[Profile Register/Log In] (What's This?)

From: Karen Boudreau <kboudreau@hammer.net>
Subject: [techies] cxml Punchout Application - https request/response
Date: Sat Aug 16 19:40:58 2014

What is the safest and simplest way to send an HTTP(S) REQUEST/RESPONSE to an external (internet) url initiated from a user running an Oracle 10G Forms and Reports application (currently running on a 10g operational database)?

 

Is there a good article or whitepaper that explains how to do this simple process using predominately Oracle components? I am tempted to use utl_http because it may be quick to implement, however, the internet research I have done leads me to believe  the actual HTTPS REQUEST transaction should be initiated through a web service (or script) running outside the database (and database server)  and not launched directly from the operational database (like utl_http allows).

 

I am looking for a best practice secure design using predominantly Oracle components without additional scripting modules (such as PHP or ASP), if possible.

 

Background:

I am tasked with adding a cXML Punchout feature to a financial system’s procurement module. The cXML standards indicate the cXML message is transported to an external supplier’s website using an HTTP(S) REQUEST/RESPONSE. The financial system is built with 10g Oracle Forms and Reports running on an Oracle 10g database. 

 

My experience is with Oracle Forms/Reports and pl/sql.  I do not have experience with developing web applications using other technologies. I have spent numerous hours reviewing articles on utl_http, mod_plsql, xmldb, consuming web services, etc and am not sure which components I really should be using for this simple functionality.

 

Any help is greatly appreciated.

Regards,

Karen Boudreau