Skip to main content

WSO2 API Manager features integration with Governance Center of WSO2 Governance Registry 5.0.0


For past five months I was involved with the team effort of integrating APIM capabilities to the governance center which is released as WSO2 Governance Registry (GReg) product 5.0.0.Let's get into more details on the topic.

WSO2 Governance Registry 5.0.0

WSO2 GReg product is a fully open source SOA integrated repository for storing and managing metadata related to service artifacts.In other words,it's a repository to store metadata like policies, wsdls, wadls,swagger definitions related to SOAP/REST services and store SOAP/REST services themselves. Each of these metadata models can be called as an asset type.Such that GReg can be introduced as a repository to keep different asset types as wsdl,wadl,policy,soap service,rest service.Additionally a user can configure and extend GReg to add their customized metadata models via adding "configurable governance artifacts" option(rxt) which is described in here.

In previous GReg releases [before 5.0.0 version],to govern the above mentioned metadata models[asset types],only option was to use the management console UI shipped with GReg.But it was lacking of rich UI interface and value added UI features like showing associations/dependencies among assets,add user reviews and many other UI features.Thus having a rich user friendly governance center integrated with GReg was raised by many users.And now WSO2 GReg 5.0.0 has released  to public with providing this feature.

Governance Center

Conceptually a governance center means a common place for a user to govern multiple assets [metadata models] with managing its life-cycle,associations with other assets,providing a social view and many more features as explained in here.With the aid of WSO2 in-premise asset management product WSO2 Enterprise Store[ES],the governance center has been implemented with keeping two web apps as publisher and store.The publisher (Back-office) will act as the central UI place where a user navigate and manage assets throughout their life-cycles with versioning support. The store [store-front] will act the central portal available for users to discover different asset types with facilitating social interactions.

APIM features integration with Governance Center of GReg 5.0.0

WSO2 API Manager is fully focused on API asset type by covering all its aspects as governing its lifecycle from API creation point and managing its run time usage via applications.Such that since API is also an asset type and there's already an use-case of GReg as ability to promote GReg stored services as APIs,isn't it a good use-case to integrate API asset-governance part also into the GReg in-built governance center?This is the exact requirement came from few GReg users and its what we have achieved with APIM features integrated with governance center of GReg 5.0.0. Now a user can integrate API asset to GReg governance center by installing APIM features and use the publisher and store apps of gc [governance center] to govern API life-cycle and manage its subscriptions with app developer audience as well.This integration comes in -handy when a user start with storing a SOAP/REST web service in GReg and promote it to an API via its lifecycle. Then to manage the promoted API,he can use same governance center UI without pointing to external API Manager instance.

Architecture -APIM features integration with Governance Center of GReg 5.0.0

Following diagram shows the designed deployment with the APIM features integration on GReg 5.0.0. From a general APIM distributed setup,what differentiate on below deployment is instead of keeping separate APIM instances as publisher and store,we have used GReg instances.In this way,there will be a common publisher and store for all the assets including API,wsdl,wadl,soap/rest service,policy,etc. Still APIM instances will be use as the gateway and keymanager nodes.

We have completed revamping existing APIM publisher/store UIs built on older jaggery version to be new UIs built on-top of enterprise store with using latest technologies as caramal framework [in-built javascript MVC framework in wso2], javascript, jquery and handlebar templating support. We have written this APIM publisher/store UI parts as Enterprise store extensions.To integrate with GReg,we have shipped this newly written es extensions to API publisher and store as separate carbon features.Thus if a user need these,he can install the required APIM publisher,store extension features on top of GReg 5.0.0. 


 The steps on how to configure the above deployment can be find from https://svn.wso2.org/repos/wso2/scratch/apim/release-2.0.0/final/APIM-2.0.0FeaturesInstallationGuideonGReg5.0.0.pdf 


Sample Screenshots for APIM publisher/store new UIs done on top of WSO2 ES and installed into GReg 5.0.0.
                              
API design wizard


API implementation wizard

API Manage wizard

API Overview

API Lifecycle View

Store Listing View

Store API Browse View

Swagger Console

Store-Subscriptions View

Comments

Popular posts from this blog

Convert an InputStream to XML

For that we can use DocumentBuilder class in java. By using the method parse(InputStream) ; A new DOM Document object will return. InputStream input; DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); DocumentBuilder parser = factory.newDocumentBuilder(); Document dc= parser.parse(input); In the above code segment,by using the created Document object,the corresponding XML file for the inputStream can be accessed. References: http://www.w3schools.com/dom/dom_intro.asp http:// download.oracle.com/javase/1.4.2/docs/api/javax/xml/parsers/DocumentBuilder.html

CORS support from WSO2 API Manager 2.0.0

Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources  on a web page to be requested from another domain outside the domain from which the first restricted resource was served. For example, an HTML page of a web application served from http://domain-a.com makes an <img src >  request for a different domain as 'domain-b.com' to get an image via an API request.  For security reasons, browsers restrict cross-origin HTTP requests initiated from within scripts as in above example and only allows to make HTTP requests to its own domain. To avoid this limitation modern browsers have been used CORS standard to allow cross domain requests. Modern browsers use CORS in an API container - such as  XMLHttpRequest  or Fetch - to mitigate risks of cross-origin HTTP requests.Thing to  note is it's not only sufficient that the browsers handle client side of cross-origin sharing,but also the servers from which these resources getting need to handl

[WSO2 AM] APIStore User Signup as an approval process

In previous versions of WSO2 APIManager before 1.6.0, it was allowed any user who's accessible the running APIStore come and register to the app.But there will be requirement like,without allowing any user to signup by him/her self alone,first get an approve by a privileged user and then allow to complete app registration.Same requirement can be apply to application creation and subscription creation as well.To fulfill that,we have introduced workflow extension support for  WSO2 APIManager  and you can find the introductory post on this feature from my previous blog post on " workflow-extentions-with-wso2-am-160 " . From this blog-post,I'll explain how to achieve simple workflow integration with default shipped resources with  WSO2 APIManager 1.6.0 and WSO2 Business Process Server 3.1.0 with targeting "user-signup" process. Steps First download the WSO2 APIManager 1.6.0[AM] binary pack from product download page . Extract it and navigate to