Yes, When the end user using APIs from the Application server the integrated gateway will take care of authorization. It will only use the key manager of API Manager to validate.
On Wed, Sep 21, 2016 at 3:04 PM, Nuwan Dias <[email protected]> wrote: > But in that case the Gateway component in the API Manager is not required > isn't it? > > On Wed, Sep 21, 2016 at 2:37 PM, Senthalan Kanagalingam < > [email protected]> wrote: > >> Hi Ajanthan, >> >> The integrated API gateway is doing only the OAuth authorization. But the >> idea of the integrated API gateway is to provide API Management >> capabilities without another network hop. >> >> Thanks and regards, >> Senthalan >> >> On Tue, Sep 20, 2016 at 11:36 PM, Ajanthan Balachandran < >> [email protected]> wrote: >> >>> What is the value of using integrated API gateway instead of the APIM >>> gateway ? >>> Is the Integrated API gateway doing more than OAuth authorization (Eg: >>> throttling)? >>> >>> On Mon, Sep 19, 2016 at 1:47 AM, Senthalan Kanagalingam < >>> [email protected]> wrote: >>> >>>> Hi Ayyoob, >>>> >>>> Thanks for your feedback. >>>> >>>> We have a working PoC[1] for API Scanner and Creator. I will go >>>> through this extension and try to improve my implementation. >>>> For the Gateway part we have planed to use tomcat valve. But we can >>>> look into the possible options and come with a better solution. >>>> >>>> We are using reflections[2] library to scan annotation. This library >>>> provide facility to scan custom annotations, param annotations and return >>>> type. So creating documentation can be supported. >>>> >>>> [1] https://github.com/senthalan/product-as/tree/api-everywhere-as >>>> [2] https://github.com/ronmamo/reflections >>>> >>>> Thanks and regards >>>> K.Senthalan >>>> >>>> On Thu, Sep 15, 2016 at 12:51 AM, Ayyoob Hamza <[email protected]> wrote: >>>> >>>>> Hi Senthalan, >>>>> >>>>> We currently have this capability in EMM/IoTS. However API creator >>>>> part is tightly coupled with api manager features. >>>>> >>>>> [1] API Scanner and Creator : https://github.com/wso2/carb >>>>> on-device-mgt/tree/master/components/apimgt-extensions/org.w >>>>> so2.carbon.apimgt.webapp.publisher >>>>> [2] Gateway: This either can use api manager gateway and do a JWT >>>>> validation or Use the tomcat valve and do the authorization as you >>>>> described - https://github.com/wso2/carbon >>>>> -device-mgt/tree/master/components/webapp-authenticator-fram >>>>> ework/org.wso2.carbon.webapp.authenticator.framework. >>>>> >>>>> Just wanted to add some other features that we can support as a future >>>>> requirement is to support swagger annotation. Which is to read and publish >>>>> along with the api. This way we could create the documentation in store. >>>>> >>>>> Thanks, >>>>> Ayyoob >>>>> >>>>> *Ayyoob Hamza* >>>>> *Software Engineer* >>>>> WSO2 Inc.; http://wso2.com >>>>> email: [email protected] cell: +94 77 1681010 <%2B94%2077%207779495> >>>>> >>>>> On Thu, Sep 8, 2016 at 12:20 PM, Senthalan Kanagalingam < >>>>> [email protected]> wrote: >>>>> >>>>>> Hi all, >>>>>> >>>>>> Publishing APIs into APIM from Tomcat based AS 6.0 - Architecture >>>>>> >>>>>> The idea of the above is to automatically create APIs from the >>>>>> deployed web apps in AS and publish them into the API Publisher. >>>>>> Publishing >>>>>> APIs automatically makes it easier for webapp developers on Tomcat to use >>>>>> APIM easier. Right now, the users has to manually create Managed APIs for >>>>>> their REST-ful web apps. >>>>>> >>>>>> As part of this effort, the API gateway will be included within >>>>>> Tomcat based AS itself. This is used to validate whether the request from >>>>>> that end user have permission to access that API. So the AS will have an >>>>>> integrated API gateway to validate. >>>>>> >>>>>> The api everywhere for AS 6.0 have 3 main components, >>>>>> >>>>>> 1. >>>>>> >>>>>> API Scanner >>>>>> 2. >>>>>> >>>>>> API Creator >>>>>> 3. >>>>>> >>>>>> Integrated API gateway >>>>>> >>>>>> >>>>>> API Scanner component will scan the deployed web app and create APIs. >>>>>> In web app deployment time the API scanner will scan the annotations and >>>>>> configurations and generate APIs and API informations. >>>>>> >>>>>> API Creator will publish the APIs into API Publisher. For that user >>>>>> have to provide the “clientId” and “clientSecret” of OAuth 2.0. Access >>>>>> token will be request from the APIM Key manager. Then using that access >>>>>> token the generated APIs will be published into APIM. The API will be in >>>>>> the “CREATED” state, the webapp developers can edit and publish as their >>>>>> wish. API Creator will be a running on new thread to reduce the web app >>>>>> startup time. >>>>>> >>>>>> Integrated API gateway will intercept the request into AS. The access >>>>>> token of the request will be validated with APIM key manager. If the >>>>>> token >>>>>> have the right to access the web app, the request will be passed or >>>>>> otherwise an exception will be thrown to the end user. >>>>>> >>>>>> >>>>>> Until now implementation of API Scanner and API Creator are completed >>>>>> and working PoC is available. >>>>>> >>>>>> We have to decide which information we are going to publish into the >>>>>> API publisher. There are some items like tags, business information and >>>>>> etc >>>>>> which are not compulsory when creating APIs. >>>>>> >>>>>> >>>>>> [image: Inline image 1] >>>>>> >>>>>> -- >>>>>> K.Senthalan, >>>>>> Software Engineering Intern, >>>>>> WSO2 Inc. >>>>>> Tel: +94771877466 >>>>>> Email: [email protected] >>>>>> >>>>>> _______________________________________________ >>>>>> Architecture mailing list >>>>>> [email protected] >>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>> >>>>>> >>>>> >>>>> _______________________________________________ >>>>> Architecture mailing list >>>>> [email protected] >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>>> >>>> >>>> >>>> -- >>>> K.Senthalan, >>>> Software Engineering Intern, >>>> WSO2 Inc. >>>> Tel: +94771877466 >>>> Email: [email protected] >>>> >>>> _______________________________________________ >>>> Architecture mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>> >>>> >>> >>> >>> -- >>> >>> Ajanthan >>> Software Engineer; >>> WSO2, Inc.; http://wso2.com/ >>> >>> email: ajanthan <http://goog_595075977>@wso2.com; cell: +1 425 919 8630 >>> blog: http://bkayts.blogspot.com/ >>> >>> Lean . Enterprise . Middleware >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> K.Senthalan, >> Software Engineering Intern, >> WSO2 Inc. >> Tel: +94771877466 >> Email: [email protected] >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Nuwan Dias > > Software Architect - WSO2, Inc. http://wso2.com > email : [email protected] > Phone : +94 777 775 729 > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- K.Senthalan, Software Engineering Intern, WSO2 Inc. Tel: +94771877466 Email: [email protected]
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
