in front of the HTTP server and stores
both static and dynamic Web content. It has a number of unique
features, including partial-page caching, content-aware Web
Server load balancing, the ability to cluster Web caches so that
multiple caches operate as a single logical cache, and the
ability to cache content from third party servers such as Sun
Solaris,
IBM
AIX, BEA, and others. Internal Oracle tests reveal that adding
the Oracle Application Server to a three-tier application (client, application
server, database) can reduce the load on the database backend
database by 95 percent. The Web Cache feature has a dramatic
impact on the ability of the application to scale to meet
growing e-business demands.
Scalability of Oracle
Application Server
A high
performance application server must be able to respond to
increasing user needs. Oracle Application Server meets this requirement by
internally coordinating the use of available memory and CPU
resources through load-balancing and connection routing/pooling.
The state failover capability makes it possible to run the same
application on single CPU machines or high end
SMP-clustered
systems without changing the application.
Moreover, a single system can run multiple application servers,
which in turn can run multiple Java Virtual Machines (JVM). This
allows separate Oracle Application Server instances to be clustered,
transparently distributing the workload within the cluster. This
configuration also supports Session State replication and
Application Failover for both servlets and Enterprise Java
Beans.
There
are several high-availability features that are fundamental to
the ability of Oracle Application Server to scale. These features include
automatic connection rerouting, death detection, and automatic
restart, as well as the ability to integrate with the Oracle
Database Transaction Application Failover (TAF). Add to this
impressive list the further capabilities of deploying and
updating applications while the server is running, and upgrading
the server within a cluster (Rolling Upgrades), and we can begin
to appreciate why Oracle Application Server has virtually no downtime.
Oracle Application Server Security
Security is a significant concern with any application on the
Web, and Oracle Application Server has an integrated security infrastructure
that supports third party and custom applications.
Oracle Application Server Single Sign-On is a key security component. It makes
it possible for a user to sign on to the AS once and access not
only the available internal applications, but also external
applications using an HTTP security interface. The administrator
need only enter the user's credentials once, and the application
server will validate the user and provide access to authorized
components. Oracle Application Server also supports Java's Authentication and
Authorization Service (JAAS).
To this
enterprise level infrastructure Oracle adds a powerful set of
facilities to support the development, deployment and management
of e-business applications.
Oracle Application Server for the Developer
Oracle
has made an extensive effort to insure that application
deployment onto the AS is seamless. Oracle Application Server is fully
compatible with J2EE version 1.3 and provides complete support
for the J2EE 1.3 APIs, including Java Server Pages and
Enterprise Java Beans. The AS is also integrated with most Java
developer tools and J2EE application frameworks.
The
programmer can develop and debug the application within a Java
IDE using the Oracle Java Container. The Java Container enhances
performance and efficiency by auto compiling Java Server Pages
and servlets. It also allows the developer to hot deploy an
application into the container without restarting.
The
Oracle AS works well with many third party development tools,
but it is also closely linked to the Oracle JDeveloper. The
JDeveloper offers a business an end-to-end solution for placing
their application in a J2EE environment from development through
deployment. The JDeveloper provides the developer with several
powerful tools, such as profilers, UML modeling, Business
Components, and Web Services-based standard J2EE design
patterns. The extensive Java XML capabilities are also fully
integrated.
Web
Services
Oracle Application Server fully supports the emerging Web Services standards
for creating service-oriented applications. This includes simple
Web services communication standards such as SOAP, WSDL, and
UDDI, the complete implementation of XML and Java, and
interoperability with the Microsoft .Net frameworks. The
integration of JDeveloper with the application server provides a
complete infrastructure for developing, deploying, and managing
Web Services. Web services management has also been integrated
into the Oracle Enterprise Manager.
Enterprise Portals
Enterprise portals provide a secure, personalized place for
organizations to find information and applications. Oracle
Application Server
Portal is a browser-based environment for creating enterprise
portals in a secure and manageable setting. It provides a total
solution right out of the box. End-users utilize the browser
wizard to quickly develop and customize pages that meet their
individual preferences. The combined features of Single Sign On,
Oracle's UltraSearch, content classification, directory
integration, and security provide the total portal framework.
Wireless
Wireless communication puts the network everywhere, and it can
touch everything you own. The successful e-business needs to
take advantage of the potential for being connected anywhere,
from the phone that surfs the Web, and the DBA who checks the
database with a Palm Pilot, to the laptop user that orders on
the Web while having a coffee at Starbucks.
The
Oracle Application Server "Any Network, Any Device, Any Gateway" fulfills this
potential by insuring that any device, network, or wireless
protocol can access the application. Using a standards-compliant
J2EE and XML programming model, the Oracle AS allows the
developer to create and manage applications that can be accessed
by the whole spectrum of wireless devices. It isolates the
application from the complexity of the wireless protocol by
providing an intermediate layer that translates the application
XML into the correct format using style sheets. The AS can
respond to many separate devices and protocols requesting the
same information because of its ability to cache sets of
application data in XML format. This facilitates scalability and
enhances performance. Oracle can even interact with VoiceXML
gateways, allowing users to authenticate by voiceprint!
Integration
Integration means bringing all the separate applications and
information systems together into a single connected
environment. Oracle Application Server provides the necessary infrastructure to
link these separate systems into an e-business solution.
The
Oracle InterConnect architecture allows a business to model,
monitor, and manage the integration of separate applications
(including external applications such as SAP or PeopleSoft). The
InterConnect system is very flexible allowing for applications
that are changed or upgraded. It promotes reuse and reduces
complexity, requiring only a limited amount of coding. The
developer can use HTML wizards to model business processes, data
transformations, and system-integrating end-points, as well as
to monitor data and message flow between systems and business
operations. A J2EE-compliant Integration Manager monitors data
as it flows through the application server, executing
integration processes with stored metadata and communicating
with external applications through Connectors/Adapters. These
Connectors/Adapters use standard protocols and enforce security
standards, particularly B2B standards. A business that uses
Oracle9i InterConnect can integrate legacy systems, enterprise
applications, and databases (whether Oracle or not) into a
single infrastructure.
Business Intelligence
Business intelligence means determining how a user is
interacting with a Web site by tracking his activity, responding
with personalized content, and providing the business with
decision support facilities. Oracle facilitates business
intelligence with a variety of important features.
Oracle Application Server Clickstream Intelligence gathers aggregate
information from a Web site, such as throughput, performance,
traffic patterns, page effectiveness, and number of new and
repeat customers. It is able to uniquely identify users and
generates standard and user-defined reports. This is
accomplished by utilizing advanced data warehousing capabilities
to analyze Web Server Logs, browser cookies, query data, etc.
Oracle Application Server Personalization uses a Data Mining Driven
Recommendation Engine to analyze individual Web site users and
supplies unique recommendations based on specific behavior.
Personalization does not have to sort through massive amounts of
"click" data generated on a high traffic Web site because it
monitors only specific areas of the site that have been
instrumented. It is both efficient and scalable because it
stores data in an Oracle9i database.
The
Oracle Application Server Discoverer retrieves business information from all
integrated systems and applications. This is a powerful tool
that analyzes and queries the whole e-business system, providing
access to decision support information.
The
Oracle Application Server Reports Services can put all this information
together in reports that are built and distributed dynamically.
Reports Services will create reports with any data and with any
output format.
Oracle Application Server provides a whole range of tools for an organization
to capture business intelligence about how both they and their
users use the Web site.
Coming Attractions
Oracle
never allows product development to stand still, and even with
an impressive array of features, Oracle Application Server is no exception. The
next release is due early in 2003. TopLink has already been
integrated into 9iAS, giving developers an easy method of
mapping J2EE elements to JDBC databases. Businesses can expect
the pending release to offer still further enhanced integration
capabilities and simplified application development and
deployment. Oracle Application Server is already the best and fastest in the
industry, and promises to just keep getting better.
and include the URL for the page.
