Skip to main content

Dig in to generated API Template from WSO2 API Manager

As the starting blog-post for 2013,I thought of summarizing about the implementation of key features of WSO2 API Manager as security,throttling,monitoring aspects by explaining a bit of API template.In WSO2 API Manager,once a API creator create the API from publisher app UI and change its status as 'PUBLISHED' ,a template xml for that API will be generated with its input attributes of name,version,context,endpoint,etc.

You can find that generated template from '{AM_Home}/repository/deployment/server/synapse-configs/default/api'.Below is such a generated sample API template.

When you observe that API,you'll notice for each API resource there's a separate in sequence and an out sequence created.And additionally apart from the input data added by the creator,you'll notice for an API ,four handlers have been engaged to each published API.



Each of the above handlers contain the implementation of key providing features of WSO2 API Manager.You can find each of the implementations of these handlers from  here.
An API Handler provides QoS features like security,throttling,monitoring for an API.
If I explained a bit of each of these;

  1. APIAuthenticationHandler -This provides the API Authentication support with OAuth2.0.All the API resource level authentication schemes handling through this handler.
  2. APIMgtUsageHandler- This provides API monitoring support with WSO2 BAM integration.
  3. APIMgtGoogleAnalyticsTrackingHandler-This provides API monitoring support with Google Analytics support.
  4. APIThrottleHandler-This provides API throttling handling support with pre-defined throttling policies.
  5. APIManagerExtentionHandler-This is a extention handler,looking for a in/out sequence with a pre-defined name pattern to be invoked if exits such named sequence.This handler first looks for a sequence named WSO2AM--Ext--[Dir], where [Dir] could be either In or Out, depending on the direction of the message. If such a sequence is found, it is invoked.Additionally below more API specific extension sequence is  also looked up by using the name pattern apiName--[Dir]. If such an API specific sequence is found, that is also invoked. The above searching sequences can be in global level or at the per API level.
Same-way,if you want to add a custom feature to support from API level,you can achieve it by writing a custom handler and engage it to the generated API template.To write such a custom handler ,you can find more information from here.
When an API invocation request comes to API Manager,first the request will process through the engaged handlers of the API element in sequential order.And if the request pass through each security,monitoring, throttling handling layers,it will direct to the relevant API resource.



Comments

Post a Comment

Popular posts from this blog

Convert an InputStream to XML

For that we can use DocumentBuilder class in java. By using the method parse(InputStream) ; A new DOM Document object will return. InputStream input; DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); DocumentBuilder parser = factory.newDocumentBuilder(); Document dc= parser.parse(input); In the above code segment,by using the created Document object,the corresponding XML file for the inputStream can be accessed. References: http://www.w3schools.com/dom/dom_intro.asp http:// download.oracle.com/javase/1.4.2/docs/api/javax/xml/parsers/DocumentBuilder.html
2 comments
Read more

Concat two xml values with XSLT

The use-case described in this blog-post,is there's an WSO2 ESB node setup to proxy an incoming message to a particular back-end endpoint.  Before delivering the message to the back-end endpoint,from the ESB node itself,this incoming message need to processed and change its inside xml payload format. For eg: Below is the incoming message <?xml version="1.0" encoding="UTF-8"?> <CinemaHall name="liberty"> <OwnerData> <Name>John Smith</Name> <openedDate>12/12/80</openedDate> <quality>good</quality> </OwnerData> <CinemaHallData> <rows>100</rows> <seats> <seat>50</seat> <seat>60</seat> </seats> </CinemaHallData> </CinemaHall> This message need to be changed as  below; <?xml version="1.0" encoding="UTF-8"?> <CinemaHall name="liberty"...
3 comments
Read more

Passing end-user details from client to real backend endpoint via JWT token

In real-world business system,WSO2 API Manager useful on exposing company APIs, in a secured and controlled manner with the features provided by APIManager as; OAuth support [To secure API invocations] Throttling support [To control API invocations] Monitoring support [To track API usage] More technically what happening is when a user sends a particular API request,it will goes to WSO2 APIManager node and from there,the request will route to the real implemented back-end endpoint of the particular API and get back the response and returned it to the API invoked user. There can be a use-case,that this back-end endpoint may expect the details of API invoked user as to pass those details to some internal company usage  as; Additional authentication/authorization Track usage data from an internal system. So how to support above requirement from WSO2 AM. There comes the use of JSON Web Token[JWT] implementation done inside WSO2 AM. JWT is a means of representing claims to...
7 comments
Read more