www.zippyzebra.co.uk
• We are a software development company specialising in developing
bespoke Oracle based solutions with a particular focus on APEX.
• Our mission is to use agile methods to develop effective business
solutions that fully meet our customers business requirements.
• We focus on database driven technical solutions enabling our
customers to really leverage on their investment in Oracle technology.
Who are we?
Zippy Zebra was Founded in 2006 by:
Jonathan Rhind
Over 20 Years development experience with Oracle technology
Zaid Ali
Over 20 Years development experience with Oracle technology
A bit more
About Us
Our Team
Our core development team consists of a very experienced group
of dedicated individuals that we have known and worked with over
many years.
Proud to be :
•
•
An Oracle Partner
A Member of the APEX Feature Advisory Board
Services we provide include:
• APEX development
• Analysis
• Database Design
• Application Design
More about
what we do
• User Interface Design
• Integration / Interfaces / Web Services
• Prototyping
• Assistive Technologies
• Application Security
Liverpool Victoria – Travel Insurance
Key Features:
• eCommerce Quote and Buy Insurance website
Turning Point
• Dual user interfaces
• Web Front End (Internet)
• Call Centre Front End (Intranet)
• Shared application logic layer
• Print Integration (PDF Generation and Download)
• Online Card Payment Integration
• Sophisticated Bespoke Rating Engine
• Third Party Branding
•
Live operation since 2008
Ministry of
Justice
National Offender Management Service (NOMS)
National Offender Management Service (NOMS)
• The National Offender Management Service (NOMS) is
an Executive Agency of the Ministry of Justice.
Ministry of
Justice
• Provides offender services in the community and in
custody in England and Wales.
• Works to protect the public and reduce reoffending by
delivering the punishment and orders of the courts and
supporting rehabilitation by helping offenders to change
their lives.
• NOMS keeps the public safe by ensuring that around
260,000 offenders each year securely undertake the
punishment provided through the prison and probation
services.
National Offender Management Service (NOMS)
• OASys is the abbreviated term for the Offender Assessment System,
used in England and Wales by Her Majesty's Prison Service and the
National Probation Service.
OASys
• As part of a modernisation programme the existing OASys system
was to be completely re-developed.
• The goals of the new OASys were to provide a single database
containing all offender and assessment data delivered to users in a
browser based application with a rich user interface including support
for assistive technologies.
• Ability to support user base of approximately 60,000 users
OASys live since March 2013
National Offender Management Service (NOMS)
How did we get involved?
Our
Involvement
• Decision made by HP and Capita to investigate use of Oracle
Application Express
• Approached by HP, due to our extensive APEX and Oracle
experience
• Engaged by Capita and HP to do a number of technical workshops to
assess the technical feasibility of creating such a large application
using Oracle APEX
• After the successful completion of the workshops, covering the key
technical challenges, Zippy Zebra was commissioned for the
technical design and application development of the new OASys
system
Our team had full responsibility for:
• Technical Design
• Application Development
• Configuration Management.
Our Roles and
Responsibilities
• Engagement of our Development Team
“Having worked with the Zippy Zebra team for nearly two years, I
have been constantly impressed by their technical knowledge
and the way they have applied it to complex business scenarios.
The resulting application has received consistently high praise
from the user community. Under pressure to deliver in short
timescales, they have put together a team of highly skilled and
commited developers.”
Martin Hiorns, Project Manager
OASys Project
Capita
Software Stack:
• Oracle 11g Enterprise RAC (Including APEX 4.0)
• Oracle BI Publisher
• Oracle HTTP Server
The
Technology
Client Support:
• Internet Explorer 6 Only (Currently)
Key Project Challenges:
• Design of the User Interface
• Structuring such a large APEX Application
• Supporting Assistive Technologies
Key Challenges
• Internet Explorer 6
• Performance
• Security
OASys
What does it
look like?
Screenshots Here
Screenshots Here
Screenshots Here
Create Project Standards:
• Coding Standards
• Coding Style
• Best Practice
• Standard API’s e.g. error handling
• Debug
Project
Development
Standards
• User Interface Standards
• Consistent Look and Feel
• Visual Style Guide – e.g. Search Page, Edit Page etc
• Widget / Component Library
Make Sure of the following:
• Keep these documents up to date
• Ensure Development team know and understand these documents
in detail
Application Structure – “Modules”
Structuring
Large APEX
Applications
What do we mean by a “Module”:
• Single APEX application
• One or more pages
• Performs specific business function
Structuring
Large APEX
Applications
• Associated Module Package
• Associated Module Views
APEX Parsing Schema has permissions to access following:
• Module packages / Generic Packages
• Views
All Database objects owned by separate owning schema – minimal
objects exposed to APEX Parsing schema via synonyms and grants
Multiple “Modules” - create a seamless application system
• Decide on a level of granularity
• Each Module has a “Landing Page” and one or more related pages
• Landing Page is the only URL access enabled page in a module
Structuring
Large APEX
Applications
• All Modules share same APEX session – via session cookie
defined in subscribed authentication scheme
• Modules allow ease of maintenance for large development team
• Use Application and Page aliases
• Build standard navigation API’s
• Create Master Library Application
• Contains “Master” copy of all Shared Components
• Contains test pages for each component type including any
JavaScript components
Structuring
Large APEX
Applications
• Use Copy and Subscribe functionality of Shared Components
•
•
•
•
•
Authentication Schemes
Authorization Schemes
Templates
Plug-Ins
LOVs
• Create “Hooks” in Application Level Processes for common events
• Contains Test pages for Theme Templates and all UI components
• Create Starter Application
• Pre-configured application containing required subscribed
components
• Developers take a copy of this application when starting a new
Module
Structuring
Large APEX
Applications
• Contains common components on Page 0
• Contains standard set of Application Items and Processes
• Create Top Level Application
• The Login Module
• Entry point to entire application
• Owner of shared Authentication scheme via subscription
• OASys consists of 120+ Modules
• That’s 120+ individual APEX applications
• All work seamlessly together as a single application
Structuring
Large APEX
Applications
• Provides flexibility with medium/large development team
• Ease of maintenance
• Easier source code control
• check-in / check-out individual Modules
• Easier release management – due to granularity
Application Logic Structured Using PLSQL Package API’s
Structuring
Large APEX
Applications
API Layers
• Table API Packages – as table interaction not just through APEX
• Adds another layer of security – Table access not directly exposed
to APEX parsing schema just packages
Structuring
Large APEX
Applications
• Module API’s – one package per APEX module
• Minimal PLSQL in APEX pages – only contains calls to event
handlers from corresponding Module API Package
• Allows sharing of all application logic
e.g. from Native Webservices
from Batch processes
• Business Logic API’s
• Utility and UI API’s
OASys Interface Layer consists of:
• SOAP Webservice calls to BI Publisher
• Native web services exposed for incoming Case Management
Systems to consume – PCMS, CRAMMS, PNOMIS
OASys
Interfaces
• SOAP Webservice calls for live Offender searches across other
internal systems direct from within OASys search screens
No JAVA stack required!
All Web Service functionality performed via Oracle Database
and PL/SQL
User Interface
Designing the
User Interface
• Build static HTML prototypes for key areas
• Pages
• Search Page
• Edit Page
• Modal Page
etc
• Regions
• Menus
• Integrate and Test JQuery components
• Get user agreement
• Create APEX Templates from Static HTML
• Create full APEX Theme
Standard Header with Pull Down System Navigation Menu – Dynamic Region – Page 0
Designing the
User Interface
Floating Accordian Menu – Dynamic Region – Page 0
Tabs – Dynamic Region
Designing the
User Interface
Government projects insist on compliance with AT software
• Do not assume browser will support AT software
Supporting
Assistive
Technologies
• Identify technology to be used
Dragon (dictation)
Jaws (screen reader)
Read & Write
Zoom Text
• Design AT standards into core build
• Use specialist testers with knowledge of the tools
Apex is NOT the culprit, your application code is!
• Tune all application SQL and PLSQL
• Use Oracle tools Explain Plan, TKProf, AWR
Performance
• Use Statistics from a volume database in Development / System
Test environments to detect poor performing queries early
• Simulate concurrent connections 10,000+ with a tool like
LoadRunner
• Tune JavaScript/Jquery – especially Jquery selectors used
• Cross site scripting – escape your data
• SQL injection
• Use bind variables
• Beware of Dynamic SQL
Security
• Enable Session State Protection
• Prevent URL hacking
• Use page blockers to prevent duplicate page submissions
• Feature also built in to APEX
• Penetration Testing
• Use Authorization Schemes
• Sharing session state across applications
• 100 item limit on page (200 with APEX 4.2)
• APEX session tables RAC - Contention
Issues
encountered
with APEX
• Sharing session state across applications
• Created our own session state tables
• APEX 4.2 now provides read/write to application items across
applications
Our Solutions
• 100 item limit on page
• Created our own dynamic renderer based on our own metadata
• Renderer uses APEX_ITEM API’s to work around 100 item limit
• APEX 4.2 item limit now 200 items per page
• APEX session tables RAC - Contention
• Caused excessive traffic across RAC interconnects
• Implement Instance affinity – bind sessions to same RAC nodes
• Dynamic Actions
• Plugins
New APEX
Features Used
• Oracle always there to help
• Direct communication with APEX team at Oracle
Oracle Support
Use APEX
for Enterprise
Systems?
YES
Q &A
www.zippyzebra.co.uk
Please feel free to ask us any questions