Book Review: ‘Developing Web Applications with Oracle ADF Essentials’

Packt asked me to review the book ‘Developing Web Applications with Oracle ADF Essentials’ by Sten Vesterli. The book isn’t exactly a bible, it’s 270 pages long and an easy read. Sten jumps onto the recently released ADF Essentials and takes you by the hand on how to write ADF Essentials applications.
In every chapter he first explains the technique and after that uses the described technique to build a DVD rental application. You can follow his steps and build this application for yourself as well.

About the author
Sten Vesterli is an Oracle ACE Director, recognized by Oracle as one of the top 40 independent experts on Oracle Middleware and SOA. He is a regular Oracle OpenWorld presenter and also frequently speaks at Oracle user group conferences. He has written more than 60 articles and conference papers on Oracle development as well as the book Oracle Web Applications 101.

About the book
The first chapter is not about ADF Essentials, but about everything to get your environment up and running. Different freeware is installed, a MySQL database, the Java Development Kit and a GlassFish application server as well as the JDeveloper IDE and ADF Essentials toolkit.

After that, he dives into ADF going through the different layers, starting with the Business Services layer. Here the basic functionality of ADF Business Component gets explained. In chapter 3 the ViewController layer and the Model layer get explained all with the use of examples and through declarative development, showing the powers of ADF.

In Chapter 4 ‘Adding Business Logic’, the focus is more on the power of Java than on declarative development. First is shown how you can extend the business components framework. After that how to create managed beans and how to access data through the binding layer is described.

From there the focus moves away from the ADF functionality and chapter 5 is dedicated to the project setup, application architecture, project team and development structure. The example application that is build throughout Chapter 2 through 4 gets restructured as an example of how the structure of an enterprise application could look like. The deployment profiles get set up and library management is arranged.

The next subject is debugging and logging. For logging this means subjects like how to set up your logging, how to create code templates and how to interpret the output in the logfile. For debugging this includes how to set up debugging and how to debug ADF libraries used in your application.

Chapter 7 is about Security, since security isn’t a part of the ADF Essentials toolkit, Sten gives a good alternative and explains how to set up Shiro from Apache with your ADF application. Not only authentication but also authorization based on a permission & role system is explained.

Last but not least, the final chapter: ‘Build & Deploy’. In this chapter it is explained how Ant can be used for scripting the creation of artifacts and how asadmin can be used for scripting (command-line) your deployment to GlassFish. If you want to use automated build tools, explained is how to use Ant to automate all the steps (including the asadmin step).

Critical notes
In his book a lot of times Sten uses simplified or easy examples, he then posts a note to the documentation or a blog post with more information about the subject. I think this is a very good and strong tactic. However, during chapter 4, multiple times get described how you can use bindings in your page to bind a UI component in a bean class. This is done in the standard way JDeveloper generates this code for you. In light of this event I would like to point out this is considered a bad practice. See this blog post from A-team member Steven Davelaar for more info on the best practice.

In chapter 5, Sten gives his view on how to organize a project/application setup in which he uses the following example:

I would like to point out that this is one way of setting up a project structure, but there are many more. If you are interested in hearing more about this the ADF Architecture Square has a youtube channel which include a few movies about this subject.

In the last chapter about building & deploying, it is described how you can use Ant in your master workspace, to look at all the different subsystems and build & retrieve their artifacts. While this works and is a valid method for smaller applications. I wouldn’t recommend this structure for large enterprise applications. There are a lot of different ways to set up library management with tools like ant & ivy or maven. If you’re new to this subject, I would advise you to read some more documentation and information on this subject first, before making a decision in the setup of your library management.

First of all, the book is a very good read. It explains clearly the core functionality of ADF & ADF Essentials. It explains in less than 300 pages how you can set up your whole environment with nothing but freeware. This book also fills one of the biggest caps in ADF Essentials, the lack of build in security.
If you’re new to ADF, or never even tried it out, this book is definitely a good starting point for you!!

Write your own Audit Rule Extension in JDeveloper 12C

JDeveloper comes with a nice audit framework, one of the great things about this framework is that you can write your own code to check for specific standards or fire specific rules you want to check. If you want to write extensions in 11g I recommend one off the two following posts:
For 11R1 check Arvinder Singh's blog.
For 11R2 check John ‘JB’ Brock's blog.
JDeveloper 12C is more like the 11R2 way, but still differs in some things. Especially the blog entry by John 'JB' Brock was very useful to me.

For more information about creating Audit Rules, please check out my index page on topics around this subject.

Now, before you start, don’t forget to get the Extension SDK in JDeveloper, this is very easy to download through Help -> Check for Updates -> Extension SDK. In this example I wrote a simple rule, that checks the pagedef file for iterators and wether the cacheResults property is set to false. If so, it throws a warning to point out that this setting might not be the way you want it.

Start a new Application and pick the Extension Application:

Give it a good name and except all the defaults in the other steps. By default JDeveloper creates a file for you that is your resource bundle. Next to that it creates an extension.xml and a

The extensions.xml is much cleaner in 12C, the Manifest takes over some tasks from this extension file. The great thing is that you can use the overview from the Extension.xml where you configure your extension and that JDeveloper automaticly generates the Manifest file for you:

Next you need to configure your hook in the Extension.xml, this is where you define your Java class where the actual rule magic happens.

As said, the overview works pretty good to configure what you need in the extension.xml, but I will also give the xml snipped from the source:

In the triggers section, you define your audit-hook, fill in the category that it belongs to, I choose a sample-category. Set the properties on the rule-definition, make sure you give it a good ID, set the severity and put it in the correct category. Next you define your analyzer class, this is the Java Class you need to fire the rule.
Last but not least you need to define a project technology as trigger.

Next we can define some properties in the resource bundle that will be picked up automatically (notice that the resource bundle is coupled to your extension by the extension.xml):

So lets look at the actual Java class that is defined in the audit-hook. First off all, this class needs to extend the oracle.jdeveloper.audit.analyzer.Analyzer.
Next you need to inject the rule into the analyzer:
    private Rule CACHE_RESULT_FALSE;

Now you can hook into different enter and/or exit methods. In this example I only need the enter method for the document and the exit on the attribute. The code is in the snipped below, see the JavaDoc section for functional explanation:
     * Enter a document.
     * Check to see if this is a pageDefinition file. If not, we can stop here.
    public void enter(AuditContext context, Document document) {
        String firstNodeOfdocument = document.getDocumentElement().getNodeName();
        if (!"pageDefinition".equals(firstNodeOfdocument)) {

     * Enter an element, put the element on the context. 
    public void enter(AuditContext context, Element element) {
            context.setAttribute(elementKey, element);        

     * Exit an attribute, check if this element is inside an iterator.
     * If so, check if we're an cacheResult attribute and check the value.
     * Report the results back to the Editor.
    public void exit(AuditContext context, Attr attr) {
        if ("iterator".equals(attr.getOwnerElement().getNodeName()) &&
            "CacheResults".equals(attr.getName()) &&
            "false".equalsIgnoreCase(attr.getValue())) {

Now that the rule is set up, lets look at running and testing this rule. What I do first is deploy the extension to the current platform:

After this, you can deside to Run or Debug the extension by right clicking the project and select Run or Debug Extension. You will see that a new instance of JDeveloper gets started and you can test your extension in here.

In the newly started JDeveloper, you can make a final check in your preferences to see the rule. Here you can configure your Audit profile. Go to Tools -> Preferences -> Audit -> Profiles:

Here you should see the category that you filled into your resource bundle and under it the rule that your just created. Make sure the checkbox is enabled so it will run.

I created a fake pageDef with an iterator and the cacheResult property set to false. You see that the rule gets fired and the configured message from the resource bundle is shown. You also see the warning on the right top in the source editor: