What is the value of using integrated API gateway  instead of the APIM
gateway ?
Is the Integrated API gateway doing more than OAuth authorization (Eg:
throttling)?

On Mon, Sep 19, 2016 at 1:47 AM, Senthalan Kanagalingam <sentha...@wso2.com>
wrote:

> Hi Ayyoob,
>
> Thanks for your feedback.
>
> We have a working PoC[1] for API Scanner and Creator. I will go through
> this extension and try to improve my implementation.
> For the Gateway part we have planed to use tomcat valve. But we can look
> into the possible options and come with a better solution.
>
> We are using reflections[2] library to scan annotation. This library
> provide facility to scan custom annotations, param annotations and return
> type. So creating documentation can be supported.
>
> [1] https://github.com/senthalan/product-as/tree/api-everywhere-as
> [2] https://github.com/ronmamo/reflections
>
> Thanks and regards
> K.Senthalan
>
> On Thu, Sep 15, 2016 at 12:51 AM, Ayyoob Hamza <ayy...@wso2.com> wrote:
>
>> Hi Senthalan,
>>
>> We currently have this capability in EMM/IoTS. However API creator part
>> is tightly coupled with api manager features.
>>
>> [1] API Scanner and Creator : https://github.com/wso2/carb
>> on-device-mgt/tree/master/components/apimgt-extensions/org.
>> wso2.carbon.apimgt.webapp.publisher
>> [2] Gateway: This either can use api manager gateway and do a JWT
>> validation or Use the tomcat valve and do the authorization as you
>> described - https://github.com/wso2/carbon-device-mgt/tree/master/compon
>> ents/webapp-authenticator-framework/org.wso2.carbon.
>> webapp.authenticator.framework.
>>
>> Just wanted to add some other features that we can support as a future
>> requirement is to support swagger annotation. Which is to read and publish
>> along with the api. This way we could create the documentation in store.
>>
>> Thanks,
>> Ayyoob
>>
>> *Ayyoob Hamza*
>> *Software Engineer*
>> WSO2 Inc.; http://wso2.com
>> email: ayy...@wso2.com cell: +94 77 1681010 <%2B94%2077%207779495>
>>
>> On Thu, Sep 8, 2016 at 12:20 PM, Senthalan Kanagalingam <
>> sentha...@wso2.com> wrote:
>>
>>> Hi all,
>>>
>>> Publishing APIs into APIM from Tomcat based AS 6.0 - Architecture
>>>
>>> The idea of the above is to automatically create APIs from the deployed
>>> web apps in AS and publish them into the API Publisher. Publishing APIs
>>> automatically makes it easier for webapp developers on Tomcat to use APIM
>>> easier. Right now, the users has to manually create Managed APIs for their
>>> REST-ful web apps.
>>>
>>> As part of this effort, the API gateway will be included within Tomcat
>>> based AS itself. This is used to validate whether the request from that end
>>> user have permission to access that API. So the AS will have an integrated
>>> API gateway to validate.
>>>
>>> The api everywhere for AS 6.0 have 3 main components,
>>>
>>>    1.
>>>
>>>    API Scanner
>>>    2.
>>>
>>>    API Creator
>>>    3.
>>>
>>>    Integrated API gateway
>>>
>>>
>>> API Scanner component will scan the deployed web app and create APIs. In
>>> web app deployment time the API scanner will scan the annotations and
>>> configurations and generate APIs and API informations.
>>>
>>> API Creator will publish the APIs into API Publisher. For that user have
>>> to provide the “clientId” and “clientSecret” of OAuth 2.0. Access token
>>> will be request from the APIM Key manager. Then using that access token the
>>> generated APIs will be published into APIM. The API will be in the
>>> “CREATED” state, the webapp developers can edit and publish as their wish.
>>> API Creator will be a running on new thread to reduce the web app startup
>>> time.
>>>
>>> Integrated API gateway will intercept the request into AS. The access
>>> token of the request will be validated with APIM key manager. If the token
>>> have the right to access the web app, the request will be passed or
>>> otherwise an exception will be thrown to the end user.
>>>
>>>
>>> Until now implementation of API Scanner and API Creator are completed
>>> and working PoC is available.
>>>
>>> We have to decide which information we are going to publish into the API
>>> publisher. There are some items like tags, business information and etc
>>>  which are not compulsory when creating APIs.
>>>
>>>
>>> [image: Inline image 1]
>>>
>>> --
>>> K.Senthalan,
>>> Software Engineering Intern,
>>> WSO2 Inc.
>>> Tel: +94771877466
>>> Email: senthalank...@cse.mrt.ac.lk
>>>
>>> _______________________________________________
>>> Architecture mailing list
>>> Architecture@wso2.org
>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>>
>>>
>>
>> _______________________________________________
>> Architecture mailing list
>> Architecture@wso2.org
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
> K.Senthalan,
> Software Engineering Intern,
> WSO2 Inc.
> Tel: +94771877466
> Email: senthalank...@cse.mrt.ac.lk
>
> _______________________________________________
> Architecture mailing list
> Architecture@wso2.org
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>


-- 

Ajanthan
Software Engineer;
WSO2, Inc.;  http://wso2.com/

email: ajanthan <http://goog_595075977>@wso2.com; cell: +1 425 919 8630
blog: http://bkayts.blogspot.com/

Lean . Enterprise . Middleware
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture

Reply via email to