Hi All, This mail is to give brief update on what Lakmali and myself have done on the $Subject so far..
*1. Get the Store/Publisher jaggery apps working on GReg..* As we discussed, until the generic store comes out, we ll be using our existing publisher/store apps for other products as well. We could able to get the publisher and store working on GReg with the following modifications (Since GReg already having jaggery feature, we don't have to add it, but when it comes to other products we may need to install Jaggery feature as well); - Added APIM DB into GReg. - Added a new property '<GatewayType>' into api-manager.xml. (This property is used to identify the gateway type, whether synapse based or some other type. Depending on the gateway type, we have done some modifications to the APIManagerComponent #activate method to avoid synapse dependencies.) - Added 'modules' directory to GReg_Home. - Added api-usage jars (store/publisher depends on these) - Added org.wso2.carbon.identity.user.registration.stub_4.1.0,jar and org.wso2.carbon.identity.user.registration_4.1.2.jar. - Added org.wso2.carbon.um.ws.api.stub_4.1.0.jar, org.wso2.carbon.um.ws.api_4.1.0.jar and org.wso2.carbon.um.ws.service_4.1.0.jar. - Changed transport of <AuthManager> <ServerURL> to https from 'local' transport. i.e <ServerURL>https://localhost:9443/services/</ServerURL> (This need to be check, why it didn't work with local transport.) - Added apimgt.kemgt jar (This is required for key generation in store). - Hostobject jars were already there in the GReg. TODO for [1] - All above dependency jars were manually added to the GReg pack.. We need to make them as dependencies in apimt.lite feature to get copied them into GReg distribution. Those jars are actually required for the publisher/store apps. But since there is no way to add dependencies for these web apps, solution would be to ship those dependencies with apimgt.lite. - Check on why <AuthManager> <ServerURL> didn't work with local transport. - Key generation/ re-generation works. But there is some jaggery exception thrown in backend, need to check it. - GReg Asset store and API Store cannot enable at the same time. We got the API Store working by removing <StoreAssets>api,service</StoreAssets> property used in GReg. We need to check this (GReg Team ?). *2. Added apimgt.lite module for apimgt component. *This module is like a generic apimgt handler component (without synapse dependencies). This consist of three packes; authenticate, throttle and usage. Currently we have completed only authentication and throttling modules. TODO for [2] - Need to add usage module into apimgt.lite *3. Added a Tomcat Valve.* This is added as new module under apimgt component. This valve is a generic one, not specific to the GReg. This is the place, where each and every request goes first. tokenValidation, throttling, usagetracking methods are being called at the invoke method of it. Also we have added following two parameters to carbon.xml. <!-- Enable API Management --> <EnableAPIManagement>true</EnableAPIManagement> <!-- Gateway URL need to provide only if, you are using external api-manager to handle api management --> <APIGateway>http://localhost:8281</APIGateway> Above configuration parameters are read from the activate method of apimgt.interceptor component and used in valve to identify whether to use internat api-management or external api-management. *We have two blocking issues on this.* - We need only api requests to go through this valve. Issue is to find a condition to satisfy it. Currently we have following code, which will check the incoming request is containing "Authentication" header or not. If only request has "Authentication" header, rest of the logic will get call otherwise it exit.. Problem with this is, users can call directly to end point (REST API) , without going through the api-management (without having a key). if (APIManagerInterceptorComponent.getAPIManagementEnabled().equals("true") && request.getHeader(APIConstants.AuthParameter.AUTH_PARAM_NAME) == null) { return; } - Other issue is, handling api management when there is an external api-manager is running. Since, user is calling to the actual end point, we need to re-direct the request to external api-manager gateway when api-management is done with external api-manager. We tried to forward the request in following way, but it didn't work. request.getRequestDispatcher(externalAPIManagerURL).forward(request, response); Also, we tried to create a new HttpUriRequest and send it to api-manager gateway. But it also gives some exceptions. Even if we anyhow, get this method#2 to work, still we need a way to drop the original message without sending to actual endpoint. Regards, Lakmali/Dinusha. -- Dinusha Dilrukshi Senior Software Engineer WSO2 Inc.: http://wso2.com/ Mobile: +94725255071 Blog: http://dinushasblog.blogspot.com/
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
