Skip to main content

Posts

Showing posts from 2014

Design,Implement and Manage a RESTful API with WSO2 API Manager

A proper API has to be intuitive,well documented,consistent  and wrap with security and analytics support.This is where the importance of WSO2 API Manager product comes. WSO2 API Manager is a complete solution to design,implement and manage APIs. It comes with an out of the box  API Publisher  which allows to design the API  properly and convert it to a managed API.API Publisher is the main entry point,which is a web application in which an API developer will starts developing his API and expose it to public. Basically API Publisher provide capabilities to cover the three API phases of design,implement and manage. Design phase- The phase in which API creator is planning and designing the API with defining the set of API resources exposed from the API. Implement phase- The phase in which API creator try to deploy the API and test it as a Prototyped API to check the designed API is working as expected.Additionally API creator can connect with back-end implemen

WSO2 API Manager- Extended Mediation Capabilities on APIs -Part1

After a while,thought to write a blog-post about how we can use extended mediation capabilities with the published APIs from WSO2 APIManager. Requiremen t- A back-end  endpoint with returning xml content need to wrap with an API from WSO2 APIManager to give additional security,throttling and monitoring capabilities for it. For this blog-post,as the back-end endpoint,I have used the sample JAX-RS based web-app which can be found from here ,deployed in WSO2 AS 5.2.1.You can try downloading WSO2 AS 5.2.1 and try deploying this web-app as instructed in here.I have started AS with port offset 2.Thus the deployed jax-rs web-app url is http://localhost:9765/Order-1.0/ This jax-rs web app supports following HTTP verbs with the url-patterns; POST  /submitOrder    Input & Output content-type : text/xml Input Payload : <Order> <customerName>Jack</customerName> <quantity>5</quantity> <creditCardNumber>233</cre dit

[WSO2 AM] APIStore User Signup as an approval process

In previous versions of WSO2 APIManager before 1.6.0, it was allowed any user who's accessible the running APIStore come and register to the app.But there will be requirement like,without allowing any user to signup by him/her self alone,first get an approve by a privileged user and then allow to complete app registration.Same requirement can be apply to application creation and subscription creation as well.To fulfill that,we have introduced workflow extension support for  WSO2 APIManager  and you can find the introductory post on this feature from my previous blog post on " workflow-extentions-with-wso2-am-160 " . From this blog-post,I'll explain how to achieve simple workflow integration with default shipped resources with  WSO2 APIManager 1.6.0 and WSO2 Business Process Server 3.1.0 with targeting "user-signup" process. Steps First download the WSO2 APIManager 1.6.0[AM] binary pack from product download page . Extract it and navigate to

Exchanging SAML2 bearer tokens with OAuth2 tokens in WSO2 API Manager

To get access to a a managed API of WSO2 API Manager,a user has to pass an oauth token.From APIM 1.5.0 onwards a user can exchange his SAML2 token to obtain an OAuth2 token.This feature will be useful,in the following use-case : Most of enterprise applications use SAML2 to engage a third-party identity provider to grant access to systems that are only authenticated against the enterprise application. These enterprise applications might need to consume OAuth-protected resources through APIs, after validating them against an OAuth2.0 authentication server. However, an enterprise application that already has a working SAML2.0 based Single Sign On infrastructure between itself and the IDP prefers to use the existing trust relationship, even if the OAuth authorization server is entirely different from the IDP. The SAML2 Bearer Assertion Profile for OAuth2.0 helps leverage this existing trust relationship by presenting the SAML2.0 token to the authorization server and exchanging it to an