What is the value of using integrated API gateway instead of the APIM gateway ? Is the Integrated API gateway doing more than OAuth authorization (Eg: throttling)?
On Mon, Sep 19, 2016 at 1:47 AM, Senthalan Kanagalingam <[email protected]> wrote: > Hi Ayyoob, > > Thanks for your feedback. > > We have a working PoC[1] for API Scanner and Creator. I will go through > this extension and try to improve my implementation. > For the Gateway part we have planed to use tomcat valve. But we can look > into the possible options and come with a better solution. > > We are using reflections[2] library to scan annotation. This library > provide facility to scan custom annotations, param annotations and return > type. So creating documentation can be supported. > > [1] https://github.com/senthalan/product-as/tree/api-everywhere-as > [2] https://github.com/ronmamo/reflections > > Thanks and regards > K.Senthalan > > On Thu, Sep 15, 2016 at 12:51 AM, Ayyoob Hamza <[email protected]> wrote: > >> Hi Senthalan, >> >> We currently have this capability in EMM/IoTS. However API creator part >> is tightly coupled with api manager features. >> >> [1] API Scanner and Creator : https://github.com/wso2/carb >> on-device-mgt/tree/master/components/apimgt-extensions/org. >> wso2.carbon.apimgt.webapp.publisher >> [2] Gateway: This either can use api manager gateway and do a JWT >> validation or Use the tomcat valve and do the authorization as you >> described - https://github.com/wso2/carbon-device-mgt/tree/master/compon >> ents/webapp-authenticator-framework/org.wso2.carbon. >> webapp.authenticator.framework. >> >> Just wanted to add some other features that we can support as a future >> requirement is to support swagger annotation. Which is to read and publish >> along with the api. This way we could create the documentation in store. >> >> Thanks, >> Ayyoob >> >> *Ayyoob Hamza* >> *Software Engineer* >> WSO2 Inc.; http://wso2.com >> email: [email protected] cell: +94 77 1681010 <%2B94%2077%207779495> >> >> On Thu, Sep 8, 2016 at 12:20 PM, Senthalan Kanagalingam < >> [email protected]> wrote: >> >>> Hi all, >>> >>> Publishing APIs into APIM from Tomcat based AS 6.0 - Architecture >>> >>> The idea of the above is to automatically create APIs from the deployed >>> web apps in AS and publish them into the API Publisher. Publishing APIs >>> automatically makes it easier for webapp developers on Tomcat to use APIM >>> easier. Right now, the users has to manually create Managed APIs for their >>> REST-ful web apps. >>> >>> As part of this effort, the API gateway will be included within Tomcat >>> based AS itself. This is used to validate whether the request from that end >>> user have permission to access that API. So the AS will have an integrated >>> API gateway to validate. >>> >>> The api everywhere for AS 6.0 have 3 main components, >>> >>> 1. >>> >>> API Scanner >>> 2. >>> >>> API Creator >>> 3. >>> >>> Integrated API gateway >>> >>> >>> API Scanner component will scan the deployed web app and create APIs. In >>> web app deployment time the API scanner will scan the annotations and >>> configurations and generate APIs and API informations. >>> >>> API Creator will publish the APIs into API Publisher. For that user have >>> to provide the “clientId” and “clientSecret” of OAuth 2.0. Access token >>> will be request from the APIM Key manager. Then using that access token the >>> generated APIs will be published into APIM. The API will be in the >>> “CREATED” state, the webapp developers can edit and publish as their wish. >>> API Creator will be a running on new thread to reduce the web app startup >>> time. >>> >>> Integrated API gateway will intercept the request into AS. The access >>> token of the request will be validated with APIM key manager. If the token >>> have the right to access the web app, the request will be passed or >>> otherwise an exception will be thrown to the end user. >>> >>> >>> Until now implementation of API Scanner and API Creator are completed >>> and working PoC is available. >>> >>> We have to decide which information we are going to publish into the API >>> publisher. There are some items like tags, business information and etc >>> which are not compulsory when creating APIs. >>> >>> >>> [image: Inline image 1] >>> >>> -- >>> K.Senthalan, >>> Software Engineering Intern, >>> WSO2 Inc. >>> Tel: +94771877466 >>> Email: [email protected] >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > K.Senthalan, > Software Engineering Intern, > WSO2 Inc. > Tel: +94771877466 > Email: [email protected] > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Ajanthan Software Engineer; WSO2, Inc.; http://wso2.com/ email: ajanthan <http://goog_595075977>@wso2.com; cell: +1 425 919 8630 blog: http://bkayts.blogspot.com/ Lean . Enterprise . Middleware
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
