Hi All, Below is an architecture diagram I came up to integrate APIM to MDM. There are some issues with it with needs some advice. I have mentioned them below -
[image: Inline image 1] If the API access is through the browser the API should be protected via a session. If the API is accessed via APIM no protection is necessary since it's already protected by APIM. But the hiccup in APIM scenario is -the API doesn't know who called it (since it's doesn't have a session username). How do we deal with the above scenario? Other problems are- - When the browser communicates via HTTP the rendering happens in the backend. APIM has no integration here. - When the browser calls via AJAX the MDM APIs will access directly without APIM. This also requires a session Cheers On Fri, Dec 6, 2013 at 9:33 AM, Nuwan Dias <[email protected]> wrote: > For you to protect those APIs through the API Manager, you first have to > publish them through the Publisher and Subscribe to them via the Store. You > can use the APIs available on the Publisher [1] and Store [2] to create, > update and subscribe to APIs programmatically. > > [1] - http://docs.wso2.org/display/AM150/Publisher+APIs > [2] - http://docs.wso2.org/display/AM150/Store+APIs > > Thanks, > NuwanD. > > > On Thu, Dec 5, 2013 at 10:11 AM, Dulitha Wijewantha <[email protected]>wrote: > >> Hi guys, >> I have a jaggery API set. I want to protect them with OAuth. From what I >> can see in APIM samples - I have to add them manually via the store and go >> through the whole lifecycle. Is there away for me to programmatically >> protect APIs exposed (with jaggery) using APIM? >> >> Cheers~ >> -- >> Chan (Dulitha Wijewantha) >> Software Engineer - Mobile Development >> WSO2Mobile >> Lean.Enterprise.Mobileware >> * ~Email [email protected] <[email protected]>* >> * ~Mobile +94712112165 <%2B94712112165>* >> >> * ~Website dulithawijewantha.com <http://dulithawijewantha.com/> * >> >> * ~Blog blog.dulithawijewantha.com >> <http://dulichan.github.io/chan/>* >> * ~Twitter @dulitharw <https://twitter.com/dulitharw>* >> > > > > -- > Nuwan Dias > > Senior Software Engineer - WSO2, Inc. http://wso2.com > email : [email protected] > Phone : +94 777 775 729 > -- Chan (Dulitha Wijewantha) Software Engineer - Mobile Development WSO2Mobile Lean.Enterprise.Mobileware * ~Email [email protected] <[email protected]>* * ~Mobile +94712112165* * ~Website dulithawijewantha.com <http://dulithawijewantha.com/>* * ~Blog blog.dulithawijewantha.com <http://dulichan.github.io/chan/>* * ~Twitter @dulitharw <https://twitter.com/dulitharw>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
