If you have seen Anjo’s Kolk’s cool “Oracle Interface for Google Visualization API (external data source interface)” blog post, which partly based on the Oracle XMLDB Protocol Adapter functionality, then be aware that direct access off this functionality via the internet is at your own risk. Of course this also counts for the OTN article given here: Creating Oracle Database-backed iGoogle Gadgets.
To make life a little bit easier, Google also created the Google Secure Data Connector (Google SDC) to make your connection with the database more secure. If applicable you should add this extra security feature, at least if you have the means to do this. You need, among others, a Google App Premier account and are the owner for the domain were the database resides.
If you enable HTTP access via, for example, the XDB Protocol Server via the following DBMS_XDB call:
SQL> call dbms_xdb.setHttpPort(8080);
this enables, besides the HTTP functionality, also the WebDAV protocol server functionality. To get this functionality secured on the internet, you could use Apache as a reverse proxy solution that rewrites on the fly all URL’s that should be protected. As the XMLDB Dev. team go’s, this is the only acceptable secure solution to provide, on the internet, this protocol server functionality based on Oracle XMLDB.
The following is a snippet from a Apache httpd.conf configuration file that could be used for this (ssl is enabled in this example, based on using OpenSSL):