In WSO2 API Manager AND ESB integration we can get JWT properties set my API manager from ESB side. ref http://wso2.com/library/articles/2013/07/use-of-json-web-tokens-in-an-api-fa%C3%A7ade-pattern/
But I wonder how to set custom JWT properties inside API manager. I am using API manager 1.7.0 version.
Thanks
Article [1] explains how you can make use of the JWT generator extension point to write your own custom JWT generator logic to include the custom JWT properties. However, this seems to be applicable for API Manager 1.8.0 and above.
You can find details on how to achieve the same in [2] applicable for API Manager 1.10.0 which the latest released version.
Going through the 1.7.0 documentation I couldn't find such extension points.
[1] http://wso2.com/library/articles/2014/12/customize-json-web-token-generation-with-wso2-api-manager-1.8.0/
[2] https://docs.wso2.com/display/AM1100/Passing+Enduser+Attributes+to+the+Backend+Using+JWT#PassingEnduserAttributestotheBackendUsingJWT-CustomizetheJWTgeneration
Update:
For API Manager 1.7.0 you can write a custom claims retriever to achieve what you want, Here's how to do it,
You need to write a custom claim retriever implementing ClaimsRetriever interface [3]
Add the full qualified class name of the claim retriever you implemented to api-manager.xml[4] in $APIM_HOME/respository/conf
you can add it to,
org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever section of the api-manager.xml
The blog [5] explains how to implement the ClaimsRetriever interface with sample code which would be useful to you.
[3] https://svn.wso2.org/repos/wso2/carbon/platform/trunk/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/token/ClaimsRetriever.java
[4] https://svn.wso2.com/wso2/custom/projects/projects/carbon/turing/platform/trunk/products/apimgt/1.7.0/config/api-manager.xml
[5] http://sanjeewamalalgoda.blogspot.com/2014/12/how-to-implement-custom-jwt-generator.html
Related
I would like to implement automatic rules of API Goverment in a WSO2 API Manager platform like, for example, validating context with a regular expresion, or version numbering or API name or API resources endpoint naming or parameters, etc.
I checked in version 2.6.0 (and previous versions of major 2) that it can be done in jaggery apps of publisher, but this is a mix of data and presentation (view structure with js and html) and it is not a clear and right way to implement it.
Is there any rules engine or other dedicated mechanism to do it? If not, is it in the roadmap of WSO2 AM to add this kind of features? It would be great.
APIM 3.x onwards UIs are implemented using react and backend services are exposed via REST APIs. SO from this version onwards, this is clearly separated. UI level validations can be changed in the React and if there are any additional validations required, REST API interceptors or workflow interceptors can be used to enforce any validations.
We would like to leverage the WSO2 Test Automation Framework(TAF) to test APIs on WSO2 API 1.7
However since the WSO2 TAF is not a binary distribution and requires to be build from source the svn link available in the document points to the repository which has only one version of API Manager available which is 1.4(https://svn.wso2.org/repos/wso2/carbon/platform/trunk/products/apimgt)
The documentation is not quite straight forward when it comes to TAF, Would like to know if there is some other repository we should be looking at
to test API 1.7?
Can someone also comment on usage of WSO2 TAF for testing APIs created using API Mgmt. I am getting a feeling that the WSO2 TAF is purely meant for product testing only?
The svn location for the 1.7.0 is available at [1]. The integration tests on
[2].
The WSO2 Test Automation Framework is a maven based module which enable users to write tests using automation framework as a test engine and common utility provider which needs to write tests based on wso2 carbon products.
You can get a understanding of WSO2 Test automation framework in [3]. And you can get idea on common usage and basic steps to write a test can be get by [4], Test configuration and execution details can be found in [5].
Hope this will help you to setup a basic test suite using wso2 TAF
[1]. https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/products/apimgt/1.7.0/
[2].https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/products/apimgt/1.7.0/modules/integration/
[3]. http://wso2.com/library/articles/2014/03/platform-wide-test-automation-with-wso2-test-automation-framework/
[4]. http://wso2.com/library/articles/2014/06/introducing-automated-tests-for-wso2-products/
[5]. http://wso2.com/library/articles/2014/03/platform-test-automation-using-wso2-test-automation-framework/
Thank You,
Dharshana
I need to create a API in wos2am and its httpmethod is PATCH.
How can I let wso2am to support PATCH? or do I need to add some custom features?
Currently the API Manager does not support the Patch method. There is a plan to support it in future, but I cannot tell a release timeline. It should be first supported by the underlying Synapse.
APIM manager uses synapse as is underlying mediation engine which currently supports OPTIONS,GET, POST, PUT, DELETE..
WSO2 API manager has 4 components
API Gateway
API Publisher
API Store
API Key Manager Server
I would like to run each of these components on separate boxes. While doing so on box where I have API Publisher component I want to remove other 3 components from the api manager so on with other components. By this I would like to achieve that only 1 component exists at run time of each instance of wso2 api manger.
I would like to know how can we remove each of these components from wso2 api manager?
You can remove the relevant features from the product via Carbon Feature Management (Or you can add necessary features as well).
You can find more information regarding how to uninstall a particular feature here.
You can also find more information regarding feature management for WSO2 Carbon products here.
HTH,
Lasantha
To add to Lasantha's answer, this article describes how these 4 components can be deployed separately in a cluster with an ELB.
Installing High Level components is supported from API Manager 1.5.0 onwards. If you want to start API Manager as one of the components, that can be achieved by starting as a server profile. You can find more information here.
The carbon registry seems to have multiple purposes in the WSO2 carbon platform. It would be useful to understand the high level use cases that the registry is used for. Here are some that I can think of:
Storing internal WSO2 product configuration for clustering, etc
Storing configuration data for shaing between custom applications or services
As a content repository for WSO2 governance server, e.g. for wsdls, documents, etc
Are these use cases correct?
Are there any more use cases?
Is it appropriate to think of the carbon registry as providing similar functionality to windows registry but it is also accessible remotely?
i think you should be able to read up all the features and use cases here [1]. i hope this is what you are looking for check out the faqs here [2]. and take an look at the Enterprise Use Case Webinar here[3].
[1] http://wso2.com/products/governance-registry/
[2] http://wso2.org/library/articles/faqs-governance-service
[3] http://wso2.org/library/webinars/2012/08/enterprise-use-case-webinar-application-governance-wso2-governance-registry
Edit:
Yes the use cases that you have mentioned are valid and cover most of the use cases of WSO2 Greg with other WSO2 products below some i think you missed but this may not be all the use cases
Handling life cycles management
Integrating with BAM to achieve monitoring related use cases [4]
Integrating with API Manager to handle API's [5]
Deployment synchroniser for dynamic configurations in clustering - will be available in future releases in addition to the exiting svn based model
[4] http://docs.wso2.org/wiki/display/Governance450/Business+Activity+Monitor
[5] http://docs.wso2.org/wiki/display/Governance450/API+Manager