Application attributes apply to an entire application. Once you create an application, the next logical step is to review and possibly update application attributes.
Topics in this section include:
See Also:
"How to Create a Packaged Application" for information on using the Supporting Objects utility to create a packaged applicationYou use the attributes on the Edit Definition page to control the application name and availability and to define static substitution strings. Additionally, the Edit Definition page displays defined build options, the associated theme, template defaults, and component defaults. Required values are marked with a red asterisk (*).
Topics in this section include:
To edit the application definition:
On the Workspace home page, click the Application Builder icon.
Select an application.
Click Shared Components.
The Shared Components page appears.
Under Application, click Definition.
The Edit Definition page appears.
Tip:
You can also access the Edit Definition page by clicking the application name at the top of the Application home page.The Edit Definition page is divided into the following sections: Name, Availability, Global Notification, Substitutions, Logo, Build Options, Theme, Template Defaults, and Component Defaults. You can access these sections by scrolling down the page, or by clicking a navigation button at the top of the page.
When you select a button at the top of the page, the selected section appears and all other sections are temporarily hidden. To view all sections of the page, click Show All.
The following sections describe the attributes available on the Edit Definition page.
Topics in this section include:
Use Name to define basic characteristics of your application, including the application name, an optional alphanumeric alias, and a version number. Table 4-1 describes all Name attributes.
Table 4-1 Application Definition Attributes
Attribute | Description |
---|---|
Provides a short descriptive name for the application to distinguish it from other applications in your development environment. |
|
Assigns an alternate alphanumeric application identifier. You can use this identifier in place of the application ID.For example, suppose you create an alias of
See Also: "Using f?p Syntax to Link Pages" |
|
Includes the application's version number on a page. You can also automatically tie the version to the date of last modification using the following format masks:
If your application version uses YYYY.MM.DD, then Application Builder replaces this format mask with the date of last modification of any application attribute. |
|
Enter the Internet Media Type. An Internet Media Type is two-part identifier for file formats on the Internet. A Media Type is composed of at least two parts: a type, a subtype, and one or more optional parameters. This Media Type is used in the Content-Type HTTP header when rendering the page. The page-level Media Type overrides the application-level Media Type. The default value for this attribute is |
|
Determines the virtual path the Web server uses to point to the images directory distributed with Application Builder. During installation, the virtual path is configured as When embedding an image in static text (for example, in page or region headers or footers), you can reference an image using the substitution string
<img src="#IMAGE_PREFIX#go.gif">
See Also: "IMAGE_PREFIX", "Managing Images", and "Referencing Images" |
|
Use this field to specify a proxy server. For example, you may require a proxy server when using a region source type of URL. The URL region source embeds the results of the URL (that is, the page returned by navigating to the URL) as the region source. If you use a firewall and the target of a URL is outside the firewall relative to Application Builder, you may need to specify a proxy server. You can reference values entered into this field from PL/SQL using the PL/SQL package variable |
|
Determines whether user activity is recorded in the Oracle Application Express activity log. When set to Yes, every page view is logged, enabling an administrator to monitor user activity for each application. Disabling logging may be advisable for high volume applications. |
|
Controls debug mode for the current application. Available options include:
Running an application in debug mode is useful when an application is under development. However, for a production application, it is a good idea to disable debugging and thus prevent users from viewing application logic. |
|
Specifies the schema that all SQL and PL/SQL in the application is parsed as. You may use the |
|
Determines if exact substitutions are supported. Use exact substitutions. Non-exact substitutions is a deprecated feature. Exact substitutions use the following sytnax: &ITEM. Non-exact substitutions use the following sytnax: &ITEM |
|
Displays the application group currently associated with this application. To select another application group, make a selection from the list. To remove an application from an existing group, select Unassigned. See Also: "Creating Applications Groups" |
Use Availability attributes to manage your application by defining an application status and build status. For example, if you select the status Restricted Access, you can specify which users have access and can run the application. Table 4-2 describes these attributes.
Table 4-2 Application Availability Attributes
Attribute | Description |
---|---|
Specifies whether the application is available or unavailable for use. Options include:
See Also: "Changing Build Status for Multiple Applications" in Oracle Application Express Administration Guide, "Changing Application Build Status Set During Deployment" in Oracle Application Express Administration Guide, and "Controlling Access to Applications, Pages, and Page Components", |
|
Identifies the build status of the current application. Options include:
See Also: "Changing Application Build Status Set During Deployment" in Oracle Application Express Administration Guide |
|
Use this attribute in conjunction with Status. If you set Status to Unavailable, Unavailable (Status Shown with PL/SQL), or Unavailable (Redirect to URL), the text you enter in this attribute displays. If you set Status to Available, the text you enter in this attribute does not display. |
|
Restrict to comma separated user list (status must equal Restricted Access) |
Use this attribute in conjunction with the Status Restricted Access. If you set Status to Restricted Access, only the users listed in this attribute can run the application. To use this attribute:
|
You can use the Global Notifications attribute to communicate system status to application users. For example, you can use this attribute to notify users of scheduled downtime, or communicate other messages regarding application availability. If the page templates used in your application contain the #GLOBAL_NOTIFICATION#
substitution string, the text entered here will display in that string's place.
To create a global notification:
Include the #GLOBAL_NOTIFICATION#
substitution string in your page template.
Navigate to the Edit Definition page and enter a message in the Global Notifications attribute.
Click Apply Changes.
Use these fields to define static substitution strings for your application. You can use static substitution string for phrases or labels that occur in many places within an application. To create a substitution string, enter the string name in the Substitution String column and the string value in the Substitution Value column.
Defining static substitution strings centrally enables you to change text strings in multiple places in your application by making a single change to the Substitution Value defined on this page.
See Also:
"Understanding Substitution Strings"Use Logo attributes to define an application logo. An application logo can be text-based or image-based. To use this feature, your page template must include the #LOGO#
substitution string.
To define an application logo:
For Logo Type, select one of the following:
Select Image to use an image for the application logo.
Select Text to use text for the application logo.
In Logo, enter the following:
For an image, enter the complete image name, including the filename extension. For example:
/i/oracle.gif
For text, enter the full text string. For example:
Sample Application
In Logo Attributes, enter the appropriate attributes for the logo.
Image example:
width="100" height="20" alt="Company Logo"
Text example:
style="font-family:Arial; color:#000000; font-size:18; white-space:nowrap; font-weight:bold;"
Displays existing build options. Most applications have a build option attribute. Build Options have two possible values: INCLUDE
and EXCLUDE
. If you specify an attribute to be included, then the Application Express engine considers it at run time. However, if you specify an attribute to be excluded, then the Application Express engine treats it as if it did not exist.
Do not specify a build option unless you plan to exclude that object from specific installations.
Displays the current theme applied to the application. Themes are collections of templates that can be used to define the layout and style of an entire application. Each theme provides a complete set of templates that accommodate every user interface pattern that may be needed in an application.
See Also:
"Managing Themes"Lists the default templates for this application. To specify a default template at the application level, you can either:
Select a new theme. See "Switching the Active Theme".
Select a new default page template on the Create/Edit Theme page. See "Changing the Default Templates in a Theme".
You can also override this default by making a selection from the Page Template list on the Page Attributes page.
Table 4-3 describes template defaults for the current application.
Table 4-3 Application Template Defaults Attributes
Attribute | Description |
---|---|
Indicates the default page template to display pages. You can override this selection by making a selection from the Page Template list on the Page Attributes page. See Also: "Editing Page Attributes" |
|
Identifies the template to be used when the Application Express engine is in printer friendly mode. When calling the Application Express engine to render a page, you have the option to specify whether the page should be displayed using the Print Mode Page Template specified. If you specify Yes, then the page displays using a printer friendly template. The Application Express engine displays all text within HTML Form Fields as text. The printer friendly template does not need to have the See Also: "Optimizing a Page for Printing" |
|
Optional. Specifies a page template to use for errors that display on a separate page, as opposed to those that display inline. |
Displays the default templates used when running wizards. You can override these settings on the attributes page for each control or component. Table 4-4 describes component defaults for the current application.
Attribute | Description |
---|---|
Default calendar template used when you create a calendar. |
|
Default label template used when you create page items. |
|
Default report template used when you create report. |
|
Default template used when you create a list. |
|
Default template used when you create a breadcrumb. |
|
Default template used when you create buttons that are template controlled. |
|
Default template used when you create a region. |
|
Default region template used when you create a chart. |
|
Default region template used when you create a form. |
|
Default region template used when you create a report. |
|
Default region template used when you create a tabular form. |
|
Default region template used when you create a wizard component. |
|
Default region template used when you create a breadcrumb. |
|
Default region template used when you create a list. |
You can provide security for your application by configuring attributes on the Edit Security Attributes page. The Security Attributes you choose apply to all pages within an application.
Topics in this section include:
See Also:
"Managing Application Security"To access the Edit Security Attributes page:
On the Workspace home page, click the Application Builder icon.
Select an application.
Click Shared Components.
The Shared Components page appears.
Under Security, click Edit Security Attributes.
The Edit Security Attributes page appears.
The Edit Security Attributes page is divided into the following sections: Authentication, Authorization, Database Schema, Session State Protection, and Virtual Private Database. You can access these sections by scrolling down the page, or by clicking a navigation button at the top of the page.
When you select a button at the top of the page, the selected section appears and all other sections are temporarily hidden. To view all sections of the page, click Show All.
The following sections describe the attributes available on the Edit Security Attributes page.
Topics in this section include:
Authentication is the process of establishing users' identities before they can access an application. Although you define multiple authentication schemes for your application, only one scheme can be current at a time. Table 4-5 describes the attributes available under Authentication.
Table 4-5 Authentication Attributes
Attribute | Descriptions |
---|---|
Specifies a URL or procedure that should be run when you run the application. For example, Home Link could contain the relative URL used to locate the application home page. For example, You can also use this attribute to name a procedure. For example, you could create a procedure such as Note: Do not use the Home Link attribute to determine the page that displays after authentication. The page that displays after authentication is determined by other components within the application's authentication scheme. See Also: "HOME_LINK" |
|
Replaces the substitution strings See Also: "LOGIN_URL" and "Creating an Authentication Scheme" |
|
Identifies the Oracle schema used to connect to the database through the database access descriptor (DAD). The default value is Once a user has been identified, the Application Express engine keeps track of each user by setting the value of the built-in substitution string Note: Previous versions of Oracle Application Express used the built-in substitution string When
If the current application user ( For example, you can show a login button if the user is the public user and a logout link if the user is not a public user. Reference this value using See Also: "HOME_LINK" and "Understanding Conditional Rendering and Processing" |
|
Click this button to define an authentication scheme. See Also: "Understanding How Authentication Works" and "Creating an Authentication Scheme" |
Authorization controls user access to specific controls or components based on user privileges. You can specify an authorization scheme for your application, by making a selection from the Authorization Scheme list. You can assign only one authorization to an entire application. However, you can assign an authorization scheme to individual pages, page controls (such as a region, a button, or an item), or a shared component (such as a menu, a list, or a tab).
To create a authorization scheme, click Define Authorization Schemes.
An authorization scheme is a binary operation that either succeeds (equals true) or fails (equals false). If it succeeds, then the component or control can be viewed. If it fails, then the component or control cannot be viewed or processed. When you attach an authorization scheme to a page and it fails, an error message displays instead of the page. However, when you attach an authorization scheme to a page control (for example, a region, a button, or an item) and it fails, no error page displays. Instead, the control either does not display or is not processed or executed.
Use Parsing Schema to specify the database scheme for the current application. Once defined, all SQL and PL/SQL commands issued by the application will be performed with the rights and privileges of the defined database schema.
Use the following attributes to reduce exposure to abandoned computers with an open Web browser by application:
Maximum Session Length in Seconds - Enter a positive integer representing how many seconds a session used by this application will exist. Leave the value NULL
for the session to exist indefinitely. This session duration may be superseded by the operation of the job that runs every eight hours which deletes sessions older than 24 hours.
Session Timeout URL - Enter an optional URL to be redirected to when the Maximum Session Length in Seconds has been exceeded. If implemented in Oracle Application Express, the target page in this URL should be a public page. A common use for this page would be to inform the user of the session expiration and to present a login link or other options. If no URL is supplied, the user is redirected to the application home page.
Maximum Session Idle Time in Seconds - Enter a positive integer representing how many seconds of inactivity or idle time a session used by this application should permit. The idle time is the time between one page request and the next one. Leave the value NULL
to prevent session idle time checks from being performed.
Idle Timeout URL - Enter an optional URL to be redirected to when the Maximum Session Idle Time in Seconds has been exceeded. If implemented in Oracle Application Express, the target page in this URL should be a public page. A common use for this page would be to inform the user of the session is redirected to the application home page. If no URL is supplied, the user is redirected to the application home page.
See Also:
"Understanding Session Timeout" and "Configuring Session Timeout" in Oracle Application Express Administration GuideEnabling Session State Protection can prevent hackers from tampering with URLs within your application. URL tampering can adversely affect program logic, session state contents, and information privacy.
To enable or disable Session State Protection for your application, make a selection from the Session State Protection list. Setting Session State Protection to Enabled turns on session state protection controls defined at the page and item level.
To configure Session State Protection, click Manage Session State Protection.
See Also:
"Understanding Session State Protection"Use this attribute to enter a PL/SQL block that sets a Virtual Private Database (VPD) context for the current database session associated with the current "show page" or "accept page" request. The block you enter here is executed at a very early point during the page request, immediately after the APP_USER
value is established. The value of APP_USER
(using :APP_USER
or v('APP_USER')
) may be used within the block. Values of other items in session state may be referenced as well, but any such items must have been established in session state before the initiation of the current page request. Consider the following example:
dbms_session.set_context('CTX_USER_QRY','USERPRIV',my_package.my_function(:APP_USER));
The previous example sets the value of USERPRIV
in the context named CTX_USER_QRY
to the value returned by the function my_function
in package my_package
. The function is passed the current value of APP_USER
as an input argument. Presumably, the named context would be used in a VPD policy ( created within the application's parsing schema) to effect the generation of predicates appropriate to the authenticated user.
Virtual Private Database, also know as Fine-Grained Access Control or FGAC, is an Oracle database feature that provides an application programming interface (API) that enables developers to assign security policies to database tables and views. Using PL/SQL, developers can create security policies with stored procedures and bind the procedures to a table or view by means of a call to an RDBMS package. Such policies are based on the content of application data stored within the database, or based on context variables provided by Oracle database. In this way, VPD permits access security mechanisms to be removed from applications, and to be situated closer to particular schemas.
The code entered in this section need not pertain to VPD/FGAC; in fact, it may not be related to security at all. Any code that needs to be executed at the earliest point in a page request can be placed here. For example, to set the database session time zone for every page request:
BEGIN EXECUTE IMMEDIATE 'alter session set time_zone = ''Australia/Sydney'' '; END;
In Application Builder you can develop applications that can run concurrently in different languages. A single application can be translated to support different languages. Use the attributes on the Edit Globalization Attributes page to specify globalization options such as the primary application language.
Topics in this section include:
See Also:
"Managing Application Globalization"To access the Edit Globalization Attributes page:
On the Workspace home page, click the Application Builder icon.
Select an application.
The Application Builder home page appears.
Click Shared Components.
The Shared Components page appears.
Under Globalization, click Edit Attributes.
The Edit Globalization Attributes page appears.
The following sections describe the attributes available on the Edit Globalization Attributes page.
Identifies the language in which an application is developed. This language is the base language from which all translations are made. For example, suppose application 100 was authored in English, translated into French, and published as application 101. English would be the Application Primary Language.
All modifications to the application should be made to the primary language specified here.
Determines how Application Builder determines or derives the application language.
The application primary language can be static, derived from the Web browser language, or determined from a user preference or item. The database language setting also determines how the date is displayed and how certain information is sorted.
This option enables you to disable browser derived language support. You also have the option of having the application language derived from an application preference.
Determines the date format to be used in the application.
This date format is used to alter the NLS_DATE_FORMAT
database session setting before showing or submitting any page in the application. This value can be a literal string containing a valid Oracle date format mask or an item reference using substitution syntax. If no value is specified, the default date format is derived from the database session at runtime.
Automatic CSV Encoding controls the encoding of all comma-delimited (CSV) report output in an application. The default value for Automatic CSV Encoding is No. If Automatic CSV Encoding is set to Yes, CSV report output is converted to a character set compatible with localized desktop applications. The character set for the CSV encoding is determined by the Application Language Derived From setting.
The encoding of pages in Application Builder is determined by the character set of the database access descriptor (DAD) used to access Oracle Application Express. For example, if the character set of the database access descriptor is AL32UTF8, all pages in all applications in the Oracle Application Express user interface are encoded in UTF-8.
By default, the CSV output from report regions is encoded in the same character set as the database access descriptor. However, some desktop spreadsheet applications require that the data is encoded in the client desktop operating system character set. In the case of multibyte data, the CSV output from report regions will often appear corrupted when opened by a desktop spreadsheet application. This is because the CSV output is encoded differently than what is required by the desktop application. Enabling Automatic CSV Encoding resolves this issue.
For example, if the user's language preference for an application is de
, the CSV data is encoded in Western European Windows 1252
, regardless of the Database Access Descriptor character set setting. If the user's language preference is zh-cn
, the CSV data will be encoded in Chinese GBK.