Yes, When the end user using APIs from the Application server the integrated gateway will take care of authorization. It will only use the key manager of API Manager to validate.
On Wed, Sep 21, 2016 at 3:04 PM, Nuwan Dias <nuw...@wso2.com> wrote: > But in that case the Gateway component in the API Manager is not required > isn't it? > > On Wed, Sep 21, 2016 at 2:37 PM, Senthalan Kanagalingam < > sentha...@wso2.com> wrote: > >> Hi Ajanthan, >> >> The integrated API gateway is doing only the OAuth authorization. But the >> idea of the integrated API gateway is to provide API Management >> capabilities without another network hop. >> >> Thanks and regards, >> Senthalan >> >> On Tue, Sep 20, 2016 at 11:36 PM, Ajanthan Balachandran < >> ajant...@wso2.com> wrote: >> >>> What is the value of using integrated API gateway instead of the APIM >>> gateway ? >>> Is the Integrated API gateway doing more than OAuth authorization (Eg: >>> throttling)? >>> >>> On Mon, Sep 19, 2016 at 1:47 AM, Senthalan Kanagalingam < >>> sentha...@wso2.com> wrote: >>> >>>> Hi Ayyoob, >>>> >>>> Thanks for your feedback. >>>> >>>> We have a working PoC[1] for API Scanner and Creator. I will go >>>> through this extension and try to improve my implementation. >>>> For the Gateway part we have planed to use tomcat valve. But we can >>>> look into the possible options and come with a better solution. >>>> >>>> We are using reflections[2] library to scan annotation. This library >>>> provide facility to scan custom annotations, param annotations and return >>>> type. So creating documentation can be supported. >>>> >>>> [1] https://github.com/senthalan/product-as/tree/api-everywhere-as >>>> [2] https://github.com/ronmamo/reflections >>>> >>>> Thanks and regards >>>> K.Senthalan >>>> >>>> On Thu, Sep 15, 2016 at 12:51 AM, Ayyoob Hamza <ayy...@wso2.com> wrote: >>>> >>>>> Hi Senthalan, >>>>> >>>>> We currently have this capability in EMM/IoTS. However API creator >>>>> part is tightly coupled with api manager features. >>>>> >>>>> [1] API Scanner and Creator : https://github.com/wso2/carb >>>>> on-device-mgt/tree/master/components/apimgt-extensions/org.w >>>>> so2.carbon.apimgt.webapp.publisher >>>>> [2] Gateway: This either can use api manager gateway and do a JWT >>>>> validation or Use the tomcat valve and do the authorization as you >>>>> described - https://github.com/wso2/carbon >>>>> -device-mgt/tree/master/components/webapp-authenticator-fram >>>>> ework/org.wso2.carbon.webapp.authenticator.framework. >>>>> >>>>> Just wanted to add some other features that we can support as a future >>>>> requirement is to support swagger annotation. Which is to read and publish >>>>> along with the api. This way we could create the documentation in store. >>>>> >>>>> Thanks, >>>>> Ayyoob >>>>> >>>>> *Ayyoob Hamza* >>>>> *Software Engineer* >>>>> WSO2 Inc.; http://wso2.com >>>>> email: ayy...@wso2.com cell: +94 77 1681010 <%2B94%2077%207779495> >>>>> >>>>> On Thu, Sep 8, 2016 at 12:20 PM, Senthalan Kanagalingam < >>>>> sentha...@wso2.com> wrote: >>>>> >>>>>> Hi all, >>>>>> >>>>>> Publishing APIs into APIM from Tomcat based AS 6.0 - Architecture >>>>>> >>>>>> The idea of the above is to automatically create APIs from the >>>>>> deployed web apps in AS and publish them into the API Publisher. >>>>>> Publishing >>>>>> APIs automatically makes it easier for webapp developers on Tomcat to use >>>>>> APIM easier. Right now, the users has to manually create Managed APIs for >>>>>> their REST-ful web apps. >>>>>> >>>>>> As part of this effort, the API gateway will be included within >>>>>> Tomcat based AS itself. This is used to validate whether the request from >>>>>> that end user have permission to access that API. So the AS will have an >>>>>> integrated API gateway to validate. >>>>>> >>>>>> The api everywhere for AS 6.0 have 3 main components, >>>>>> >>>>>> 1. >>>>>> >>>>>> API Scanner >>>>>> 2. >>>>>> >>>>>> API Creator >>>>>> 3. >>>>>> >>>>>> Integrated API gateway >>>>>> >>>>>> >>>>>> API Scanner component will scan the deployed web app and create APIs. >>>>>> In web app deployment time the API scanner will scan the annotations and >>>>>> configurations and generate APIs and API informations. >>>>>> >>>>>> API Creator will publish the APIs into API Publisher. For that user >>>>>> have to provide the “clientId” and “clientSecret” of OAuth 2.0. Access >>>>>> token will be request from the APIM Key manager. Then using that access >>>>>> token the generated APIs will be published into APIM. The API will be in >>>>>> the “CREATED” state, the webapp developers can edit and publish as their >>>>>> wish. API Creator will be a running on new thread to reduce the web app >>>>>> startup time. >>>>>> >>>>>> Integrated API gateway will intercept the request into AS. The access >>>>>> token of the request will be validated with APIM key manager. If the >>>>>> token >>>>>> have the right to access the web app, the request will be passed or >>>>>> otherwise an exception will be thrown to the end user. >>>>>> >>>>>> >>>>>> Until now implementation of API Scanner and API Creator are completed >>>>>> and working PoC is available. >>>>>> >>>>>> We have to decide which information we are going to publish into the >>>>>> API publisher. There are some items like tags, business information and >>>>>> etc >>>>>> which are not compulsory when creating APIs. >>>>>> >>>>>> >>>>>> [image: Inline image 1] >>>>>> >>>>>> -- >>>>>> K.Senthalan, >>>>>> Software Engineering Intern, >>>>>> WSO2 Inc. >>>>>> Tel: +94771877466 >>>>>> Email: senthalank...@cse.mrt.ac.lk >>>>>> >>>>>> _______________________________________________ >>>>>> Architecture mailing list >>>>>> Architecture@wso2.org >>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>> >>>>>> >>>>> >>>>> _______________________________________________ >>>>> Architecture mailing list >>>>> Architecture@wso2.org >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>>> >>>> >>>> >>>> -- >>>> K.Senthalan, >>>> Software Engineering Intern, >>>> WSO2 Inc. >>>> Tel: +94771877466 >>>> Email: senthalank...@cse.mrt.ac.lk >>>> >>>> _______________________________________________ >>>> Architecture mailing list >>>> Architecture@wso2.org >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>> >>>> >>> >>> >>> -- >>> >>> Ajanthan >>> Software Engineer; >>> WSO2, Inc.; http://wso2.com/ >>> >>> email: ajanthan <http://goog_595075977>@wso2.com; cell: +1 425 919 8630 >>> blog: http://bkayts.blogspot.com/ >>> >>> Lean . Enterprise . Middleware >>> >>> _______________________________________________ >>> Architecture mailing list >>> Architecture@wso2.org >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> K.Senthalan, >> Software Engineering Intern, >> WSO2 Inc. >> Tel: +94771877466 >> Email: senthalank...@cse.mrt.ac.lk >> >> _______________________________________________ >> Architecture mailing list >> Architecture@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Nuwan Dias > > Software Architect - WSO2, Inc. http://wso2.com > email : nuw...@wso2.com > Phone : +94 777 775 729 > > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- K.Senthalan, Software Engineering Intern, WSO2 Inc. Tel: +94771877466 Email: senthalank...@cse.mrt.ac.lk
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
