Hai Dinusha, At the later part of your answer, you mentioned the how to send the request. Do we have a use case where "without API manager". AFAIR, It has been clearly said during the final discussion , request will be given inbuilt or external APIM. But you mention about without APIM.
Thanks! Ragu On Tue, Jun 18, 2013 at 12:31 PM, Dinusha Senanayaka <dinu...@wso2.com>wrote: > Hi Ragu, > > We have wrote a Tomcat Valve which will be act as interceptor for all > incoming requests. There was a need of using > Axis2ConfigurationContextObserver to get the throttling related properties, > which cannot be done through the CXF hander in GREG REST API. This tomcat > valve can be used not only by the GReg, also from any other product like > AS, DSS when it comes to manage APIs. > > Also we have been working on, getting publisher and store jaggery apps > into Greg. It was not straight forward because just putting these apps into > GReg wont work. We had do some code changes in apimgt side to avoid synapse > dependencies. As an example, api-store and publisher need to have > apimgt-impl component been activated and while this module getting > activated we are creating the tenant artifacts by coping synapse.xml files > into synapse deployment directories of tenants. We had to customize apimgt > code that it can identify the where api management is doing and avoid these > synapse related tasks. > > > On Tue, Jun 18, 2013 at 9:43 AM, Sriragu Arudsothy <srir...@wso2.com>wrote: > >> Hai Dinusha and Lakmali, >> >> Please update this mail thread that >> what have you done so far regarding the "Lightweight API manager >> component". >> >> 1) Please let me know the strategy that you are using when integrate the >> external API manager instance. >> >> 2) when an API manager instance externally running, Do we need to call >> the API published at the API gateway? or Does the user call the Registry >> REST API and re-directing the URL to API gateway URL? >> >> 3) If it is a lightweight APIM component which resides within G-Reg, Will >> the request be given to Registry REST API ? >> > Answering to the Q 1, 2, 3: > Always user request will be to the G-Reg API. If the <ManageAPIs> is > enabled then API Management will be handle through the embedded apimgt > components. And If <ManageAPIs> enabled and if it has been provided > <Store>, <Publisher>, <Gateway>, <KeyManager> urls, then request will be > redirect to the external api manager. Always, request will be first hit at > the tomcat valve that we have added, logic will be reside in this valve , > how api management is handling, whether inbuilt, external or without api > management. > > Regards, > Dinusha. > >> >> What has to be done to complete it ? >> >> Because the Greg has a strict dead line to finish off by next week ? >> >> Thanks! >> Ragu >> >> >> >> >> On Mon, Jun 10, 2013 at 6:31 PM, Sriragu Arudsothy <srir...@wso2.com>wrote: >> >>> Hai Sanjeewa..! >>> >>> We are having a strategic discussion that how >>> to include the API publisher/ store jag apps to other products. Therefore, >>> I will update this thread after the discussion...! As far as I understand, >>> there will be single interceptor which decides the processing path >>> according to the <manageAPIs> property value. >>> >>> Thanks! >>> Ragu >>> >>> >>> On Mon, Jun 10, 2013 at 6:03 PM, Sriragu Arudsothy <srir...@wso2.com>wrote: >>> >>>> Hai Lakmali..! >>>> >>>> Yes, the above link does not work...! I moved >>>> the user token generation menu under the "Resources" menu in order to >>>> appear for Greg. Therefore the existing doc won't work. Also these changes >>>> have not yet been committed. I will give you , the locally built latest >>>> Greg 4.6.0 pack which has every thing. You can also try out some samples. >>>> When you get the access token via that option , that access token will be >>>> based on "Client_Credentials" grant type. Since the API store jag app will >>>> be there anyway to incorporate the light weight APIM component. Therefore >>>> the users are required to generate the access token via store when the >>>> <manage APIs> property set to true. Therefore I have to update the doc for >>>> generating the access token for either <manageApis> property set to true or >>>> false. >>>> >>>> I will update the Doc as quickly as possible. >>>> >>>> Thanks! >>>> Ragu >>>> >>>> >>>> On Mon, Jun 10, 2013 at 4:45 PM, Sanjeewa Malalgoda >>>> <sanje...@wso2.com>wrote: >>>> >>>>> >>>>> >>>>> On Mon, Jun 10, 2013 at 4:08 PM, Dinusha Senanayaka >>>>> <dinu...@wso2.com>wrote: >>>>> >>>>>> Hi All, >>>>>> >>>>>> This is what we are going to add from the APIM side. >>>>>> >>>>>> 1) We will be exposing current api manager handlers related >>>>>> functionalities as some common packages. So this bundle can be included >>>>>> into any of products to get API Management without using external API >>>>>> Manager. (i.e APIAuthenticationHandler, APIThrottleHandler and >>>>>> APIMgtUsageHandler) >>>>>> >>>>>> 2) There will be a new parameter added to carbon.xml to check whether >>>>>> APIManagement is enable or not. >>>>>> <ManageAPIs>true/false<ManageAPIs> >>>>>> >>>>>> 3) There will be a interceptor which hit first and invoke the API >>>>>> Management functionalities when the above parameter is set to true. >>>>>> Depending on the service type, aixs2 or registry api etc, this >>>>>> interceptor >>>>>> may vary. >>>>>> When this comes to registry, we can call this api-management >>>>>> functionalities that we are going to expose through new package from the >>>>>> JAXWS web app that Ragu has created to expose the registry api. Since >>>>>> generic store feature is not going to release with the up coming registry >>>>>> release, we may need to include APIM Store jaggery app as well in to >>>>>> GReg. >>>>>> >>>>> Just to clarify. With this model where we can create >>>>> APIs, subscriptions and generate tokens? Do we provide some UI capability >>>>> for this? Do we have single interceptor which handles all requests? >>>>> >>>>> Thanks, >>>>> Sanjeewa. >>>>> >>>>> >>>>>> Regards, >>>>>> Dinusha. >>>>>> >>>>>> >>>>>> On Mon, Jun 10, 2013 at 11:41 AM, Sriragu Arudsothy <srir...@wso2.com >>>>>> > wrote: >>>>>> >>>>>>> Hai Lalaji, Dinusha..! >>>>>>> >>>>>>> We have had a discussion about the >>>>>>> Light weight APIM component for other wso2 products as well as How to >>>>>>> fit >>>>>>> that to the Registry REST API. According to the last discussion with >>>>>>> Lalaji, Dinusha and Lakmali We derived some points which I would like to >>>>>>> mention..! Still there is some ambiguity at the APIM side. >>>>>>> >>>>>>> 1) The current implemetation of the registry REST API requires the >>>>>>> APIM has to be running as a separate instance while having a >>>>>>> configuration >>>>>>> file (.xml) has the API manager url endpoints in it. The above config >>>>>>> file >>>>>>> was located at the Greg_Home/repository/conf. >>>>>>> >>>>>>> 2) The light weight API manager component will reside at the Greg. >>>>>>> The flow of request goes as below, >>>>>>> >>>>>>> Rest Client request-----> Request filter/Some filter mechanism >>>>>>> ------>light weight APIM ------> Registry REST API ---->Response back to >>>>>>> Client. >>>>>>> >>>>>>> The above path will be executed if the APIM enabled property set to >>>>>>> true at the config file...! >>>>>>> >>>>>>> Otherwise it request filter assumes that the request should be >>>>>>> processed without APIM. Request filter executes the OAuth validation >>>>>>> logic >>>>>>> at the Greg REST API and proceeds to resource . Therefore the Request >>>>>>> filter will be functioning as a centralized routing element decides >>>>>>> whether >>>>>>> the request to be processed via light weight APIM comp or alone at the >>>>>>> Greg >>>>>>> REST API. >>>>>>> >>>>>>> @Lalaji and Dinusha please add anything if I miss anything. >>>>>>> >>>>>>> Thanks! >>>>>>> Ragu >>>>>>> >>>>>>> >>>>>>> On Thu, Jun 6, 2013 at 12:01 PM, Sriragu Arudsothy <srir...@wso2.com >>>>>>> > wrote: >>>>>>> >>>>>>>> Hai All, >>>>>>>> >>>>>>>> First of all, I will explain the architecture of the >>>>>>>> REST API implementation. The Registry REST API has two mode of >>>>>>>> functionality. >>>>>>>> >>>>>>>> 1) Standalone mode - >>>>>>>> >>>>>>>> Straight access to Registry REST API. This has been done and >>>>>>>> working fine. In this case Registry provide a way to generate the OAuth >>>>>>>> Access token for users to access the resources. Therefore the REST >>>>>>>> calls >>>>>>>> can be made from any REST client with an access token to access the >>>>>>>> resources. >>>>>>>> >>>>>>>> 2) With API Manager Mode - >>>>>>>> >>>>>>>> This means the access to Registry REST API with the Externally >>>>>>>> running API manager instance. In here, the admin or any responsible >>>>>>>> person >>>>>>>> will publish the REST API via API publisher. Therefore the REST API >>>>>>>> would >>>>>>>> be available for subscriber / endusers. Once the access token has been >>>>>>>> generated, user will be able to access the Registry Resources. >>>>>>>> >>>>>>>> In this mode, There are 2 ways in which I have implemented the REST >>>>>>>> API invocation process. This is explained as below. >>>>>>>> >>>>>>>> 1 >> REST client ----> API gateway(REST API published at the APIM) >>>>>>>> ---->Registry REST API ----> Registry Resource ----> Response go to >>>>>>>> REST >>>>>>>> client. >>>>>>>> >>>>>>>> The above implementation works fine. >>>>>>>> >>>>>>>> 2 >> REST Client -----> Registry REST API ----> Call the REST >>>>>>>> endpoint at the APIM ----> return call from APIM to Registry REST API >>>>>>>> ----> >>>>>>>> Registry Resource ----> Response back to REST client. >>>>>>>> >>>>>>>> The above approach, I have the an issue to pass the payload from >>>>>>>> Registry REST API to APIM. I have designed the REST API in CXF/ >>>>>>>> JAx-Rs. The >>>>>>>> apache CXF Jax-Rs implementation provide a Request Handler which is an >>>>>>>> interceptor for the incoming requests. Therefore any request made from >>>>>>>> REST >>>>>>>> client to Registry REST API will hit the Request Handler First. >>>>>>>> >>>>>>>> Therefore, when the request go to the handler, it will check >>>>>>>> whether the request comes from APIM or Straight from the Client. If it >>>>>>>> comes from the client it will call the REST API endpoint at the APIM >>>>>>>> via an >>>>>>>> apache HttpClient. Therefore when I call it, I have to extract the >>>>>>>> access >>>>>>>> token, queryParam, payload..etc from REST client's request and add it >>>>>>>> to >>>>>>>> the request given to APIM. But I am able to extract the access token, >>>>>>>> queryparam and add it to HttpMethod and call the APIM. Request Handler >>>>>>>> seems that does not have a way to extract the payload ( POST/PUT). >>>>>>>> Therefore unable to pass the payload to the REGISTRY REST API. That is >>>>>>>> why >>>>>>>> GET and DELETE requests are working fine in the second approach since >>>>>>>> those >>>>>>>> do not require the payload. BUT POST/PUT requests fail to proceed. >>>>>>>> >>>>>>>> >>>>>>>> Therefore The CXF JAX-RS Request Handler has both the Standalone >>>>>>>> Mode and APIM mode execution. Therefore the standalone mode is working >>>>>>>> fine. But Which approach to be selected regarding the APIM mode to put >>>>>>>> it >>>>>>>> in the request handler class. Since there is an issue in Approach 2 @ >>>>>>>> APIM >>>>>>>> mode, It went to approach 1. According to the approach 1 the code will >>>>>>>> be >>>>>>>> cleaner than approach 2. >>>>>>>> >>>>>>>> *According to Approach 1 @APIM mode the example Request URL will >>>>>>>> be,* >>>>>>>> >>>>>>>> http://{ipaddress}:8280/{REST API context >>>>>>>> @APIM}/{version}/comments?path=/sample.xml. >>>>>>>> >>>>>>>> *in Standalone mode: >>>>>>>> * >>>>>>>> http:{IP address}:{greg http port}/{rest api context @ >>>>>>>> greg}/comments?path=/sample.xml. >>>>>>>> >>>>>>>> >>>>>>>> The APIM team already given their words to derive an integrate able >>>>>>>> APIM solution for other WSO2 products. Meanwhile we heard that APIM >>>>>>>> team >>>>>>>> working on that too. >>>>>>>> >>>>>>>> Few days ago, Had a chat with APIM guys, They said that API >>>>>>>> publisher and API store will be there as it is. Therefore whoever >>>>>>>> wants to >>>>>>>> publish an API have login to the API publisher and publish an API. >>>>>>>> This can >>>>>>>> not be done automatically during the server starts up. >>>>>>>> >>>>>>>> This is all about the integration part of REST API with API >>>>>>>> Manager. @APIM please let us know the current stage of your solution. >>>>>>>> >>>>>>>> Thanks! >>>>>>>> Ragu >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Dinusha Dilrukshi >>>>>> Senior Software Engineer >>>>>> WSO2 Inc.: http://wso2.com/ >>>>>> Mobile: +94725255071 >>>>>> Blog: http://dinushasblog.blogspot.com/ >>>>>> >>>>>> _______________________________________________ >>>>>> Architecture mailing list >>>>>> architect...@wso2.org >>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> * >>>>> * >>>>> *Sanjeewa Malalgoda* >>>>> WSO2 Inc. >>>>> Mobile : +94713068779 >>>>> >>>>> <http://sanjeewamalalgoda.blogspot.com/>blog >>>>> :http://sanjeewamalalgoda.blogspot.com/<http://sanjeewamalalgoda.blogspot.com/> >>>>> >>>>> >>>>> >>>> >>> >> > > > -- > Dinusha Dilrukshi > Senior Software Engineer > WSO2 Inc.: http://wso2.com/ > Mobile: +94725255071 > Blog: http://dinushasblog.blogspot.com/ >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev