Oracle Portal Stylesheet

As promised in a previous post, I’m making available a stylesheet I put together that contains all of the stock classes used for pages generated by Oracle Portal.

You can grab the stylesheet here.

The selectors listed come from this document that lists the selectors and their purpose, along with taking an actual stylesheet generated by Oracle Portal, in case there were any ‘undocumented’ selectors. I found 2.

I haven’t crafted any kind of compressed version of this stylesheet yet. It seems that more than a few of these selectors could be grouped together so that, rather than continually replacing every instance of the text color with what you want to use throughout the page, you can just change one line.

Get Me An Eraser!

<rant>

I’ve been a bit busy working with our Blackboard system. It’s been upgraded to 6.3.1 (Blackboard 6, Application Pack 3, Service Pack 1).

My frustration with Blackboard continues to grow. On top of a long list of gripes I’ve added a few more that I’ll share.

Blackboard 6.3 no longer allows full control of what they call the “gateway” page. I typically call it the homepage, but others will call it the index page, default page, and so on. Prior to 6.3 you could craft the entire page in HTML and Blackboard would serve it up without any changes. Now you are forced to design within a content area inside a stock page layout defined by Blackboard. White background with black text, a masthead, left-side column, and footer all wrap the content you design. There’s no way out of this either. It seems like a small matter, but if you’re especially focused on branding, this is a huge outrage.

Part of Blackboard is a collaboration tool. Essentially an over-hyped chat room. The client is a JAVA applet that your users load in their browser. The server is maintained on your own hardware.

Now Blackboard has a thing for ingoring problems with or the support of SSL. It’s something of an afterthought with these guys. One time, a few months ago, a Blackboard support rep told me they don’t use SSL on their own systems because “it causes too many problems”. So rather than fix this, they ignore it.

One problem (a small one, compared to the others) is getting SSL to work with the collaboration tool. The collaboration tool is accessed through a separate port than the standard port 80 (443 when talking about SSL). Now I’m not talking about the actual chat data going between client and server, I’m talking about the web page inside which the chat client is embedded. Why this how they designed it I have no idea, but it simply is. And because it’s on a separate port, it’s handled not by your front-end web server, but rather an instance of tomcat that handles the JSP bits used in Blackboard.

So to get SSL working, you need to take your existing web server cert, break it apart, and import it into a JAVA keystore. Blackboard provides documentation on this, except they only show how to create a self-signed certificate and not how to use an existing SSL cert.

I figured that part out on my own.

After pushing the need for documentation on this process, Blackboard updated their 6.3 documentation with a link to documentation on Sun’s keytool application. And that’s about it.

Those who do some digging will find that in this document on data integration, the steps required to import an existing SSL cert do exist within Blackboard’s documentation library. Why this bit of information (found on page 53 (56 in a PDF viewer)) is not copied and pasted into Blackboards setup document I will never know. It’s that kind of disorganization that kills me when it comes to Blackboard.

So anyways, I get the SSL stuff working.

I boot up the client, connect, and it works. Just to make sure all is well, I packet sniff the session to make sure I’m connecting over SSL.

Guess what? I’m not.

The tomcat instance used to serve up the JAVA client is the only thing now being sent over SSL after making a bunch of configuration changes. The actual content of the chat room itself remains in plaintext.

All that work just to serve a JAVA applet that could just as easily be served through the regular web server over SSL. Leaving the most important information, the user’s information, in cleartext.

Unbelievable.

It’s this kind of disregard for user privacy and security of user information that has completely turned me off of Blackboard.

When Blackboard 6 came out they changed their licensing from Blackboard 5 so that clients who license the basic edition could no longer use SSL. Yes, SSL does not work on Blackboard 6, basic edition. So what if you want to use SSL? Buy the enterprise edition, which costs a lot more than basic. It seems like extortion. Buy the more expensive product or we make your user data vulnerable to packet sniffing.

Unbelievable.

I developed a kind of proxy server with Apache to act as the middle-man between Blackboard and the client. Apache would serve an SSL connection to the user, and then forward requests on to the Blackboard server outside SSL. Keeping the Apache instance on the same machine as the Blackboard server means I can keep user data secure. No user information is transfered in cleartext. It works well, but I shouldn’t have had to do that.

Earlier this year I contacted Blackboard about a double-login issue. Users would bookmark the login page, but whenever they used the bookmark they’d be prompted at a second login screen after completing the first login screen. Blackboard told me this is a result of how sessions are created. It required users to visit the gateway page first to initialize the session before moving onto the login screen.

Unbelievable.

But now… now they have this portal product that can operate on top of the learning system. And those who purchase the portal product now have an option to bypass the gateway page so those bookmarks do work. Great! Except you’ll have to pay yet more money just to get that single feature.

Un-freaking-believable.

Before 6.3, whenever you enabled SSL support for only specific sections of Blackboard, you would get constant pop-up messages in IE telling you that some parts of the page were being transmitted over an insecure channel. This is because, whenever anything at all had SSL enabled, the parent HTML frame (yes, they use frames in Blackboard….unbelievable) was transmitted over SSL. But the child frames were not.

So to fix this, in 6.3, Blackboard has the parent frame no longer being transmitted over SSL. If a child-frame is being sent over SSL, you don’t get the pop-ups because there is no data inside the SSL frame being transmitted outside of SSL. Dig? It’s a cute hack, but by far not the correct solution.

The correct solution is to do away with frames alltogether, but that won’t happen.

</rant>

Eraser In Hand

So we’re looking at Sakai. It looks very promising.

Advertisements

3 thoughts on “Oracle Portal Stylesheet

  1. I have seen this with the university that I go to. They have had so much trouble with blackboard for the past year since they switched to the newer version. You would think a software would get better after time but…..this company doesn’t seem to get it right

  2. I feel your pain. :) The only way we could provide easy to use instructions to our students was to embed a iFrame in the gateway.bb file. The pages are kept on the main website.

    I’d like to hear more about your Apache Proxy setup, if you know of any reference articles that could shed some light on the subject, they would be much appreciated.

    Thanks,
    Carlos.

  3. Did you also notice that an upgrade to AP3 from AP1 breaks the links on any custom images you use on the gateway page. Their entire directory structure changes, yet there is nothing in BB’s documentation.

    At least on UNIX it was like this.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s