tag:blogger.com,1999:blog-71331803900322689322024-02-07T14:00:30.707-08:00Len DiMaggio's (mostly) Software Testing WeblogLen DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.comBlogger133125tag:blogger.com,1999:blog-7133180390032268932.post-9711227947988697942020-02-11T12:02:00.002-08:002020-02-11T12:02:35.646-08:00Proud to be published again at OpenSource.comA very topical subject suggested by a co-worker and former/future boss - the need to manage a combination of standardization and innovation:<br />
<br />
<a href="https://opensource.com/open-organization/20/2/standardization-versus-innovation">https://opensource.com/open-organization/20/2/standardization-versus-innovation</a>Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-22827706363615771052019-12-20T10:00:00.000-08:002019-12-20T10:00:26.765-08:00First Posts at the Red Hat Developer Blog!Very happy to finish off the year with two new posts published at the Red Hat Developer blog!<br />
<br />
<a href="https://developers.redhat.com/blog/2019/12/19/introducing-the-service-binding-operator">https://developers.redhat.com/blog/2019/12/19/introducing-the-service-binding-operator</a><br />
<div>
<br /></div>
<div>
<a href="https://developers.redhat.com/blog/2019/12/20/service-binding-operator-the-operator-in-action">https://developers.redhat.com/blog/2019/12/20/service-binding-operator-the-operator-in-action</a></div>
<div>
<br /></div>
<div>
<br /></div>
Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-14363594828860583382019-10-29T18:54:00.000-07:002019-10-29T18:55:25.249-07:00Another post at OpenSource.com!The second (and final) installment in the series of posts regarding influence in the open source world was just published!<br />
<br />
<a href="https://opensource.com/open-organization/19/10/how-to-influence-open-community">https://opensource.com/open-organization/19/10/how-to-influence-open-community</a>Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-55009994017305943482019-10-01T10:13:00.001-07:002019-10-01T10:13:34.126-07:00First post at Opensource.com!Very happy to announce that my first post at Opensource.com was just published!<br />
<br />
<a href="https://opensource.com/open-organization/19/10/gaining-influence-open-community">https://opensource.com/open-organization/19/10/gaining-influence-open-community</a><br />
<br />
This is the first installment of a 2-part series!<br />
<br />
<br />Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-14218807152567781592019-08-07T05:39:00.003-07:002019-12-20T10:16:47.105-08:00Midsummer Thoughts on the Fun of Coding, Obvious Secrets, and Whether Plumbers Plumb on Vacation<div dir="ltr" id="docs-internal-guid-3602d5ef-7fff-fda6-b69a-7abaac669b68" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div style="font-stretch: normal; line-height: normal;">
<span style="font-family: inherit; font-kerning: none;">A recent documentary shown on american television (<a href="https://www.golf-films.com/hogan"><span style="-webkit-font-kerning: none; color: #1255cc;">https://www.golf-films.com/hogan</span></a>) told the story of the life of Ben Hogan, the greatest golfer of the 1950’s. Hogan is a fascinating person, not only for his success as a professional athlete, but his overcoming personal tragedy. His father committed suicide when he was a child. Years later, as an adult, when he reached the pinnacle of his sport, he was nearly killed in a head-on collision between the car he was driving and a bus. After multiple surgeries and months of recovery, he was once again able to become the top athlete in the world for his sport. He became so proficient, in fact, that he was rumored to have found “the secret.” </span></div>
<div style="font-stretch: normal; line-height: normal; min-height: 14px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<div style="font-stretch: normal; line-height: normal;">
<span style="font-family: inherit;"><span style="font-kerning: none;">Every athlete searches for the secret to better performance, but in reality, “the secret” usually comes down to a combination of talent, hard work, and perseverance. In Hogan’s case, it was definitely a combination of the second and third of these factors. To a great degree, he invented modern practice where repetition in practice was the key to success performance under pressure. It has been an obsession lasting decades to try to discover Hogan’s secret. The answer may have been obvious. If he had a true secret, it was hard work coupled with the fact that he actually </span><span style="font-kerning: none; text-decoration: underline;">enjoyed</span><span style="font-kerning: none;"> practice. It was never work or drudgery to him. For him, practice was actually fun.</span></span></div>
<div style="font-stretch: normal; line-height: normal; min-height: 14px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<div style="font-stretch: normal; line-height: normal;">
<span style="font-family: inherit; font-kerning: none;">But, what does this have to do with software engineering? Fast forward to this week. </span></div>
<div style="font-stretch: normal; line-height: normal; min-height: 14px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<div style="font-stretch: normal; line-height: normal;">
<span style="font-family: inherit; font-kerning: none;">We had taken the family to the beach for a week of vacation. After returning from a day at the beach, everyone in the family was relaxing their own way. My wife poured herself a glass of white wine and became engrossed in FaceBook.Grandma tuned the TV to the Golf Channel and complained about the beach traffic to anyone who would listen.The kids tortured each other over a game of ping-pong And me? I put my feet up and was unwinding by downloading an open source project that I had just discovered on github. Later on, my daughter remarked to me, in her usual subtle manner, “Geesh dad, you’re always on the computer. Don’t you ever want a break? Do you think that plumbers do plumbing when they are on vacation?” She does have a point. For a lot of people after working a full day, the last thing that they want to do is to look at or work on anything job related in the evening, especially when they are on vacation. I tend to doubt that very many plumbers do a lot of plumbing when they are on vacation. </span></div>
<div style="font-stretch: normal; line-height: normal; min-height: 14px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<div style="font-stretch: normal; line-height: normal;">
<span style="font-family: inherit; font-kerning: none;">But, software engineers are different.</span></div>
<div style="font-stretch: normal; line-height: normal; min-height: 14px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<div style="font-stretch: normal; line-height: normal;">
<span style="font-family: inherit; font-kerning: none;">What is is about software and software engineering that makes us always wanting more? One reason may be that rapid changes in technology are interesting and frequently exciting. Another reason might be that given the rapid rate of change it’s important for your career to stay current with the latest developments. </span></div>
<div style="font-stretch: normal; line-height: normal; min-height: 14px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<div style="font-stretch: normal; line-height: normal;">
<span style="font-family: inherit; font-kerning: none;">These are all valid reasons, but I think that the "secret" for us, just as it was for Hogan and his practicing, is obvious, that we actually enjoy reading and writing code. </span></div>
<div style="font-stretch: normal; line-height: normal; min-height: 14px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<div style="font-stretch: normal; line-height: normal;">
<span style="font-family: inherit; font-kerning: none;">In other words, for us, it’s fun!</span></div>
<div style="font-stretch: normal; line-height: normal; min-height: 14px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<div style="font-stretch: normal; line-height: normal;">
<span style="font-family: inherit; font-kerning: none;">Part of the fun comes from the nature of software itself. When you're working with physical media such as with steel, or concrete, or beach sand, the limitations of what you can do are based on physical limitations of that media and the physical environment. In contrast, with software, you can face limitations of memory or CPU speed or environment, but you are primarily only limited by your imagination. This is what makes software engineering so rewarding, and so much fun. You are basically building virtual structures out of ideas. And, unlike physical media, you can easily tear down, redesign, and rebuild structures in software. </span></div>
<div style="font-stretch: normal; line-height: normal; min-height: 14px;">
<span style="font-family: inherit;"><span style="font-kerning: none;"></span><br /></span></div>
<div style="font-stretch: normal; line-height: normal;">
</div>
<div style="font-stretch: normal; line-height: normal;">
<span style="font-family: inherit; font-kerning: none;">Wishing everyone a fun end of the summer!</span></div>
<div>
<span style="font-kerning: none;"><br /></span></div>
</div>
Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-78523823660897014702018-12-23T20:21:00.000-08:002018-12-23T20:21:13.416-08:00Divided by (the lack of) a Common Language?<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">”Why are you bothering with tests that don’t work?” </span></div>
<b id="docs-internal-guid-53329e2a-7fff-b77c-f8dd-cad09df5c0fb" style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-family: -webkit-standard; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">I remember the incident distinctly, even though it took place several years ago at a company that no longer exists, while my team was building and testing a long forgotten product. I was reviewing a software test plan with a development team colleague as I wanted his input on the risks associated with a new feature. I described the functional tests that wanted to build for the feature, and then mentioned that we would in parallel be updating the product’s non-functional tests (such as performance and security tests) to take into account the new operation of the new feature. He looked confused and asked me,”Why are you bothering with tests that don’t work?” His question caught me off guard and when I asked him to explain, he said, “You’re talking about tests that won’t function. Why are you wasting time on those tests? They’re broken, right?”</span></div>
<b style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-family: -webkit-standard; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">At that point, I thought of George Bernard Shaw’s famous quote about the British and Americans being two peoples divided by a common language. In this case, however, the problem was two groups of people being divided by the lack of a common language. That being, the language of software testing.</span></div>
<b style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-family: -webkit-standard; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Historically, Development and QE teams have been kept separate. The separation was based on the belief that the only way to have effective and unbiased testing of a product was through having an independent testing team. One of the rationales for this separation is that testing always includes an element of “creative destruction” and that is difficult for people to act in a destructive manner toward their own work.</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">In an agile development model, this artificial separation is done away with. The walls that divided development and test engineers are torn away broken and they work together as members of the same team, where the quality of the product created is owned by every member of the team. The transition to this model from a traditional waterfall development model can, however, be difficult. The problem is that people without a QE/test background will be asked to build and run tests when they may lack hands in experience in test development beyond building unit tests. The “test guys” (that is, the QE/test engineers) can help by providing guidance and coaching, but but that coaching can difficult because people new to testing will not have a frame of reference to build upon. </span></div>
<b style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-family: -webkit-standard; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">A Shared Language - And Two “Good Reads” for Anyone Building Software Tests</span></div>
<b style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-family: -webkit-standard; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">When you work in a technical field it’s easy to become totally absorbed in the technology and forget the importance of human communication and community. What makes a community? Shared values, shared goals, shared experiences, shared literature, and a shared language for software testing.</span></div>
<b style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-family: -webkit-standard; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">It’s winter here in Boston, which makes it a great time to sit down by the fire, or at least a video of a fire, and do some reading. There are a couple of resources that anyone new to testing should read:</span></div>
<b style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-family: -webkit-standard; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">The year 2019, marks the 40th anniversary of the original release of Glenford Myers’ book, </span><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">The Art of Software Testing</span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">. It’s still my favorite software testing book. In this little book, Myers provides a practical, and very readable description of methodologies for software test design. Equivalence partitioning, boundary value analysis, it’s all there in </span><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">The Art of Software Testing</span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">.</span></div>
<b style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-family: -webkit-standard; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">In its syllabus and glossary, just updated in 2018, the </span><span style="background-color: white; color: #444444; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">International Software Testing Qualifications Board (ISTQB, </span><a href="https://www.istqb.org/" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: white; color: #1155cc; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">https://www.istqb.org</span></a><span style="background-color: white; color: #444444; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">) provides a detailed and systematic definition of software testing. Founded in 2002, the ISTQB has established standards and certifications for software testers. In their glossary and syllabus, the ISTQB </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">painstakingly describes how to design, organize, execute, and report on the results of software testing. </span></div>
<b style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); color: black; font-family: -webkit-standard; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #444444; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Building effective software tests are not just for “the test guys” anymore. In an agile model, we all own and contribute to and execute tests to improve product quality. Doing some basic research by reading </span><span style="-webkit-text-decoration-skip: none; background-color: white; color: #444444; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">The Art of Software Testing</span><span style="background-color: white; color: #444444; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> and the ISTQB </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 11pt; font-style: normal; font-variant-caps: normal; font-variant-east-asian: normal; font-variant-ligatures: normal; font-variant-position: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">syllabus and glossary would make for a very useful New Years resolution for anyone wanting to learn learn the language of software testing and to create better tests. Happy 2019!</span></div>
<br /><br />Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-2463281088365879712016-08-14T19:28:00.001-07:002016-08-20T20:08:05.196-07:00Management tip - When the Pizza is Free, Answer the Phone<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;">It all began with free pizza.</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><a href="https://commons.wikimedia.org/wiki/File:Pepperoni_pizza.jpg#/media/File:Pepperoni_pizza.jpg"><img alt="Pepperoni pizza.jpg" height="202" src="https://upload.wikimedia.org/wikipedia/commons/d/d1/Pepperoni_pizza.jpg" width="320" /></a><br />Public Domain, https://commons.wikimedia.org/w/index.php?curid=79505</span><br />
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
<span style="font-size: 14.666666666666666px; white-space: pre-wrap;"><span style="font-family: "arial" , "helvetica" , sans-serif;">Many jobs ago, when I was working for a company that coincidentally no longer exists, there was a monthly event that no one looked forward to; the monthly managers’ meeting. </span></span><br />
<b id="docs-internal-guid-460e528d-8c04-31f7-55d4-da4746eadf10" style="font-weight: normal;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="background-color: transparent; color: black; font-size: 14.666666666666666px; font-style: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">My fellow managers were, as individuals, extremely pleasant and competent people, but when they got together, group </span><span style="background-color: white; color: black; font-size: 14.666666666666666px; font-style: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">paralysis</span><span style="background-color: transparent; color: black; font-size: 14.666666666666666px; font-style: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> seemed to set in as they became collectively incapable, or even afraid, of taking independent action. </span></span></div>
<b style="font-weight: normal;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-size: 14.666666666666666px; font-style: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><span style="font-family: "arial" , "helvetica" , sans-serif;">I remember one meeting especially well as it taught me a valuable management and leadership lesson. It all involved free pizza. In an effort to improve both morale and attendance, it was decided that the monthly meetings would be scheduled during everyone’s lunch hour, and that a free pizza lunch would be provided. </span></span></div>
<b style="font-weight: normal;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-size: 14.666666666666666px; font-style: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><span style="font-family: "arial" , "helvetica" , sans-serif;">The meeting started promptly at noon, and soon settled into a familiar pattern of discussing, delaying, denying, and deferring actions to be taken. </span></span></div>
<b style="font-weight: normal;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-size: 14.666666666666666px; font-style: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><span style="font-family: "arial" , "helvetica" , sans-serif;">And then, the telephone in the conference room rang. </span></span></div>
<b style="font-weight: normal;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-size: 14.666666666666666px; font-style: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><span style="font-family: "arial" , "helvetica" , sans-serif;">The conversation stopped. Everyone stared at the telephone as it continued to ring. What could this mean? Why would someone place a telephone call into a conference room? Were we being watched? The phone continued to ring. Everyone stared at the phone, trying to will the ringing to stop.</span></span></div>
<b style="font-weight: normal;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-size: 14.666666666666666px; font-style: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><span style="font-family: "arial" , "helvetica" , sans-serif;">After a few rings, I answered the phone. “It’s the front desk. The pizza is here.” Instantly, the tension was broken. Everyone started to breathe again. </span></span></div>
<b style="font-weight: normal;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-size: 14.666666666666666px; font-style: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><span style="font-family: "arial" , "helvetica" , sans-serif;">But, after a few seconds, everyone froze again. Glances of uncertainty were exchanged. Everyone in the room shared the same thought, “What should we do now?” After a few more seconds of deafening silence, I stood up and addressed the team, as they sat frozen in their chairs and said, “I’ll go downstairs and get the pizza.”</span></span></div>
<b style="font-weight: normal;"><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-size: 14.666666666666666px; font-style: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><span style="font-family: "arial" , "helvetica" , sans-serif;">OK, I may be exaggerating for dramatic effect, but I really did see this happen. It’s easy to dismiss this silly little story as a silly little story, but I think that there’s more to it. Individuals, small groups, and large institutions often create their own inertia. It’s the responsibility of team leaders and managers to recognize when forward progress is stalled and change the team’s inertia by removing obstacles. This may require shifting resources from one task to another, or it may require adjusting the relative priorities of task assignments, or it may require simply answering the phone and picking up free pizzas.</span></span></div>
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span>
Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-55249839945803149482016-05-06T11:51:00.003-07:002016-05-06T11:51:58.506-07:00The JBoss apiman Crash Course Guide is published!Just published a brief and easy to follow "crash course" guide to JBoss apiman. Hoping that this will help lots more people get started with API Management with JBoss apiman...<br />
<br />
<a href="http://www.apiman.io/latest/crash-course.html">http://www.apiman.io/latest/crash-course.html</a>Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-76726786974718471722016-04-08T05:22:00.001-07:002016-04-08T05:22:01.910-07:00Introduction to User Roles in apiman<div dir="ltr" id="docs-internal-guid-d7139458-f5d1-179d-d3ef-2fb21dacb17a" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; line-height: 1.2;">(Reposted to: <a href="http://www.apiman.io/blog/apiman/introduction/overview/users/roles/2016/03/28/users_roles.html">http://www.apiman.io/blog/apiman/introduction/overview/users/roles/2016/03/28/users_roles.html</a> )</span></div>
<div dir="ltr" id="docs-internal-guid-d7139458-f5d1-179d-d3ef-2fb21dacb17a" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; line-height: 1.2;"><br /></span></div>
<div dir="ltr" id="docs-internal-guid-d7139458-f5d1-179d-d3ef-2fb21dacb17a" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; line-height: 1.2;">In this post, we’ll examine apiman user roles. In the apiman data model, all data elements exist in the context of the organization. The same holds true for user memberships as users can be members of multiple organizations. Permissions in apiman are role based. The actions that a user is able to perform are dependent on the roles to which the user is assigned when a user is added as a member of an organization.</span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Let’s start by looking at the roles that are preconfigured in apiman.</span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">Understanding OOTB apiman user roles</span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">In apiman, each role defines a set of permissions granted by that role. When a user is made a member of an organization, that user must be assigned to a role. A role definition consists of a name and description, and, most importantly, a set of permissions that govern the user’s ability to view, edit, and administer the organization itself, as well as the organization’s plans, APIs, and applications.</span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Roles are managed in the Roles section of the apiman System Administration form in the Management UI. </span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Apiman is preconfigured with the following roles:</span></div>
<br />
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Organization Owner</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">API Developer</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Client App Developer</span></div>
</li>
</ul>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">These role names are self-explanatory. For example, a user assigned the Application Developer role is able to manage the organization’s applications but is blocked from managing its APIs or plans.</span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">The full set of permissions provided in apiman by these preconfigured roles are:</span></div>
<br />
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup><col width="177"></col><col width="271"></col><col width="271"></col></colgroup><tbody>
<tr style="height: 0px;"><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">Preconfigured apiman Role</span></div>
</td><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">Who Should be Assigned this Role</span></div>
</td><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">Permissions Granted to this Role</span></div>
</td></tr>
<tr style="height: 0px;"><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Client App Developer</span></div>
</td><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Users responsible for creating and managing client apps.</span></div>
</td><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Client App View</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Client App Edit</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Client App Admin</span></div>
</li>
</ul>
</td></tr>
<tr style="height: 0px;"><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Organization Owner</span></div>
</td><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Automatically granted to the user who creates an Organization.</span></div>
</td><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">All permissions:</span></div>
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Client App View</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Client App Edit</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Client App Admin</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Plan View</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Plan Edit</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Plan Admin</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">API View</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">API Edit</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">API Admin</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Organization View</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Organization Edit</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Organization Admin</span></div>
</li>
</ul>
</td></tr>
<tr style="height: 0px;"><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">API Developer</span></div>
</td><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Users responsible for creating and managing APIs.</span></div>
</td><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Plan View</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Plan Edit</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Plan Admin</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">API View</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">API Edit</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">API Admin</span></div>
</li>
</ul>
</td></tr>
</tbody></table>
</div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Organization owners can assign roles to users through the “Manage Members” form in the apiman Management UI. Each user must be assigned at least one role, but users can also be assigned multiple roles. </span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">We’ll walk through an example of assigning a role to a user in a moment.</span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">While apiman admin users can also modify the permissions as defined for these preconfigured roles, it can be easier to create new custom roles. We will also walk through an example of creating a new user role later in this post.</span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">Assigning/Revoking Roles for Organization Users</span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">It’s worth repeating that all data elements in apiman exist in the context of an organization. As a result, it is important to understand that users can only manage these elements if they have the appropriate role for the organization in which the elements exist. Therefore, a user must be granted </span><span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">membership</span><span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"> in an organization. </span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">It’s not possible for users to assign themselves roles. Roles must be assigned to a user by an organization owner. Assigning a role to a user is a straightforward task for an organization owner. </span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">First, the organization must search for the user:</span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"><img alt="6.png" height="359" src="https://lh5.googleusercontent.com/d39TyaBlDMYQS8jQ5H4Q0glEPm2PhEeU0sxDpDvf7XLQ1e1cs5hWhIBRixXw0qB6ASoYCCTFCaPcTw1kx3M7qI5L0XulCfglbvI8T81kJPuxa-jJSWzUp8QXEU6DKLT3OsPLRKA" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="516" /></span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">And then, the organization owner can select a role from the existing set of roles:</span></div>
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"><img alt="5.png" height="366" src="https://lh5.googleusercontent.com/nuQJ7B09_rAog273jSfkprqBHnDBCkybLhGnDk8xeQ_jxleUZRXEjDtF0l7r75tcxLY0C4NjzadUJIOxxBHPuQnUw07Cvd_wYo-cuqV2D1rlsY0yXIwgaJPX9T1Mjoulum88DWY" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="517" /></span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Revoking a role for a user is just as easy. The organization owner simply has to search for the user, and then deselect a role for the user.</span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">The same approach for assigning/revoking a role for a user is followed for the standard roles that are preconfigured in apiman, and for custom roles that you create.</span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">Creating a New User Role/Defining the Role Permissions</span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">In addition to providing a set of preconfigured roles, apiman also provides a means for apiman admin users to create new roles where you can define a custom set of permissions for each role. Custom roles give you the ability to exercise fine-grained control over the set of permissions granted to users. </span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Let’s look at an example of a custom role. </span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Imagine a situation where you have API developer users and application developer users. These sets of users can rely on apiman’s preconfigured roles. Let’s also imagine that you have a third set of user. You want these users to have read access to APIs and applications so that they can participate in a review/approval process. However, you do not want to give these users write access. For example, suppose you have to find a job for a certain relative of yours. He may be a thoroughly competent person, but you’d feel better if he didn’t have write access to anything valuable. A read-only role for your brother in law would look something like this:</span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;"><img alt="3.png" height="312" src="https://lh3.googleusercontent.com/EZ5U9dxrU_EwxFZ7hfI1VGs5ZPh0PTfitOW7B4Zxm8BGfPdDBq232SkXeOTzL9fYg4MKABQ9nzFFKSC-8q-6ycnFw71Nqbe3FPF9jmc6JDecZLg2eDx2GAyn761OL-v5yYxo-wM" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="518" /></span></div>
<br /><br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Once the “brother-in-law” role is created, you can assign it to other users in the same manner as any other role:</span></div>
<br /><br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;"><img alt="4.png" height="249" src="https://lh3.googleusercontent.com/jWqJM4Zjwk0j1QgwXGBAANejpMseHNb9jdl-ue-w1-Uw0jDrQolIH_-5a2uuMNqJdlEr6SOmnAaE6poKjqsPjzmvCnRiILm9RAW8MVqbKFXbY53sL81m7PouvLMb1K8n92sTyLI" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="521" /></span></div>
<br /><br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">In Conclusion</span></div>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">A consistent pattern in apiman is a rich set of features provided OOTB, and a method for you to expand on these features by creating customizations. User roles enable you to assign users permissions based on the tasks that they perform. Apiman is preconfigured with a rich set of roles OOTB, and also enables you to create new, custom roles to handle additional types of users (even your brother-in-law).</span></div>
<br /><br /><br /><br />Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-17373821217949998382016-02-25T19:08:00.001-08:002016-02-25T19:08:11.457-08:00Reposted to DZone!It never gets old...<br />
<br />
<a href="https://dzone.com/articles/apiman-12-improvements-to-plugin-management">https://dzone.com/articles/apiman-12-improvements-to-plugin-management</a>Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-65400442016191835912016-02-23T05:33:00.000-08:002016-02-23T05:33:00.794-08:00Improvements to Plugin Management in JBoss apiman<div dir="ltr" id="docs-internal-guid-595e200c-0e53-496d-780d-fe9b3c42278c" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">Introduction - Policies - The Most Important Part of API Management</span></div>
<br />
<div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">In API Management, policies are where the action is. It’s through the application of policies that an API Management system such as apiman performs API governance. All the subsystems in apiman, from the Management API UI to the API Gateway, exist for one ultimate goal; to ensure that API governance is achieved by the application of policies to API requests. In apiman, a policy is a rule, or set of rules that controls responses to API requests. There are multiple types of apiman policies. Some policies allow or block access to APIs based on the IP address of the client application, while others allow or restrict access to specific resources provided by an API, while still others enable you to control or “throttle” the rate at which requests made to an API. </span></div>
<br />
<div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Apiman is preconfigured with a set of policies, and also enables you to create your own custom policies. This article describes the improvements introduced in apiman release 1.2.x that enable you to better manage your custom policy plugins.</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">Apiman Plugin Management Improvements - Extending Flexibility</span></div>
<br />
<div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Apiman is not only preconfigured with a rich set of policies that you can use, right out of the box, but, from its earliest releases, apiman has also included a mechanism that you can use to define your own custom policies through plugins.</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Apiman release 1.2.x adds these new features that enable you to better manage your custom policy plugins:</span></div>
<br />
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Uninstalling Policies</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Upgrading Policies</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Automatically Reloading SNAPSHOT Version Policies</span></div>
</li>
</ul>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">The best way to understand how these features work is to see them in action. </span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">Uninstalling a Policy Plugin</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Before we can uninstall a policy plugin, we have to install it. </span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Apiman is preconfigured with a core set of policy types that can handle many common situations:</span></div>
<br />
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 13.3333px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Authorization - Access to API resources is controlled by user roles</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 13.3333px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">BASIC Authentication - A username/password is required to access an API</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Caching - Cache responses from a backend API</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 13.3333px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Ignored Resources - Paths to API resources that will not be accessible</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 13.3333px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">IP Blacklist - Clients with specific IP address(es) will be blocked from accessing an API</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 13.3333px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">IP Whitelist - Clients with specific IP address(es) will not be blocked from accessing an API (all IP addresses not listed will be blocked)</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 13.3333px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Limiting - Access to an API is limited by the number of requests in a defined time period (generally used to create a fine-grained limit)</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Quota - Access to an API is limited by the number of requests in a defined time period (generally used to create a coarse-grained limit)</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Transfer Quota - Similar to a Quota policy, but based on the number of bytes transferred, not the number of requests</span></div>
</li>
</ul>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">These core policy types cannot be uninstalled.</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Apiman is also includes second set of policy types which can be optionally installed as plugins:</span></div>
<br />
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">CORS - This plugin implements CORS (Cross-origin resource sharing): A method of controlling access to resources outside of an originating domain. </span></div>
</li>
</ul>
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">HTTP Security - Provides a policy which allows security-related HTTP headers to be set, which can help mitigate a range of common security vulnerabilities. </span></div>
</li>
</ul>
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">JSONP - A plugin that contributes a policy that turns a standard RESTful endpoint into a JSONP compatible endpoint. </span></div>
</li>
</ul>
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Keycloak OAuth - This plugin offers an OAuth2 policy which leverages the Keycloak authentication platform as the identity and access provider. </span></div>
</li>
</ul>
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Log Headers - Offers a simple policy that allows request headers to be added or stripped from the HTTP request (outgoing) or HTTP response (incoming). </span></div>
</li>
</ul>
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.728; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">XML<->JSON Transformation - This plugin provides a very simple policy which can transform the request and/or response payload between XML and JSON. </-></span></div>
</li>
</ul>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">The optional plugins are accessed in this administrative page in the apiman Management UI:</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"><img alt="Policies_1.png" height="314" src="https://lh5.googleusercontent.com/Wm5iC8hkXo7Av4JiJ_o_RqytCYVx_Xzmpfbkb0xc16wP0fmymqtS7zvbBOrTtzFjSgmAHSX0ApyZag7CP-0jyXPq7to3JNleT-AczYrUlIsjlWJJHJTTaQUKjiad9QLWtkjhW5Q" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="533" /></span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">To install a policy plugin, click on “Install” - for example, to install the Log Headers Policy:</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"><img alt="Plugin_2.png" height="511" src="https://lh4.googleusercontent.com/dEROThiRLjrBIxk-yh3w4qAUVl7yi1PlZ3uoJ7pKVdGtDGCYjHxo1SO1k_g0_UllGQPxrfQdqfL8iNfKubEbc8m1EZWwbb4SK1Do-F8q4a9j1jpTpeFOcZgVEPMPsf06oD3_GR4" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="532" /></span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">And, it’s installed!</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"><img alt="Plugin_3.png" height="169" src="https://lh6.googleusercontent.com/jbmo5TseDvvuWPH1ZwpLOqzN8EYhAZ9vXxD9R8SB2CSGe3uQbnK-iXDhIIyUoO56z14I_-UW80mvOrlkwYj7qUP-Va98tLUCQ_eGVYqopIEwOU1umMJC7R0N1UqFmg_J24L_5U8" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="536" /></span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">OK, we installed the policy plugin. Now, let’s uninstall it!</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Uninstalling a policy plugin is as simple as installing it. All you do is select the plugin from the “Manage Plugins” page in the Administrative UI:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"><img alt="Plugin_4.png" height="170" src="https://lh6.googleusercontent.com/vPpX3yt2-6gaCki-9kaebJPLOx1v0B0pmgO9uWQq_NycYoyOkuDseCowzkVvqlsondhKRawUiZLmibMS50JvhrLhXbBb48M8bkd_o3OW5da1UwjoCry_zHbh7q6oWXmKQHKwTSc" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="548" /></span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">There are a couple of caveats to keep in mind when you uninstall a policy plugin:</span></div>
<br />
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">First, uninstalling the plugin removes it from the apiman Management UI, but it still remains in use for all APIs in which it was previously configured.</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Second, if you want to completely remove the plugin from all APIs in which it was previously configured, you must manually click on each API, Plan, and Client App that uses the policy and remove it. Apiman does not include a single “kill” button to automatically remove all references to a policy.</span></div>
</li>
</ul>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">Upgrading Policy Plugins</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">In addition to enabling you to create and install your own custom policies, apiman also provides a mechanism to upgrade to new versions of those policies. This is an especially useful feature as, over time, a policy may be upgraded to include bug fixes or new features.</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">The best way to illustrate how to upgrade a policy plugin is to follow the process step-by-step. </span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">For this illustration, we’ll use one of the policy plugins provided in the official apiman plugins git repository (</span><a href="https://github.com/apiman/apiman-plugins" style="text-decoration: none;"><span style="color: #1155cc; font-family: Arial; font-size: 14.6667px; text-decoration: underline; vertical-align: baseline;">https://github.com/apiman/apiman-plugins</span></a><span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">) as our custom plugin. Many of the plugins provided in this repository are also available set of “available plugins” packaged with apiman. We’ll use one of the plugins (“test-policy” - it’s a very simple policy that adds a header to the inbound http request) that is not already installed into apiman for this example.</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">(Note that in order to follow this example, you will have to have maven and git installed.)</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">To download the policy plugins, execute these commands:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">git clone</span><a href="https://github.com/apiman/apiman-plugins.git" style="text-decoration: none;"><span style="background-color: yellow; color: black; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> </span><span style="background-color: yellow; color: #1155cc; font-family: 'Courier New'; font-size: 12px; text-decoration: underline; vertical-align: baseline;">https://github.com/apiman/apiman-plugins.git</span></a></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">cd apiman-plugins</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Before we build the plugins, we have to make one small change. The plugins as downloaded are assigned version numbers that include a -“SNAPSHOT” suffix. We will want to remove that suffix for this example. (Sneak peek: We will restore the suffix later in this article as apiman includes a new feature where “SNAPSHOT” version plugins are automatically reloaded.)</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">To make these changes, edit these files, and change the version from “1.2.2-SNAPSHOT” to “1.2.2”:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">./pom.xml</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">test-policy/pom.xml</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Then, to build the plugins, and install them into your local maven repo (a</span><span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">t runtime, the apiman API Gateway installs plugins from the local maven “.m2”</span><span style="background-color: #f9f2f4; color: #c7254e; font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"> </span><span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">repo directory)</span><span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">, execute this command:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">mvn install</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">OK, our policy plugin is built, let’s add it into the management UI.</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">As an administrative user, navigate to the “Manage Plugins” page in the Management UI and select the “Available Plugins” tab:</span></div>
<br />
<div dir="ltr" style="line-height: 2.4; margin-bottom: 8pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"><img alt="Plugin_10.png" height="172" src="https://lh4.googleusercontent.com/kflysPW38353ZjNNqhTuBUd9FgMsngSQX94sTAwWSnZAvOBFoHcBxs3BX2khksWO0KnJ67T0BvU5ETQN4fN_W4OsxRc94kkSVnPnEUPuYwILmFK_IFW0Kvyeyk8JLAkDISwx3xs" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="548" /></span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Then, click on the “Add Custom Plugin” button. The following dialog is displayed. Fill in the details for the “test-policy” plugin. (You can find all this information in the plugin’s “pom.xml” file.) apiman will use this information to locate the policy plugin in your local maven repo:</span></div>
<br />
<div dir="ltr" style="line-height: 2.4; margin-bottom: 8pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"><img alt="Plugin_9.png" height="535" src="https://lh6.googleusercontent.com/-zxYaiXnf3Z6y1GJlkwKDpFLhgDlepokBQIZsaEEmwIn-bcvqJM2vyNQNDfc3r9LfC4zp_-Yxv2Jxbu8nQUTOsMBRyidh4-lOQzN3i-o5PaO4Z-sBKL23rEHQSJydd1do7JkJjw" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="531" /></span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">And, after you click on the “Add Plugin” button, the policy plugin is installed:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"><img alt="Plugin_6.png" height="141" src="https://lh5.googleusercontent.com/5PLCrZccFXwfLN-QOAU1BDHz3UMf-xDreJKCHnaDJj-H1PkcZeLTerifUBL_iocdxvVAcbkSRAgQEvLA9wlWJ9aAJ1DAZf-0WD815xEYZ6kOefWSnM3kTtQNPxKK0FWWxQcwK_w" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="528" /></span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Notice that there are (2) buttons in the “Actions” column of the “Installed Plugins” table. The button labeled with an “X” enables you to remove the plugin. The button labeled with an up-arrow enables you to upgrade the policy plugin.</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">In order for apiman to recognize that a plugin policy has been updated, the plugin version number must change. To change the version number of the test-policy plugin, edit these files, and change the version from “1.2.2” to “1.2.3”:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">./pom.xml</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">test-policy/pom.xml</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Then, to rebuild the plugins, and install them into your local maven repo, execute this command:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">mvn clean install</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">After rebuilding the plugins, return to the apiman Management UI, and click on the plugin policy’s upgrade button. Enter the new plugin version number in the dialog that is displayed:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"><img alt="Plugin_7.png" height="158" src="https://lh3.googleusercontent.com/oDVjJ2FNKE7dg57dhY67339Yrsy8Qp0ndep5jf6Gx4zZHSeE6lEyikjEWNvfyZk9E9bQO3aEVte-b_F1qU4VRgXWQH9QolezLEgk4eXzrH8PG34wORojCi1tUMjIsO5LMCblE6I" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="526" /></span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">And, after you perform the upgrade by clicking on the “OK” button, the plugin is upgraded:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"><img alt="Plugin_8.png" height="161" src="https://lh3.googleusercontent.com/wk4IN1C1PGtMYysigv_uWZZBq0xwwe7y-41Ni3RF-PyvqfWAfsaW-ibzveX8bbx8-0H-nnWQcj_dRNHcVGw21x7l27C_B0M4ArmGI3VAuoVj3CPncEJY92oKJsmBUi4AKp2XKcE" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="521" /></span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">There are a few important things to keep in mind while upgrading policy plugins:</span></div>
<br />
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">The upgraded version of a policy plugin replaces the previous version.</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">Plans, APIs, or Client Apps that had previously been configured with the old version of the plugin policy will continue to use that older version. They will not be automatically updated to use the upgraded version of the policy plugin.</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">New Plans, APIs, or Client Apps that are created after the policy plugin was upgraded will use the new/upgraded version.</span></div>
</li>
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">If you want to upgrade existing Plans, APIs, or Client Apps to use an upgraded policy plugin, then you will have to manually remove the old policy plugin version and then add the new policy plugin version. The apiman project documentation recommends against doing this unless there is a bug fix or new feature added in a policy plugin upgrade.</span></div>
</li>
</ul>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">Automatically Reloading SNAPSHOT Version Policies</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">The final new feature added to Plugin Management in apiman 1.2.x is the automatic reloading of SNAPSHOT version policy plugins.</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">When you are developing a custom policy plugin, you may have to uninstall and reinstall the plugin many times while it is being debugged. This can quickly become a time-consuming manual task. Apiman 1.2.x now makes it possible for you avoid this manual installing/re-installing.</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">As we’ve just seen, the apiman API Gateway installs policy plugins from your local maven repo. To be more efficient, the API Gateway caches plugins the first time that they are used. If, however, a plugin’s version ends with a “-SNAPSHOT” suffix, then the API Gateway will reload it every time the plugin is used.</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">So, by including a “-SNAPSHOT” suffix in your custom policy plugin’s version, you can iterate through changes to the policy plugin without having to manually uninstall and then install each new version of the plugin.</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Let’s take a look at this in action.</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Since we want to take advantage of the automatic reloading, we must restore the “-SNAPSHOT” suffix to the test-policy custom policy plugin. To make these changes, edit these files, and change the version from “1.2.3” to “1.2.2-SNAPSHOT”:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 13.3333px; vertical-align: baseline;">./pom.xml</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 13.3333px; vertical-align: baseline;">test-policy/pom.xml</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Then, to build the plugins, and install them into your local maven repo, execute this command:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">mvn clean install</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">And then add the custom policy plugin in the Management UI:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"><img alt="Plugin_11.png" height="520" src="https://lh3.googleusercontent.com/16xtmB8eqHD924MD6L1LUP7yuqMj_H-MlstMa7f_zsoNYTfe55dT8xzVOjko5_Ekus8LWyEu56Y3QJl2Nn2GOVmjALwVUY0zaVDLODm0NU6A6BkLFf-4LrEjm_uZUeM8zZQkgow" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="529" /></span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">And, here’s the installed plugin:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"><img alt="Plugin-12.png" height="171" src="https://lh5.googleusercontent.com/rBaClUsF-LV6wGHp1acqQ0HiWWBfLeJfI5CnImyk3rmY5OqrpQvsfP-MgndLkSb6fW1d2M752anOpw6TRFPHOfffGVNz76QX9m4cdNp8aM7t67AEeMUkYC7wvs2XXHHrZVUDlaw" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="536" /></span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Before we can configure the custom policy plugin, we need an API. For this example, we’ll use our old friend, “apiman-echo.” You can download this API from this git repository:</span><a href="https://github.com/apiman/apiman-quickstarts.git" style="text-decoration: none;"><span style="color: black; font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"> </span><span style="color: #1155cc; font-family: Arial; font-size: 14.6667px; text-decoration: underline; vertical-align: baseline;">https://github.com/apiman/apiman-quickstarts.git</span></a></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">The steps to build, deploy, and configure this API are available in the first article in this series:</span><a href="http://www.apiman.io/blog/introduction/overview/2015/01/09/impatient-new-user-redux.html" style="text-decoration: none;"><span style="color: black; font-family: Arial; font-size: 14.6667px; vertical-align: baseline;"> </span><span style="color: #1155cc; font-family: Arial; font-size: 14.6667px; text-decoration: underline; vertical-align: baseline;">http://www.apiman.io/blog/introduction/overview/2015/01/09/impatient-new-user-redux.html</span></a></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">We’ll use the postman web client to access the API. The first time that we access the API, we’ll see this response (note the text highlighted in green):</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">{</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "method" : "GET",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "resource" : "/apiman-echo",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "uri" : "/apiman-echo",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "headers" : {</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Accept" : "*/*",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Cache-Control" : "no-cache",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "User-Agent" : "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Connection" : "keep-alive",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Test-Policy" : "true",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Postman-Token" : "8808bb68-1c1c-ef97-449d-ab60f620b0e5",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> </span><span style="background-color: lime; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Host" : "localhost:8080",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Accept-Language" : "en-US,en;q=0.8",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Accept-Encoding" : "gzip, deflate, sdch"</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> },</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "bodyLength" : null,</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "bodySha1" : null</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">}</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">OK, now, let’s change the policy plugin. In this file: src/main/java/io/apiman/plugins/test_policy/TestPolicy.java</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Change this line from this:</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">request.getHeaders().put("Test-Policy", "true");</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">To this:</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">request.getHeaders().put("Test-Policy", "quite true");</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">And then, rebuild the plugin with this command:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">mvn clean install -DskipTests</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">(The “skipTests” directive is a bit of laziness. There is a test included in the plugin that will fail because of the change that we just made. You can either run this command as it is, or you can edit the test in the plugin to also look for a string of “quite true.”)</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Now, when we access the API again, we’ll see the change reflected - without our having to manually upgrade or uninstall/install the policy plugin:</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">{</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "method" : "GET",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "resource" : "/apiman-echo",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "uri" : "/apiman-echo",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "headers" : {</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Accept" : "*/*",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Cache-Control" : "no-cache",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "User-Agent" : "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Connection" : "keep-alive",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> </span><span style="background-color: lime; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;">"Test-Policy" : "quite true",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Postman-Token" : "bb900e07-249c-66e4-980a-2c9a70002c45",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Host" : "localhost:8080",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Accept-Language" : "en-US,en;q=0.8",</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "Accept-Encoding" : "gzip, deflate, sdch"</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> },</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "bodyLength" : null,</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: 'Courier New'; font-size: 12px; vertical-align: baseline;"> "bodySha1" : null</span></div>
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: yellow; font-family: Arial; font-size: 12px; vertical-align: baseline;">}</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">In Conclusion</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">From its first releases, apiman has provided users with flexibility, including support for adding custom policies through plugins. In the latest release, apiman has expanded on that flexibility by enabling users to uninstall policy plugins, upgrade policy plugins, and automatically reload policy plugins.</span></div>
<br />
<div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; font-weight: 700; vertical-align: baseline;">References</span></div>
<br />
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">You can see a more detailed walk-through on how a custom policy plugin is created in this apiman blog post:</span><a href="http://www.apiman.io/blog/plugins/policies/development/maven/2015/03/06/custom-policies-redux.html" style="text-decoration: none;"><span style="color: black; font-size: 14.6667px; vertical-align: baseline;"> </span><span style="color: #1155cc; font-size: 14.6667px; text-decoration: underline; vertical-align: baseline;">http://www.apiman.io/blog/plugins/policies/development/maven/2015/03/06/custom-policies-redux.html</span></a></div>
</li>
</ul>
<br />
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="font-family: Arial; font-size: 14.6667px; list-style-type: disc; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.656; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-size: 14.6667px; vertical-align: baseline;">The “postman” client is available here:</span><a href="https://chrome.google.com/webstore/detail/postman/fhbjgbiflinjbdggehcddcbncdddomop?hl=en" style="text-decoration: none;"><span style="color: black; font-size: 14.6667px; vertical-align: baseline;"> </span><span style="color: #1155cc; font-size: 14.6667px; text-decoration: underline; vertical-align: baseline;">https://chrome.google.com/webstore/detail/postman/fhbjgbiflinjbdggehcddcbncdddomop?hl=en</span></a></div>
</li>
</ul>
<br /><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.6667px; vertical-align: baseline;">Cross-posted here: </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<a href="http://www.apiman.io/blog/apiman/introduction/overview/plugin/management/2016/02/22/plugin-mgmt.html" style="text-decoration: none;"><span style="color: #1155cc; font-family: Arial; font-size: 14.6667px; text-decoration: underline; vertical-align: baseline;">http://www.apiman.io/blog/apiman/introduction/overview/plugin/management/2016/02/22/plugin-mgmt.html</span></a></div>
<br />Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-64524387470463023552016-02-01T05:32:00.002-08:002016-02-01T05:32:34.474-08:00Reposted on Dzone!And - here it is on Dzone - first article of 2016!<br />
<br />
<a href="https://dzone.com/articles/exporting-and-importing-data-in-apiman">https://dzone.com/articles/exporting-and-importing-data-in-apiman</a>Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-65550806529928599492016-01-27T17:12:00.001-08:002016-01-27T17:13:19.460-08:00apiman 1.2.1 Export and Import<div pid="161">
<strong><span style="font-family: "arial" , "helvetica" , sans-serif;">The Question you Dread</span></strong></div>
<div pid="159">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="12">
<span style="font-family: "arial" , "helvetica" , sans-serif;">If
you use a computer at home or at work, you'll eventually find yourself
in a situation where you lose some important data and, while you are
trying to recover it, someone asks you a question that is simultaneously
annoying and terrifying:</span></div>
<div pid="12">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="14" style="margin-left: 40px;">
<em><strong><span style="font-family: "arial" , "helvetica" , sans-serif;">"Did you make a backup?"</span></strong></em></div>
<div pid="16">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="16">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Happily,
the 1.2 release of apiman includes a new feature that enables you to
export and import your apiman data and provides you with an easy means
to create apiman data backups. In this post, we'll take a look at the
new export/import feature, and how you can use it for a variety of tasks
to protect your data, make your life easier, and enable you to avoid
annoying and terrifying questions.</span></div>
<div pid="160">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="160">
<span style="font-family: "arial" , "helvetica" , sans-serif;">For test data, we'll
use the same types of data (organizations, users, plans, policies, APIs
and client apps), that we created in the initial post in this series. (
<a href="https://dzone.com/articles/impatient-new-users" rel="nofollow">https://dzone.com/articles/impatient-new-users</a> )</span></div>
<div pid="20">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="22">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Note
that since that post was written in January 2015, some of the names of
the data elements have changed. You can either create the test data
referred to in this post yourself, or you can import the data file
attached to the post.</span></div>
<div pid="24">
<strong><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></strong></div>
<div pid="24">
<strong><span style="font-family: "arial" , "helvetica" , sans-serif;">Export/Import in apiman 1.2.1</span></strong></div>
<div pid="26">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="26">
<span style="font-family: "arial" , "helvetica" , sans-serif;">The
new export/import feature in apiman 1.2.1 enables you to export your
apiman configuration data to a file, which can later be imported into an
apiman system. Note that this feature follows an all-or-nothing
approach in that is does not support incremental backup and restore of
selected apiman data. </span></div>
<div pid="28">
<span style="font-family: "arial" , "helvetica" , sans-serif;">The three main use cases that the export/import feature supports are:</span></div>
<ul>
<li><div pid="31">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Backing up all your apiman data</span></div>
</li>
<li><div pid="31">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Upgrading to a newer version of apiman</span></div>
</li>
<li><div pid="32">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Migrating apiman data from a Test environment to a Production environment</span></div>
</li>
</ul>
<div pid="34">
<span style="font-family: "arial" , "helvetica" , sans-serif;">The
export/import operations are only available to Administrative users.
The export/import feature is accessed through the admin operations menu:</span></div>
<div pid="162">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="162">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><img alt="Image title" class="fr-fin fr-dib" src="https://dzone.com/storage/temp/1071512-export-import-1.png" width="300" /></span></div>
<div pid="38">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="38">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Once you select the <strong>Export/Import</strong> Data feature, this menu is displayed:</span></div>
<div pid="164">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="164">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><img alt="Image title" class="fr-fin fr-dib" src="https://dzone.com/storage/temp/1071513-export-import-2.png" width="300" /></span></div>
<div pid="39">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="42">
<span style="font-family: "arial" , "helvetica" , sans-serif;">One
thing to keep in mind is that while you are importing or exporting
data, no changes to data should be made or else the export/import may
encounter an error, or may result in incomplete results. To be safe, you
should disable user access to the API Manager, both the Management UI
and its REST interface, for the duration of the import or export
operation.</span></div>
<div pid="44">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="44">
<span style="font-family: "arial" , "helvetica" , sans-serif;">We'll look at exporting data first.</span></div>
<div pid="46">
<strong><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></strong></div>
<div pid="46">
<strong><span style="font-family: "arial" , "helvetica" , sans-serif;">Backing up apiman Data</span></strong></div>
<div pid="48">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="48">
<span style="font-family: "arial" , "helvetica" , sans-serif;">To
make a backup of all your apiman data, simply select the "Export All"
button. The apiman data will be written to a file and downloaded by your
browser. Your browser's settings will determine where the file is
saved.</span></div>
<div pid="50">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="50">
<span style="font-family: "arial" , "helvetica" , sans-serif;">The apiman data is written to a file named: api-manager-export.json</span></div>
<div pid="52">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="52">
<span style="font-family: "arial" , "helvetica" , sans-serif;">As
its name indicates, the apiman data is written in JSON form. This
format provides us with several advantages. First of all, it's the
format in which apiman is able to import data. (We'll perform an import
later in this post.) Secondly, it's a text file where the contents of
the file are human readable. The content of the file is ALL the apiman
data, both the data elements that you have created and the data elements
with which apiman is preconfigured.</span></div>
<div pid="54">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Reading this file
can greatly increase your understanding of the elements that are defined
in apiman. Let's take a look at the elements in the file:</span></div>
<ul>
<li><div pid="56">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Users - The preconfigured "admin" user is defined here, as are the new users we create.</span></div>
</li>
<li><div pid="57">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Gateways - The preconfigured apiman Gateway is defined here.</span></div>
</li>
<li><div pid="59">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Roles
- The preconfigured, permission-based roles, and new roles that we
create, are defined here. For example, the "OrganizationOwner" role is
shown to have these permissions: [ "apiAdmin", "orgAdmin", "apiView",
"orgEdit", "clientEdit", "clientAdmin", "planView", "orgView",
"planAdmin", "clientView", "planEdit", "apiEdit" ]</span></div>
</li>
<li><div pid="59">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Policy
Definitions - Next, the preconfigured policies, and new policies that
we create, are defined here. For example: the "RateLimitingPolicy" is
described as "Enforces rate configurable request rate limits on an API.
This ensures that consumers can't overload an API with too many
requests."</span></div>
</li>
<li><div pid="60">
<span style="font-family: "arial" , "helvetica" , sans-serif;">The remainder of the file includes
the elements that we create: Organizations, Plans, APIs, and Client
Apps. For example, here is the definition of the "echo" API that we </span><span style="font-family: "arial" , "helvetica" , sans-serif;">created:</span></div>
</li>
</ul>
<pre style="background: #f0f0f0; border: 1px dashed #cccccc; color: black; font-family: "arial"; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;"> "Apis" : [ {
"ApiBean" : {
"id" : "echo",
"name" : "echo",
"description" : "The echo API",
"createdBy" : "serprov",
"createdOn" : 1453773184836,
"numPublished" : 1
},
"Versions" : [ {
"ApiVersionBean" : {
"id" : 10,
"status" : "Published",
"endpoint" : "http://localhost:8080/apiman-echo",
"endpointType" : "rest",
"endpointContentType" : "json",
"endpointProperties" : { },
"gateways" : [ {
"gatewayId" : "TheGateway"
} ],
"publicAPI" : false,
"plans" : [ {
"planId" : "gold",
"version" : "1.0"
} ],
"version" : "1.0",
"createdBy" : "serprov",
"createdOn" : 1453773184845,
"modifiedBy" : "serprov",
"modifiedOn" : 1453773312563,
"publishedOn" : 1453773327835
},
"Policies" : [ {
"id" : 14,
"type" : "Api",
"organizationId" : "ACMEServices",
"entityId" : "echo",
"entityVersion" : "1.0",
"name" : "BASIC Authentication Policy",
"configuration" : "{\"realm\":\"Echo\",\"requireBasicAuth\":false,\"staticIdentity\":{\"identities\":[{\"username\":\"user1\",\"password\":\"admin123!\"}]}}",
"createdBy" : "serprov",
"createdOn" : 1453773312553,
"modifiedBy" : "serprov",
"modifiedOn" : 1453773312553,
"definition" : {
"id" : "BASICAuthenticationPolicy",
"templates" : [ ],
"deleted" : false
},
"orderIndex" : 1
} ]
</code></pre>
<div>
<br /></div>
<div>
<br /></div>
<div>
<span style="font-family: "arial" , "helvetica" , sans-serif;">One
thing to remember is that the exported data file represents ALL apiman
data. It's not yet possible to perform incremental data backups in
apiman. If you attempt to import the data from this file into the same
apiman installation from which it was generated, you will see unique
primary key violations as the import operation will attempt to create
duplicate data elements.</span></div>
<div pid="118">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="118">
<span style="font-family: "arial" , "helvetica" , sans-serif;">OK, now that we have this exported data file, what can we do with it?</span></div>
<div pid="120">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="120">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Well,
obviously, if something goes wrong with your installation of apiman,
you can start over with a clean installation, and instead of manually
recreating your data, you can import the data. (Personal note from the
author: I work in software test/QE. Part of our testing is always
destructive in nature. As a result, we are always "messing up" test
data. The export/import feature enables us to quickly reinstall apiman
and recover a clean test environment.) To perform the import after a new
installation of apiman, you simply select and upload the exported data
file:</span></div>
<div pid="169">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="169">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><img alt="Image title" class="fr-fin fr-dib" src="https://dzone.com/storage/temp/1071514-export-import-3.png" width="300" /></span></div>
<div pid="124">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="124">
<span style="font-family: "arial" , "helvetica" , sans-serif;">The Management UI displays the status of the import as the data is processed:</span></div>
<div pid="170">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="170">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><img alt="Image title" class="fr-fin fr-dib" src="https://dzone.com/storage/temp/1071515-export-import-4.png" width="300" /></span></div>
<div pid="128">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="128">
<span style="font-family: "arial" , "helvetica" , sans-serif;">How else can we use the exported data file?</span></div>
<div pid="130">
<strong><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></strong></div>
<div pid="130">
<strong><span style="font-family: "arial" , "helvetica" , sans-serif;">Upgrading to a Newer Version of apiman</span></strong></div>
<div pid="132">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="132">
<span style="font-family: "arial" , "helvetica" , sans-serif;">One
of the best aspects of open source projects is the rapid rate at which
new features are implemented and new versions are released. It's
exciting to watch projects quickly mature as features are added and bugs
are fixed, and since the projects are open source, you can even make
your own contributions. This has been the case with apiman over the past
several months. New features have been added such as metrics and
support for creating custom policies.</span></div>
<div pid="134">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="134">
<span style="font-family: "arial" , "helvetica" , sans-serif;">One downside to
all the rapid change is that as new versions of apiman have been
released, we've had to recreate all our apiman data as there was no way
to migrate apiman data from one release to the next. The export/import
feature now gives us a way to export apiman data from one apiman release
and import it into a new apiman release.</span></div>
<div pid="136">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="136">
<span style="font-family: "arial" , "helvetica" , sans-serif;">NOTE: In cases
where the apiman data model changes between versions, apiman will
introduce tools to transform the JSON export file from an older format
to the latest. It has not yet been decided whether those tools will be
built into the Import process, or released as a standalone utility.</span></div>
<div pid="138">
<strong><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></strong></div>
<div pid="138">
<strong><span style="font-family: "arial" , "helvetica" , sans-serif;">Migrating apiman Data from a <em>Test</em> Environment to a <em>Production</em> Environment</span></strong></div>
<div pid="140">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="140">
<span style="font-family: "arial" , "helvetica" , sans-serif;">It's a common practice for organizations to maintain two separate installations of software releases:</span></div>
<ul>
<li><div pid="142">
<span style="font-family: "arial" , "helvetica" , sans-serif;">A
test environment, where the goal is to experiment with new features.
This is typically an internal environment that gives up some measure of
stability in exchange for the ability to "try out" new features as they
become available. The rate of change for this environment is high as any
disruption in service in this environment do not affect customers.</span></div>
</li>
<li><div pid="143">
<span style="font-family: "arial" , "helvetica" , sans-serif;">A
production environment, where the goal is stability. This is the
environment that supports your customers. Changes happen slowly in this
environment and new features are only installed after they are carefully
tested as disruptions in service in this environment do affect
customers.</span></div>
</li>
</ul>
<div pid="145">
<span style="font-family: "arial" , "helvetica" , sans-serif;">The new export/import feature in
apiman 1.2 makes it possible for you to experiment with changes in your
test environment, and, after the changes have been found to be stable,
to easily migrate your test data from the test environment into your
production environment. (You will, of course, create a backup of your
production environment data before making any changes. ;-)</span></div>
<div pid="147">
<strong><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></strong></div>
<div pid="147">
<strong><span style="font-family: "arial" , "helvetica" , sans-serif;">Migrating apiman from one storage solution to another</span></strong></div>
<div pid="149">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="149">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Finally,
when apiman is first installed, you must make various decisions about
its configuration. One of these decisions is where to store
configuration and data. When you first install apiman, you might decide
that MySQL is the right choice. However, somewhere along the line you
might change your mind - perhaps you want to switch to postgresql, or
even more drastically you might switch to Elasticsearch! The
Export/Import process described here solves the problem of how to
migrate all your data from one storage location to another.</span></div>
<div pid="151">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="151">
<span style="font-family: "arial" , "helvetica" , sans-serif;">The
process is basically the same as upgrading to a newer version of
apiman. But instead you will be upgrading to the same version of
apiman, but with a different configuration. Because the exported data
is in a neutral (JSON) format, we can easily import into the new
configuration. This will result in all your data being migrated from
MySQL to Elasticsearch (for example).</span></div>
<div pid="153">
<strong><span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></strong></div>
<div pid="153">
<strong><span style="font-family: "arial" , "helvetica" , sans-serif;">In Conclusion</span></strong></div>
<div pid="155">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="155">
<span style="font-family: "arial" , "helvetica" , sans-serif;">The
new export/import feature in apiman 1.2 provides an easy way to
safeguard your apiman data and to make it possible to migrate your data
between apiman releases and installations. In addition, since the
exported data is human readable, it is a great resource for better
understanding apiman data structures. And, it's easy to use too!</span></div>
<div pid="155">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div pid="155">
<span style="font-family: "arial" , "helvetica" , sans-serif;">Cross-posted to:</span></div>
<div pid="155">
<a href="http://www.apiman.io/blog/apiman/introduction/overview/backup/export/import/2016/01/27/export-import.html">http://www.apiman.io/blog/apiman/introduction/overview/backup/export/import/2016/01/27/export-import.html</a></div>
<div pid="155">
<span style="font-family: "arial" , "helvetica" , sans-serif;"><br /></span></div>
Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-23268668180892791292015-08-20T05:59:00.000-07:002015-08-20T05:59:11.191-07:00Reposted! Again!That last post was just reposted!<br />
<br />
In the apiman blog: <a href="http://www.apiman.io/blog/policies/2015/08/17/limiting-policies.html">http://www.apiman.io/blog/policies/2015/08/17/limiting-policies.html</a><br />
<br />
And, in Dzone: <a href="https://dzone.com/articles/rate-based-policies-and-quotas-in-jboss-apiman-1">https://dzone.com/articles/rate-based-policies-and-quotas-in-jboss-apiman-1</a><br />
<br />
<br />Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-53641860517326378202015-08-17T06:27:00.000-07:002015-08-17T07:20:58.289-07:00Rate Based Policies and Quotas in JBoss apiman<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7NXo2m9Yqx9BI7Ib1tQCHJNsEX82jXaG1hPypb1AIM3kUnsfOFLCnle6L123LvxsL6-5BsJUizvaHf5WCZfi1jOvptKSMdu7Bipbh7grcGSkxIV9ribG4YoI2JEsmBQg5zloL_nxREZc/s1600/apiman.png" imageanchor="1" style="clear: left; display: inline !important; float: left; line-height: 1.2; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7NXo2m9Yqx9BI7Ib1tQCHJNsEX82jXaG1hPypb1AIM3kUnsfOFLCnle6L123LvxsL6-5BsJUizvaHf5WCZfi1jOvptKSMdu7Bipbh7grcGSkxIV9ribG4YoI2JEsmBQg5zloL_nxREZc/s200/apiman.png" width="193" /></a><b id="docs-internal-guid-af422316-3bca-4f20-aed4-cbf8624c2f65" style="font-weight: normal;"><br /></b><br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">In this, the sixth article in the series on apiman, JBoss’ new API Management framework, we’ll examine how apiman enables you to govern access to managed services through the use of rate limiting policies.</span></div>
<b style="font-weight: normal;"><br /></b><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">The runtime core of apiman is the API Gateway and the policies that it applies to incoming requests to services. apiman is configured out of the box with a variety of policies that can be used to govern access to services managed by the API Gateway based on IP address, user authentication, and usage levels. From its first release, apiman has supported rate limiting policies, where the upper limit for use of a service could be governed by a policy. In its new 1.1.6 release, apiman has expanded this support to include quota based limiting policies. </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Types of Limiting Policies</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">As of release 1.1.6, apiman supports these types of limiting policies:</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Rate Limiting</span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - This policy type governs the number of times requests are made to a service within a specified time period. The requests can be filtered by user, application, or service and can set the level of granularity for the time period to second, minute, hour, day, month, or year. The intended use of this policy type is for fine grained processing (e.g., 10 requests per second).</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Quota</span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - This policy type performs the same basic functionality as the Rate Limiting policy type., however, the intended use of this policy type is for less fine grained processing (e.g., 10,000 requests per month).</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Transfer Quota</span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> - In contrast to the other policy types, Transfer Quota tracks the number of bytes transferred (either uploaded or downloaded) rather than the total number of requests made. </span></div>
</li>
</ul>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Each of these policies, if used singly, can be effective in throttling requests. apiman, however, adds an additional layer of flexibility to your use of these policy types by enabling you to use them in combinations. Let's look at a few examples.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Combinations of Limiting Policies = Flexibility</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Limiting the total number of service requests within a period of time, is a straightforward task as this can be configured in a quota policy. This policy, however, may not have the desired effect as the quota may be reached early in the defined time period. If this happens, the requests made to the service during the remainder of the time period will be blocked by the policy. A better way to deal with a situation like this is to implement a more flexible approach where the monthly quota policy is combined with a fine grained rate limiting policy that will act as a throttle on the traffic. </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">To illustrate, there are about 2.5 million seconds in a month. If we want to set the service request quota for a month to .5 million, then we can also set a rate limit policy to a limit of 5 requests per second to ensure that service requests are throttled and the service can be accessed throughout the entire month.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Here’s a visual view of a rate limiting policy based on a time period of one week. If we define a weekly quota, there is no guarantee that users will not consume that quota before the week is over. This will result in a service requests being denied at the end of the week:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEizdWCkldR27z5yNtVJNjd7RAMjQlQy1b3vBHS67abky6FpHEiOwMHJjn8OsZkBjz3Xa_Th-z0nKd7mMQg92d_H5VPMMORG3XKOye40iIGobXYy3Ru5iHYVVyuLaXlXJ3Rp7LuteSidhHM/s1600/rate_limit1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="325" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEizdWCkldR27z5yNtVJNjd7RAMjQlQy1b3vBHS67abky6FpHEiOwMHJjn8OsZkBjz3Xa_Th-z0nKd7mMQg92d_H5VPMMORG3XKOye40iIGobXYy3Ru5iHYVVyuLaXlXJ3Rp7LuteSidhHM/s400/rate_limit1.png" width="400" /></a></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<span style="font-family: Arial; font-size: 14.666666666666666px; line-height: 1.38; white-space: pre-wrap;">In contrast, if we augment the weekly quota with a more fine grained policy, we can maintain the service’s ability to respond to requests throughout the week:</span><br />
<span style="font-family: Arial; font-size: 14.666666666666666px; line-height: 1.38; white-space: pre-wrap;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8DxO5JBHY6G6rQlRCSLPOoTKP1M6hp2tQMFVNS562PQ3MS2HdLnDh4zJ4RHGgI4kdEXytkG9uL1j8QREky3QMD2PBYBmSn4xpETxsewpzi5g1kAPLqPzCJLDv0rGJz5ICoxbwzBO8fJg/s1600/rate_limit2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="276" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8DxO5JBHY6G6rQlRCSLPOoTKP1M6hp2tQMFVNS562PQ3MS2HdLnDh4zJ4RHGgI4kdEXytkG9uL1j8QREky3QMD2PBYBmSn4xpETxsewpzi5g1kAPLqPzCJLDv0rGJz5ICoxbwzBO8fJg/s400/rate_limit2.png" width="400" /></a></div>
<b style="font-weight: normal;"><br /></b><span style="font-family: Arial; font-size: 14.666666666666666px; line-height: 1.38; white-space: pre-wrap;">The ability to throttle service requests based on service request counts and bytes transferred provides even greater flexibility in implementing policies. Services that transfer larger amounts of data, but rely on fewer service requests can have that data transfer throttled on a per byte basis. For example, a service that is data intensive, will return a large amount of data in response to each service request. The service may only receive a request a few hundreds of times a day, but each request may result in several megabytes of data being transferred. Let's say that we want to limit the amount of data transferred to 6GB per hour. For this type of service, we could set a rate limiting policy to allow for one request per minute, and then augment that policy with a transfer quota policy of 100Mb per hour.</span><br />
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Summary</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">When you configure limiting policies with apiman, it's important to remember that the limits you set can not only function as hard limits for service requests, they can also be used to throttle service request. This throttling gives you the flexibility to control the level of incoming service requests over a period of time that you designate in the policies without blocking all incoming service requests. The flexibility that apiman provides you in configuring limiting policies is further enhanced by its support for you to create combinations of limiting policies. These combined policies work together to give you both coarse grained and fine grained control over incoming service requests. </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Author Acknowledgements</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #262626; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">As always, the author would like to acknowledge Eric Wittmann and the apiman team for their review comments and suggestions on writing this article!</span></div>
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #262626; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #262626; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<br />Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-86881984175662801922015-08-01T12:50:00.002-07:002015-08-03T05:58:35.951-07:00apiman Policy and Endpoint Security<b id="docs-internal-guid-54c4cf4e-eace-af50-2aa7-7ed058b293a0" style="clear: left; float: left; font-weight: normal; margin-bottom: 1em; margin-right: 1em;"><br /><img alt="Screenshot-6.png" height="135px;" src="https://lh6.googleusercontent.com/0h27mT2hH0z9-esyOmQRWWPsKiNlHPhuDZO5ZNe17c88CxDmFPttvVdw0vEoT0wd33KWkEWqOUTcTAbxrG6mQIzjSVbzxsMovSTdT_QjaVCieIZ_0DVADqEkvp2arH5ix40nQLM" style="-webkit-transform: rotate(0rad); border: none;" width="131px;" /></b><br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">In this, the fifth article in the series on apiman, JBoss’ new API Management framework, we’ll examine how apiman enables you to provide security for your managed services at the policy level, and and at the endpoint level for its managed and unmanaged endpoints. </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Unintentionally Insecure?</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">If you read the first article in this series closely (</span><a href="https://dzone.com/articles/impatient-new-users" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">https://dzone.com/articles/impatient-new-users</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">) you might have noticed that in the course of creating a service whose endpoint was managed by the apiman API Gateway, we also inadvertently left that service in a very insecure state as unauthorized client applications could bypass the gateway and access the service directly. We discussed how to configure authentication in a policy for the managed service endpoint in the most recent post in this series (</span><a href="https://dzone.com/articles/adding-basic-authentication" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">https://dzone.com/articles/adding-basic-authentication</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">). This authentication policy provides username/password security for clients as they access the managed service through the API Gateway, but it does not protect the service from unauthorized access attempts that bypass the Gateway completely. To make the service secure from unauthorized client applications, endpoint level security should also be configured.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">In this article, we’ll examine both apiman policy level and endpoint level security, how they compare, and how they differ. </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Complementary Types of Security Provided by apiman</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">The best way to start our discussion of the different, but complementary types of security that we’ll examine in this article is with a diagram. The nodes involved are the client applications that will access our services, the apiman API Gateway, and the servers that host our services:</span><br />
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4fwip4PhB5i7h_1TUuFpULI4cyyr3XGnCRj_A9K2MV7yR8IfB7YFYZMpJXA-2JQgFYvi54d-JQMawka9TQl1LAjnB8p16qjwhJ2lRA-d-b4wc-wzFEusmJH-mgPMZnmguhz1w6K0xmVk/s1600/apiman_security.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4fwip4PhB5i7h_1TUuFpULI4cyyr3XGnCRj_A9K2MV7yR8IfB7YFYZMpJXA-2JQgFYvi54d-JQMawka9TQl1LAjnB8p16qjwhJ2lRA-d-b4wc-wzFEusmJH-mgPMZnmguhz1w6K0xmVk/s640/apiman_security.png" width="608" /></a></div>
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> </span></div>
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"></span></div>
<span style="font-family: Arial; font-size: 14.666666666666666px; line-height: 1.2; white-space: pre-wrap;">Let’s work our way through the diagram from left to right and start by taking a look at Policy Level Security.</span><br />
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Policy Level Security</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">apiman includes several pre-defined policies OOTB. The policies provide support for controlling access to services based on the rate at which the services are invoked, the IP address of the client applications that access the services, authorization, and authentication. In the most recent article in this series, we showed how to configure an authentication policy. To keep things simple, we chose BASIC authentication. This BASIC Authentication policy provides security for the communication channel between the client applications and the apiman API Gateway. An incoming request to the API Gateway from a client initiates the policy chain, the policy is applied and the client is requested to supply a username and password. The level of security provided by this policy can be enhanced if the policy is configured with SSL encryption.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">But, this policy level security only secures the left side of the diagram, that is the communication channel between the applications and the API Gateway. In this communication channel, the applications play the role of the client, and the API Gateway plays the role of the server.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">We also want to secure the right side of the diagram, where the API Gateway plays the role of a client, and the services play the role of the servers. </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">(It’s also worth noting that while policy security protects the managed service, it does nothing to protect the unmanaged service as this service can be reached directly, without going through the API Gateway. This is illustrated by the red line in the diagram. So, while access to the managed service through the apiman API Gateway is secure, policy security does not secure the unmanaged service endpoint.)</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Endpoint Level Security</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">In contrast to policy level security, with endpoint security we are securing the right side of the diagram. </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">A recent post by Marc Savy to the apiman blog (</span><a href="http://www.apiman.io/blog/gateway/security/mutual-auth/ssl/mtls/2015/06/16/mtls-mutual-auth.html" style="text-decoration: none;"><span style="background-color: white; color: #1155cc; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">http://www.apiman.io/blog/gateway/security/mutual-auth/ssl/mtls/2015/06/16/mtls-mutual-auth.html</span></a><span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">) described how to configure Mutually Authenticated TLS (Transport Layer Security) between the API Gateway and the managed services. With Mutual TLS, bi-direction authentication is configured so that the identities of both the client and server are verified before a connection can be made.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">In setting up Mutual TLS, keystores, containing a node’s private key, and truststores, containing public certificates to govern the other nodes that the node should trust, were created. The API Gateway was configured in its apiman.properties file to reference the keystores and truststores. The service was configured with mutual authentication by setting the API Security dropdown in the Implementation tab to MTLS/Two-Way-SSL. Finally, the service was programmed with mutual authentication enabled. With Mutual TLS configured, the communication channel on the right side of the diagram, from the API Gateway to the services, was made secure. </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">We should also note that, unlike policy security, endpoint security also secures the services from attempts to bypass the API Gateway. With Mutual TLS, a two-way trust pattern is created. The API Gateway trusts the services and the services trust the API Gateway. The services, however, do not trust the client applications. As is shown by the large “X” character that indicates that an application cannot bypass the API Gateway and access the services directly.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">One last point that is important to remember is that the endpoint level of security applies to all requests made to the services, regardless of whatever policies are configured. </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Compare and Contrast</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">To summarize, the differences between policy level security and endpoint level security are:</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none; width: 624px;"><colgroup><col width="*"></col><col width="*"></col></colgroup><tbody>
<tr style="height: 0px;"><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">Policy Level Security</span></div>
</td><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">End Point Level Security</span></div>
</td></tr>
<tr style="height: 0px;"><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Secures communications between the applications (clients) and API Gateway (server)</span></div>
</td><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Secures communications between the API Gateway (client) and services (servers)</span></div>
</td></tr>
<tr style="height: 0px;"><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Configured in an API Gateway policy</span></div>
</td><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Configured for the API Gateway as a whole in apiman.properties and with key/certificates infrastructure</span></div>
</td></tr>
<tr style="height: 0px;"><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Applied by the policy at runtime</span></div>
</td><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Applied for all service requests, regardless of the policies configured for a service</span></div>
</td></tr>
<tr style="height: 0px;"><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Does not secure the unmanaged service from access by unauthorized clients</span></div>
</td><td style="border-bottom: solid #000000 1px; border-left: solid #000000 1px; border-right: solid #000000 1px; border-top: solid #000000 1px; padding: 7px 7px 7px 7px; vertical-align: top;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Secures the unmanaged service endpoints from access by unauthorized clients</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Author Acknowledgements</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #262626; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">As always, the author would like to acknowledge Marc Savy, Eric Wittmann, and the apiman team for their review comments and suggestions on writing this article!</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">References</span></div>
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: white; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<a href="http://www.apiman.io/blog/gateway/security/mutual-auth/ssl/mtls/2015/06/16/mtls-mutual-auth.html" style="text-decoration: none;"><span style="background-color: white; color: #1155cc; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">http://www.apiman.io/blog/gateway/security/mutual-auth/ssl/mtls/2015/06/16/mtls-mutual-auth.html</span></a><span style="background-color: white; color: #333333; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> (written by Marc Savy)</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.2; margin-bottom: 0pt; margin-top: 0pt;">
<a href="https://dzone.com/articles/adding-basic-authentication" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">https://dzone.com/articles/adding-basic-authentication</span></a></div>
</li>
</ul>
<br />Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-33800588444837060362015-06-15T10:55:00.002-07:002015-06-15T10:55:05.366-07:00And...reported to DZone too!<a href="http://dzone.com/articles/adding-basic-authentication">http://dzone.com/articles/adding-basic-authentication</a>Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-69739952296154026612015-06-11T15:48:00.001-07:002015-06-11T15:48:14.440-07:00Reposted to the apiman blog!And that was fast - the latest post is up on the apiman blog:<br />
<br />
<a href="http://www.apiman.io/blog/authentication/policy/2015/06/11/basic-auth.html">http://www.apiman.io/blog/authentication/policy/2015/06/11/basic-auth.html</a>Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-31113932578249675712015-06-10T13:16:00.004-07:002015-06-11T12:58:16.124-07:00Adding a BASIC Authentication Policy to a Managed Service in JBoss apiman<b id="docs-internal-guid-1dd1edd4-df0c-f234-587f-3744cc44d727" style="clear: left; float: left; font-weight: normal; margin-bottom: 1em; margin-right: 1em;"><br /><img alt="Screenshot-6.png" height="135px;" src="https://lh5.googleusercontent.com/7FMGgbonDDft6ThC0oXYC-3_yNRuFspIRgrLe7jrPQtKYv4HzUQ5OD4o_0XeVI0Sn1m05YBSIvFAu1H3KukLS03djHoVKe-d3xuF-aQlUs_WhqYi14wfhiKMNsJT6ALeos0BiJ8" style="-webkit-transform: rotate(0rad); border: none;" width="131px;" /></b><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">In this, the fourth article in the series on apiman, JBoss’ new API Management framework, we’ll examine how apiman enables you to not just manage services, but implement a layer of security to the services by adding an authentication requirement when clients access a managed service.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: Arial; font-size: 14.666666666666666px; font-weight: bold; line-height: 1.38; white-space: pre-wrap;">Securing Client Access to your Managed Services</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">As we’ve seen in the previous articles in this series, apiman enables you to govern the usage of the services that it manages by defining policies in the Managament UI that are then applied at runtime by the API Gateway. The apiman API Gateway applies the policy rules that you define to requests that it proxies to the managed service:</span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><img alt="apiman_2.jpg" height="275px;" src="https://lh5.googleusercontent.com/ER_AzzcG7JGmxonM6iO-KImPhEdY6pPeCU6SCyBWUdyE_7xxnv3Csxj3l8syt5w9Fp_epqxzI4JGAWk7oxnGfPci9eE1rg7vENi9bnpAVRKvBFbFuRaUq_ocZ0ZrphXmErZqRC0" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="624px;" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">The OOTB policies that are packaged with apiman enable you to apply a variety of types of controls, including rate limiting (where access to a service is assigned a usage threshold) and black/whitelisting by IP address (where the client’s IP address governs their access to the service). </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">However, managing a service with apiman does not automatically make that service secure. Happily, however, apiman provides a policy that enables you to easily set up authentication to control access to your managed service. (Note that this policy governs the clients’ authenticated access to the managed service, and not establishing a secure connection where apiman authenticates the back-end services. In other words, in this article, we’re interested in adding authentication between the blue and pink boxes in the above diagram.)</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Adding a BASIC Authentication Policy to a Managed Service</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">apiman is packaged with multiple pre-configured policies:</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Authorization - Access to services’ resources is controlled by user roles.</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">BASIC Authentication - A username/password is required to access a service.</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Ignored Resources - Paths to services’ resources that will not be accessible. Requests to these service resource paths return a 404 (not found) error.</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">IP Blacklist - Clients with specific IP address will be blocked from accessing a service.</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">IP Whitelist - And, clients with specific IP address will not be blocked from accessing a service.</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Rate Limiting - Access to a service is limited by the number of requests in a defined time period. We demonstrated an example of a rate limiting policy in the first article in this series. </span></div>
</li>
</ul>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">We’re interested in the BASIC Authentication Policy. Let’s take a closer look. The dialog to add a BASIC authentication policy to a service looks like this:</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><img alt="Screenshot-5.png" height="476px;" src="https://lh5.googleusercontent.com/uNY4GE5lhJGO7xipmc2Jz8NSxM0fLow82Udb5sZWD8MQ38PF5FADFUOhR70tpTHwYDcGSMMtzUyei4epnXzdReJcThgOi4IvMQJFnxM8tHW2DBJ3LJivmWC_0fGP9z3M6zFiZuo" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="480px;" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">In creating the BASIC policy, we define an Authentication Realm (think of this as an area to be protected, within which usernames and passwords exist) and an optional HTTP header. The o</span><span style="line-height: 1.38;">ptional HTTP header </span><span style="line-height: 1.38;">is used to optionally pass the user's principal to the </span><span style="line-height: 1.38;">back-end service through an HTTP header. This is useful if the back-end system </span><span style="line-height: 1.38;">needs to know the username of the user calling it (e.g. to do </span><span style="font-family: Arial; font-size: 14.666666666666666px; line-height: 1.38; white-space: pre-wrap;">user-specific operation). </span><span style="font-family: Arial; font-size: 14.666666666666666px; line-height: 1.38; white-space: pre-wrap;">The “Transport security required” checkbox, if enabled, will cause the policy to fail if a client tries to connect to the service over http. The Policy will only accept credentials over https. </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">We’ll keep the Identity Source simple and select “Static Identities” and then define a user. Note that while this static approach is fine for testing purposes, you will want use one of the other Identity Source options (JBDS or LDAP) for a production environment as they can better handle a large number of users.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-UCDAD_gZx-0ZvOpRxS2ut9aX98c-bA-7Agdo_e-OtdB0tSl20_u1LbKrUxv4jczvLCN_i-ghxhYBWBegAQ-rK11I4mXM5GgqigzLhwEc5_biGHzCeH_sjuI7xuQJkWhgV3_yJJ-qRw0/s1600/Screenshot-8.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="616" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-UCDAD_gZx-0ZvOpRxS2ut9aX98c-bA-7Agdo_e-OtdB0tSl20_u1LbKrUxv4jczvLCN_i-ghxhYBWBegAQ-rK11I4mXM5GgqigzLhwEc5_biGHzCeH_sjuI7xuQJkWhgV3_yJJ-qRw0/s640/Screenshot-8.png" width="640" /></a></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">It’s important to remember that, in BASIC authentication, one of the factors that makes this, well, basic in nature, is that the username/password that you define are encoded (this is unencrypted base64 encoded text) when they are sent to the server. Since the text is not encrypted, it’s at risk of being copied and then used in an attack. For this reason, it’s safer to select the transport security option to configure SSL encryption.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">To illustrate, here’s Java code that can encode and then decode the username:password string:</span></div>
<br />
<pre style="background-image: URL(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9hx6a_6-cCrOg4GQVLUU4KhYa5rF3zSKIVQptpK9XN-vKg32Mo0iR7T1obBQ4YIdOnTF5lKYuc5Zjo2-Zdp-_Jl2EtlFomeutWNfnLW2ohqfYN2oCmICEZSTMypESzMnwuwcYx7k_TPlb/s320/codebg.gif); background: #f0f0f0; border: 1px dashed #CCCCCC; color: black; font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;"> Base64.Encoder encoder = Base64.getEncoder();
String normalString = "user1" + ":" + "password1";
String encodedString = encoder.encodeToString(normalString.getBytes(StandardCharsets.UTF_8));
System.out.println ("The encoded string is: " + encodedString);
Decoder decoder = Base64.getDecoder();
byte[] unencodedStringArray = decoder.decode(encodedString);
String unencodedString = new String (unencodedStringArray);
System.out.println ("The unencoded string is: " + unencodedString);
The encoded string is: dXNlcjE6cGFzc3dvcmQx
The unencoded string is: user1:password1
</code></pre>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">So - unlike encrypted strings, your encoded username and password strings are not secure!</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">When a Request is made to the Service</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">It’s interesting to see step-by-step what happens when a request is made to the service and the BASIC authentication policy is applied. Let’s take a look at the request and the responses. I used the “HttpFox” http analyzer (</span><a href="https://addons.mozilla.org/en-us/firefox/addon/httpfox/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">https://addons.mozilla.org/en-us/firefox/addon/httpfox/</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">) to “listen in” on the requests sent to the server and the responses sent back.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Here’s the first request made to the service, notice that a username/password is not included. </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br />
<pre style="background-image: URL(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9hx6a_6-cCrOg4GQVLUU4KhYa5rF3zSKIVQptpK9XN-vKg32Mo0iR7T1obBQ4YIdOnTF5lKYuc5Zjo2-Zdp-_Jl2EtlFomeutWNfnLW2ohqfYN2oCmICEZSTMypESzMnwuwcYx7k_TPlb/s320/codebg.gif); background: #f0f0f0; border: 1px dashed #CCCCCC; color: black; font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;"> (Request-Line) GET /apiman-gateway/serviceProducerOrg/echossl/1.0?apikey=6f8784cd-5754-47b0-9b8b-b2eb8c5b190f HTTP/1.1
Host localhost:8443
User-Agent Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language en-US,en;q=0.5
Accept-Encoding gzip, deflate
Cookie __utma=111872281.1348865079.1409020839.1411395889.1419258109.7; __utmz=111872281.1409020839.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_fid=72CCAD206D09146C-233B60F47DBEA290
Connection keep-alive
</code></pre>
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">The response, as we expected, shows that the request has triggered an authentication failure. This is due to the authentication requirement that we defined and is being applied by the API Gateway. Note the 401 error code and the reference to BASIC authentication:</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br />
<pre style="background-image: URL(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9hx6a_6-cCrOg4GQVLUU4KhYa5rF3zSKIVQptpK9XN-vKg32Mo0iR7T1obBQ4YIdOnTF5lKYuc5Zjo2-Zdp-_Jl2EtlFomeutWNfnLW2ohqfYN2oCmICEZSTMypESzMnwuwcYx7k_TPlb/s320/codebg.gif); background: #f0f0f0; border: 1px dashed #CCCCCC; color: black; font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;"> (Status-Line) HTTP/1.1 401 Unauthorized
X-Powered-By Undertow/1
Server WildFly/8
X-Policy-Failure-Type Authentication
Date Wed, 03 Jun 2015 13:43:26 GMT
Connection keep-alive
WWW-Authenticate BASIC realm="myRealm"
X-Policy-Failure-Code 10004
Content-Type application/json
Content-Length 165
X-Policy-Failure-Message BASIC authentication failed.
</code></pre>
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">The browser then automatically pops up a dialog for us to enter the username and password:</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><img alt="Screenshot-7.png" height="175px;" src="https://lh5.googleusercontent.com/hOWBQ7qTi1sfqZxyj455FMyCij5b9_JrEGfJ_B_vGJq31y_Dgh38WtW7HSNcNjeqmPhgCC6oMrgUIhSlivRYaeXnObuzKinAeB9bl5QrUdoCZ0vXr6i73kMPaQB3LC9d73pigbA" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="370px;" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">A request is then sent that includes the username and password encoded into a string. In this request, the encoded (but not encrypted) username and password are included:</span><br />
<br />
<pre style="background-image: URL(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9hx6a_6-cCrOg4GQVLUU4KhYa5rF3zSKIVQptpK9XN-vKg32Mo0iR7T1obBQ4YIdOnTF5lKYuc5Zjo2-Zdp-_Jl2EtlFomeutWNfnLW2ohqfYN2oCmICEZSTMypESzMnwuwcYx7k_TPlb/s320/codebg.gif); background: #f0f0f0; border: 1px dashed #CCCCCC; color: black; font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;"> (Request-Line) GET /apiman-gateway/serviceProducerOrg/echossl/1.0?apikey=6f8784cd-5754-47b0-9b8b-b2eb8c5b190f HTTP/1.1
Host localhost:8443
User-Agent Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language en-US,en;q=0.5
Accept-Encoding gzip, deflate
Cookie __utma=111872281.1348865079.1409020839.1411395889.1419258109.7; __utmz=111872281.1409020839.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_fid=72CCAD206D09146C-233B60F47DBEA290
Connection keep-alive
Authorization Basic dXNlcjE6cGFzc3dvcmQx
</code></pre>
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="margin-bottom: 0pt; margin-top: 0pt;">
<div style="line-height: 1.38;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">And, then we get the successful return code of 200 in a response:</span></div>
<br />
<pre style="background-image: URL(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9hx6a_6-cCrOg4GQVLUU4KhYa5rF3zSKIVQptpK9XN-vKg32Mo0iR7T1obBQ4YIdOnTF5lKYuc5Zjo2-Zdp-_Jl2EtlFomeutWNfnLW2ohqfYN2oCmICEZSTMypESzMnwuwcYx7k_TPlb/s320/codebg.gif); background: #f0f0f0; border: 1px dashed #CCCCCC; color: black; font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;"> (Status-Line) HTTP/1.1 200 OK
Connection keep-alive
X-Powered-By Undertow/1
Server WildFly/8
Content-Length 755
Content-Type application/json
Date Wed, 03 Jun 2015 13:43:34 GMT
</code></pre>
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">In Conclusion</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Just because a service is managed doesn’t automatically make it secure. JBoss apiman provides you with multiple options to add an authentication requirement when clients access your managed service. </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Author’s Acknowledgements</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #222222; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">As always, the author would like to acknowledge Eric Wittmann and the apiman team for their review comments and suggestions on writing this post, and for adding new features to apiman!</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Links</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">apiman</span></div>
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<a href="http://www.apiman.io/latest/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">http://www.apiman.io</span></a></div>
</li>
</ul>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Previous articles in this series:</span></div>
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<a href="http://java.dzone.com/articles/impatient-new-users" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">http://java.dzone.com/articles/impatient-new-users</span></a></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<a href="http://java.dzone.com/articles/customizing-jboss-apiman" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">http://java.dzone.com/articles/customizing-jboss-apiman</span></a></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<a href="http://java.dzone.com/articles/jboss-apiman-api-manager-rest" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">http://java.dzone.com/articles/jboss-apiman-api-manager-rest</span></a></div>
</li>
</ul>
<h1 dir="ltr" style="line-height: 0; margin-bottom: 6pt; margin-top: 24pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">HTTP Authentication: Basic and Digest Access Authentication</span></h1>
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<a href="http://tools.ietf.org/html/rfc2617" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">http://tools.ietf.org/html/rfc2617</span></a></div>
</li>
</ul>
<br />Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-7822621472872946392015-05-25T19:07:00.004-07:002015-05-25T19:07:37.410-07:00Just reposted to DZone, too!<a href="http://java.dzone.com/articles/jboss-apiman-api-manager-rest">http://java.dzone.com/articles/jboss-apiman-api-manager-rest</a>Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-89569825965439912742015-05-19T11:16:00.001-07:002015-05-19T11:16:08.918-07:00Just reposted to the new apiman blog!That most recent post is now my first post to the apiman blog:<br />
<br />
<a href="http://www.apiman.io/blog/rest/api/automation/2015/05/19/rest-api.html">http://www.apiman.io/blog/rest/api/automation/2015/05/19/rest-api.html</a><br />
<br />
<br />Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-58010179421556502162015-05-18T18:44:00.000-07:002015-05-18T18:44:44.298-07:00JBoss' apiman's API Manager REST services API<div dir="ltr" id="docs-internal-guid-2320ed96-69ca-329d-8bb9-55c18cee3736" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: italic; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">In this, the third article in our series on apiman, JBoss' new open source API Management framework, we'll examine apiman’s </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"><i>API Manager REST services API</i>. </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: italic; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">apiman’s Management UI utilizes this API in the implementation for all of its user-visible features, and you can also use the same API to automate tasks with apiman. </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">Introduction</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">It's inevitable that, after you work with a product's UI for a while that you encounter tasks that are better suited to a scripting or batch interface. For example, if you have to perform a similar task for a large of related data items, the time that it can require to perform these tasks through an interactive UI can be prohibitive. Also, it's easy for repetitive tasks to become error prone as you can lose focus, even if you are working in a well designed and easy to use interface such as apiman. </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">One solution to this problem is to augment the UI with a command line or scripting interface. This can lead to a whole separate set of issues if the new interface is built on a different set of underlying routines than the UI. A better approach to allow access to the same routines in which the UI is constructed. This approach removes any duplication, and also enables you to replicate manual UI based tasks with automated or scripted tools. </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">JBoss apiman follows this second approach with its REST interface. All the services provided by apiman in its Management UI are directly supported in the API Manager REST services API. You can also directly access these same services through the REST API. </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">Prerequisites</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Like a lot of things with JBoss open source software, installing the REST API is easy. In fact, if you have apiman installed, then you already have the REST API installed. (You can’t get much easier than that!)</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">We covered installing apiman in the first article in this series (see: </span><a href="http://java.dzone.com/articles/impatient-new-users" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://java.dzone.com/articles/impatient-new-users</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">), so we won't repeat that information here. A minimal set of install instructions are always available on the apiman site (</span><a href="http://www.apiman.io/latest/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://www.apiman.io/latest/</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">). The current set of instructions as of this writing are:</span></div>
<br />
<pre style="background-image: URL(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9hx6a_6-cCrOg4GQVLUU4KhYa5rF3zSKIVQptpK9XN-vKg32Mo0iR7T1obBQ4YIdOnTF5lKYuc5Zjo2-Zdp-_Jl2EtlFomeutWNfnLW2ohqfYN2oCmICEZSTMypESzMnwuwcYx7k_TPlb/s320/codebg.gif); background: #f0f0f0; border: 1px dashed #CCCCCC; color: black; font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;"> mkdir ~/apiman-1.1.2.Final
cd ~/apiman-1.1.2.Final
wget http://download.jboss.org/wildfly/8.2.0.Final/wildfly-8.2.0.Final.zip
wget http://downloads.jboss.org/overlord/apiman/1.1.2.Final/apiman-distro-wildfly8-1.1.2.Final-overlay.zip
unzip wildfly-8.2.0.Final.zip
unzip -o apiman-distro-wildfly8-1.1.2.Final-overlay.zip -d wildfly-8.2.0.Final
cd wildfly-8.2.0.Final
./bin/standalone.sh -c standalone-apiman.xml
</code></pre>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br />
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Now that our apiman server is up and running, we can start to access the API Manager REST services API. However, before we start placing calls to services through the REST API, let’s take a look at how the API is organized. </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br />
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">The Organization of the API</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">The documentation for the apiman REST API is available (for free, of course), here: </span><a href="http://www.apiman.io/latest/api-manager-restdocs.html" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://www.apiman.io/latest/api-manager-restdocs.html</span></a></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">The services and their endpoints represented in the API are divided into these groups:</span></div>
<br />
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">actions - The actions endpoint (</span><a href="http://localhost:8080/apiman/actions/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/actions/</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">) enables you to execute actions for apiman entities (such as plans, services, applications, etc.)</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">system/status - The system/status endpoint (</span><a href="http://localhost:8080/apiman/system/status" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/system/status</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">) enables you to query the current state of the apiman system.</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">currentuser - The currentuser endpoint (</span><a href="http://localhost:8080/apiman/currentuser/info" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/currentuser/info</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">) enables you to obtain or update information about the current user. This information is related to the user’s applications, services, organizations, etc.</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">gateways - The gateways endpoint (</span><a href="http://localhost:8080/apiman/gateways/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/gateways/</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">) enables you to obtain information about an API Gateway, and to delete or create new gateways. </span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">organizations - The organizations endpoint (</span><a href="http://localhost:8080/apiman/organizations/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/organizations/</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">) enables you to obtain information about existing organizations and to create new organizations.</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">permissions - The permissions endpoint (</span><a href="http://localhost:8080/apiman/permissions/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/permissions/</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">) enables you to obtain information about user’s permissions.</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">plugins - The plugins endpoint (</span><a href="http://localhost:8080/apiman/plugins/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/plugins/</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">) enables you to obtain information about installed plugins, and to install new plugins.</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">policyDefs - The policyDefs endpoint (</span><a href="http://localhost:8080/apiman/policyDefs/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/policyDefs/</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">) enables you to obtain information about existing policy definitions, and to define new policy definitions.</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">roles - The roles endpoint (</span><a href="http://localhost:8080/apiman/roles/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/roles/</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">) enables you to obtain information about existing roles, update roles, and delete roles. </span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">search - The search endpoint (</span><a href="http://localhost:8080/apiman/search/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/search/</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">) enables you to search for applications, organizations, or services. </span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">users - The users endpoint (</span><a href="http://localhost:8080/apiman/users/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/users/</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">) enables you to search for information about users, including their applications and services. </span></div>
</li>
</ul>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Within each group, GET operations are defined to return information, and GET and POST operations are defined to make changes to apiman elements. Data passed to and returned from services through the API is in the form of JSON along with a return code.</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">Accessing Services in the API Manager REST services API</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">The best way to learn about the API Manager REST services API is to see it in action. Since these are REST services, it’s easy to access them. For example, we should be able to access the system status service with a simple GET operation at this endpoint:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<a href="http://localhost:8080/apiman/system/status" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/system/status</span></a></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Let’s try this with curl. If we execute the following command, we should see the current system status:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">curl -X GET</span><a href="http://localhost:8080/apiman/system/status" style="text-decoration: none;"><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/system/status</span></a></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Well, that error is not exactly what we expected. There was no output. </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">What went wrong? What’s missing? The answer is that our call to the service was missing authorization. In the same way that a user must login and be authorized to use the apiman Management UI, calls to the REST API must be authorized. </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">For our example, we’ll keep things simple and stick to using basic authorization. (We’ll take a more extensive look at apiman and security in a later article in this series.)</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">In order to resolve this failure, we have to send a properly encoded basic authorization header with every request you make. In Java8, we can generate a key by base64 encoding this string for the OOTB admin username and password: admin:admin123! with this statememt:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">base64encode(concat('admin', ':', 'admin123!'))</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">This yields a key with a value of: YWRtaW46YWRtaW4xMjMh</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Now, let’s try that curl command again, but this time, we’ll include the key in the authorization header: </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">$ curl -H "Authorization: Basic YWRtaW46YWRtaW4xMjMh"</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<a href="http://localhost:8080/apiman/system/status" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/system/status</span></a></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">And the result is:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">{"up":true,"version":"1.1.2-SNAPSHOT"}</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">As we mentioned earlier in this article, the responses returned by calls to the REST API are in in the form of JSON. In the case of our call to the </span><a href="http://localhost:8080/apiman/system/status" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://localhost:8080/apiman/system/status</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> endpoint, the expected format of the response is:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">{</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">version:string</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">up:boolean</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">}</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Let’s carry on by looking at a more extensive example, where we use the REST API to automate a task that would be tedious if performed in the apiman Management UI.</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">A Larger Example</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Let’s say that you want to create multiple new organizations. You could of course manually enter these into the apiman Management UI. But, if you have a large number of organizations, for example, one for each of the countries in the EU, or each of the states in the USA, this would be a tedious and error prone task. This is an ideal candidate task for automation with the REST API.</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">The coding for this example is simple. All you have to do is account for the encoding of the authorization to access the API Manager REST services API, and pass the information related to each organization that you create to this endpoint: </span><span style="background-color: transparent; color: black; font-family: 'Courier New'; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">http://localhost:8080/apiman/organizations</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Here’s an example program with an ice hockey flavor - the highlights are noted below:</span><br />
<br /></div>
<pre style="background-image: URL(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9hx6a_6-cCrOg4GQVLUU4KhYa5rF3zSKIVQptpK9XN-vKg32Mo0iR7T1obBQ4YIdOnTF5lKYuc5Zjo2-Zdp-_Jl2EtlFomeutWNfnLW2ohqfYN2oCmICEZSTMypESzMnwuwcYx7k_TPlb/s320/codebg.gif); background: #f0f0f0; border: 1px dashed #CCCCCC; color: black; font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;">1: package apimanExample;
2: import java.io.IOException;
3: import java.io.OutputStreamWriter;
4: import java.net.HttpURLConnection;
5: import java.net.URL;
6: import java.nio.charset.StandardCharsets;
7: import java.util.Base64;
8: public class SimplePutOrg {
9: public static void main(String[] args) throws Exception {
10: String [] [] originalSix = {
11: { "Boston", "Chicago", "Detroit", "Montreal", "New York", "Toronto"},
12: { "Bruins", "BlackHawks", "Red Wings", "Canadiens", "Rangers", "Maple Leafs"}
13: };
14: for (int i = 0; i < 6; i++) {
15: System.out.println ("Creating new apiman org for: " + originalSix [0][i] + ":" + originalSix [1][i]);
16: System.out.println ("Return code = " + createNewOrg (originalSix [0][i], originalSix [1][i]));
17: }
18: }
19: private static int createNewOrg (String newOrgName, String newOrgDescription) throws IOException {
20: URL url = new URL("http://localhost:8080/apiman/organizations");
21: HttpURLConnection connection = (HttpURLConnection) url.openConnection();
22: Base64.Encoder encoder = Base64.getEncoder();
23: String normalString = "admin:admin123!";
24: String encodedString = encoder.encodeToString(normalString.getBytes(StandardCharsets.UTF_8));
25: connection.setRequestProperty("Authorization", "Basic " + encodedString);
26: connection.setRequestMethod("POST");
27: connection.setDoOutput(true);
28: connection.setRequestProperty("Content-Type", "application/json");
29: connection.setRequestProperty("Accept", "application/json");
30: OutputStreamWriter osw = new OutputStreamWriter(connection.getOutputStream());
31: osw.write(String.format("{\"name\":\"" + newOrgName + " a new org\",\"description\":\"" + newOrgDescription + "\"}"));
32: osw.flush();
33: osw.close();
34: return connection.getResponseCode();
35: }
36: }
</code></pre>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Code highlights:</span><br />
<ul>
<li><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Lines 10-13: Here's where we define the test data. For this example, we'll use the National Hockey League's "original 6" teams. </span></li>
<li><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Line 20: Here's the URL for the service to which we'll connect to create the new organizations. </span></li>
<li><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Lines 22-24 - Here's where we set up the encoding for the BASIC authorization.</span></li>
<li><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Lines 25-29 - And here's where we create the HttpURLConnection that we will use to connect to the service.</span></li>
<li><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Line 26: Note that we will be performing a POST operation. </span></li>
<li><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Lines 30-33 - And finally, here's where we connect to the service and send our POST requests to create the new organizations. </span></li>
</ul>
</div>
<br />
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">When we run this example, the following output indicates that the calls to the service through the REST API were successful, based on the return code of 200:</span><br />
<br />
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span></div>
<pre style="background-image: URL(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9hx6a_6-cCrOg4GQVLUU4KhYa5rF3zSKIVQptpK9XN-vKg32Mo0iR7T1obBQ4YIdOnTF5lKYuc5Zjo2-Zdp-_Jl2EtlFomeutWNfnLW2ohqfYN2oCmICEZSTMypESzMnwuwcYx7k_TPlb/s320/codebg.gif); background: #f0f0f0; border: 1px dashed #CCCCCC; color: black; font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;"> Creating new apiman org for: Boston:Bruins
Return code = 200
Creating new apiman org for: Chicago:BlackHawks
Return code = 200
Creating new apiman org for: Detroit:Red Wings
Return code = 200
Creating new apiman org for: Montreal:Canadiens
Return code = 200
Creating new apiman org for: New York:Rangers
Return code = 200
Creating new apiman org for: Toronto:Maple Leafs
Return code = 200
</code></pre>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">And - here’s the server output that tracks the creation of the new organizations:</span><br />
<br />
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span></div>
<pre style="background-image: URL(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9hx6a_6-cCrOg4GQVLUU4KhYa5rF3zSKIVQptpK9XN-vKg32Mo0iR7T1obBQ4YIdOnTF5lKYuc5Zjo2-Zdp-_Jl2EtlFomeutWNfnLW2ohqfYN2oCmICEZSTMypESzMnwuwcYx7k_TPlb/s320/codebg.gif); background: #f0f0f0; border: 1px dashed #CCCCCC; color: black; font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;"> 21:17:53,205 INFO [stdout] (default task-19) Created organization Boston a new org: OrganizationBean [id=Bostonaneworg, name=Boston a new org, description=Bruins, createdBy=admin, createdOn=Sun May 17 21:17:53 GMT-05:00 2015, modifiedBy=admin, modifiedOn=Sun May 17 21:17:53 GMT-05:00 2015]
21:17:53,233 INFO [stdout] (default task-21) Created organization Chicago a new org: OrganizationBean [id=Chicagoaneworg, name=Chicago a new org, description=BlackHawks, createdBy=admin, createdOn=Sun May 17 21:17:53 GMT-05:00 2015, modifiedBy=admin, modifiedOn=Sun May 17 21:17:53 GMT-05:00 2015]
21:17:53,253 INFO [stdout] (default task-23) Created organization Detroit a new org: OrganizationBean [id=Detroitaneworg, name=Detroit a new org, description=Red Wings, createdBy=admin, createdOn=Sun May 17 21:17:53 GMT-05:00 2015, modifiedBy=admin, modifiedOn=Sun May 17 21:17:53 GMT-05:00 2015]
21:17:53,275 INFO [stdout] (default task-25) Created organization Montreal a new org: OrganizationBean [id=Montrealaneworg, name=Montreal a new org, description=Canadiens, createdBy=admin, createdOn=Sun May 17 21:17:53 GMT-05:00 2015, modifiedBy=admin, modifiedOn=Sun May 17 21:17:53 GMT-05:00 2015]
21:17:53,295 INFO [stdout] (default task-27) Created organization New York a new org: OrganizationBean [id=NewYorkaneworg, name=New York a new org, description=Rangers, createdBy=admin, createdOn=Sun May 17 21:17:53 GMT-05:00 2015, modifiedBy=admin, modifiedOn=Sun May 17 21:17:53 GMT-05:00 2015]
21:17:53,316 INFO [stdout] (default task-29) Created organization Toronto a new org: OrganizationBean [id=Torontoaneworg, name=Toronto a new org, description=Maple Leafs, createdBy=admin, createdOn=Sun May 17 21:17:53 GMT-05:00 2015, modifiedBy=admin, modifiedOn=Sun May 17 21:17:53 GMT-05:00 2015]
</code></pre>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">And finally, here are the organizations as displayed in the apiman Management UI:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"><img alt="orgs.png" height="323px;" src="https://lh6.googleusercontent.com/YhmgL-xjxOIaij5e8wJ5aA0J6F4NViWmU9_TuF7u9nwKtySu2qqw_5s3Q6CEZ9sglD6MqEKGU2CAn2ol5sJLzeOoEY3HNmUb-nJ6Iws7DrvxVvcJSZ5hl5ubLmutiZS7EXm_ni0" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="624px;" /></span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">(It’s been a tough year for Boston Bruins’ fans. It’s nice to see the team listed first, even if it’s just an alphabetic list. ;-)</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">In Conclusion</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">The architecture of the apiman Management UI is that the UI is built on top of a REST API. This architecture makes it possible for you to directly access the services exposed by the API, and enables you to automate the tasks that you perform in the UI. </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">Author Acknowledgements</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">As always, the author thanks the members of the apiman team (especially Eric Wittman) for their input and for their efforts in creating apiman!</span></div>
<br />
<br />
<br />Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-52498324478790785012015-03-06T06:24:00.000-08:002015-03-06T06:24:27.552-08:00JBoss apiman Customized Policy Article Reposted on DZone!<a href="http://java.dzone.com/articles/customizing-jboss-apiman"><br /></a>
<a href="http://java.dzone.com/articles/customizing-jboss-apiman">http://java.dzone.com/articles/customizing-jboss-apiman</a>Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-40775745873333585582015-02-23T17:39:00.000-08:002015-02-26T06:05:40.843-08:00Customizing apiman Through Policy Plugins<div dir="ltr" id="docs-internal-guid-bf01c15d-b8b3-2581-246a-3aa2d97d98bb" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: italic; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">This is the second in a series of articles exploring API management with JBoss apiman. The first article (<a href="http://java.dzone.com/articles/impatient-new-users">http://java.dzone.com/articles/impatient-new-users</a>) was a general introduction to apiman for impatient users where in only 10 minutes we installed apiman, created users and organizations, and services, policies, contracts, and applications. In this article, we'll take the first step toward customizing apiman by creating new plugins to implement service policies.</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">The major new feature added to release 1.0.2 of apiman (<a href="http://www.apiman.io/">http://www.apiman.io/</a>) is the ability to extend its features through a custom plugin framework. Since policies perform the most important apiman runtime operations, plugins that enable you to create new policies are the first type of plugins to be supported.</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">In this article, we'll examine all the steps that you must perform to create a new policy plugin, and then import it into apiman and configure a service to put it into use.</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">Prerequisites</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">For this article, we’ll assume that you have completed all the steps in the first article in this series. The first article guides even the most impatient user through installing and using apiman.</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">Accessing the Example Plugins</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Like all JBoss software, apiman provides functioning example code that you can use as a starting point for your own plugins. The easiest way to create and package an apiman is as a standard maven project packaged as a .war file. </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">To download a copy of the example plugins, execute this git command:</span></div>
<pre style="background-image: URL(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9hx6a_6-cCrOg4GQVLUU4KhYa5rF3zSKIVQptpK9XN-vKg32Mo0iR7T1obBQ4YIdOnTF5lKYuc5Zjo2-Zdp-_Jl2EtlFomeutWNfnLW2ohqfYN2oCmICEZSTMypESzMnwuwcYx7k_TPlb/s320/codebg.gif); background: #f0f0f0; border: 1px dashed #CCCCCC; color: black; font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;"> git clone https://github.com/apiman/apiman-plugins
</code></pre>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">When the git clone operation completes, you’ll have the source code for multiple example plugins. The exact set of plugins that you have downloaded may change, depending on when you download them, as more examples are always being added. For the purposes of this article, we’ll focus on the “config-policy” example plugin. This plugin demonstrates how a plugin can be used to set the value of properties in a message being processed by a service. Specifically, this plugin defines properties in the request and response headers and enables you to set their values to “true.”</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">Requirements for a Plugin Implementation</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">The easiest way that an apiman policy plugin can be build and packaged is as a standard maven project packaged as a .war file. There are just a few modifications that are required to convert a .war into a plugin.</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Let’s take a closer look at the files and directories that comprise the apiman config-policy plugin, and the changes that are needed to implement a plugin:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">├---pom.xml</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">└---src</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">└---main</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">├---apiman</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">│ ├---plugin.json</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">│ └---policyDefs</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">│ </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">├---config-policyDef.json</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">│ </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">└---schemas</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">│ └---config-policyDef.schema</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">└---java</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">└---io</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">└---apiman</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">└---plugins</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">└---config_policy</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">├---ConfigBean.java</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">└---ConfigPolicy.java</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">The most obvious difference is the addition of the “apiman” directory. This directory is used to contain the configuration files for the plugin. (In other words, the files that make the project a plugin.) The only project-wide configuration change that you have to make is to modify the plugin’s maven pom.xml file to include the apiman directory when the project is built. The following lines are added to the plugin’s pom.xml file:</span></div>
<br />
<pre style="background-image: URL(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9hx6a_6-cCrOg4GQVLUU4KhYa5rF3zSKIVQptpK9XN-vKg32Mo0iR7T1obBQ4YIdOnTF5lKYuc5Zjo2-Zdp-_Jl2EtlFomeutWNfnLW2ohqfYN2oCmICEZSTMypESzMnwuwcYx7k_TPlb/s320/codebg.gif); background: #f0f0f0; border: 1px dashed #CCCCCC; color: black; font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;"> <resource>
<directory>src/main/apiman</directory>
<targetPath>META-INF/apiman</targetPath>
<filtering>true</filtering>
</resource>
</code></pre>
<span style="font-family: "Courier New",Courier,monospace;"><br /></span>
<br />
<span style="font-family: "Courier New",Courier,monospace;"><br /></span>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">The result of these statements in the pom.xml file is that the contents of the apiman directory are included in the project build’s META-INF directory. (We’ll take a look at this later when we build the plugin project.) Setting filtering to true enables maven property expansion during the creation of the plugin war file.</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Configuration files for the plugin are contained in the apiman directory. The primary configuration file is the “plugin.json” file. This file is required for all apiman plugins, regardless of the plugin type. The meta-data contained in this file describes the plugin and is displayed in the API Manager UI. </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Since our example is contributing a policy, it must contain a JSON file that defines the policy. This JSON file is contained in the apiman/policyDefs directory and is named “config-policyDef.json.” This file defines the following fields for the policy:</span></div>
<br />
<ul style="margin-bottom: 0pt; margin-top: 0pt;">
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">id - A unique identifier for the policy</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">name - A user friendly (in other words, a human readable) name for the policy. This policy name is displayed in the API Manager UI</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">description - A description of the policy</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">policyImpl - This is the fully qualified classname name of the Java class that actually implements the policy. This value must be properly formatted to include information about the plugin, including placeholders for maven properties, for example, project version.</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">icon - This is the name of a Font Awesome icon (</span><a href="http://fortawesome.github.io/Font-Awesome/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://fortawesome.github.io/Font-Awesome/</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">) that is displayed for the Policy in the API Manager UI.</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">formType - The type of policy configuration UI form. Our example uses JsonSchema.</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; list-style-type: disc; text-decoration: none; vertical-align: baseline;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">form - This is a relative path to the policy configuration UI form contained in the plugin. Our examples uses the JSON Schema that defines the configuration data format. (More on this file in a minute.</span></div>
</li>
</ul>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">In our example, the config-policyDef.json looks like this:</span><br />
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span></div>
<span style="font-family: "Courier New",Courier,monospace;"><br /></span>
<br />
<pre style="background-image: URL(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9hx6a_6-cCrOg4GQVLUU4KhYa5rF3zSKIVQptpK9XN-vKg32Mo0iR7T1obBQ4YIdOnTF5lKYuc5Zjo2-Zdp-_Jl2EtlFomeutWNfnLW2ohqfYN2oCmICEZSTMypESzMnwuwcYx7k_TPlb/s320/codebg.gif); background: #f0f0f0; border: 1px dashed #CCCCCC; color: black; font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;"> {
"id" : "config-policy",
"name" : "Config Policy",
"description" : "A policy used to showcase policy configuration.",
"policyImpl" : "plugin:${project.groupId}:${project.artifactId}:${project.version}:${project.packaging}/io.apiman.plugins.config_policy.ConfigPolicy",
"icon" : "sliders",
"formType" : "JsonSchema",
"form" : "schemas/config-policyDef.schema"
}
</code></pre>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">We mentioned that since our example uses the JSON schema (</span><a href="http://json-schema.org/documentation.html" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://json-schema.org/documentation.html</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">), we have to also define the configuration data format. This is done in the policyDefs/schemas/config-policyDef.schema file. This file defines the format used in the policy configuration file data and is used by the API Manager UI to generate a form that is used to fill in the values to be used to configure the policy. In our example, the policy’s JSON schema defines two properties: requestHeader and responseHeader. </span><br />
<br />
<pre style="background-image: URL(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9hx6a_6-cCrOg4GQVLUU4KhYa5rF3zSKIVQptpK9XN-vKg32Mo0iR7T1obBQ4YIdOnTF5lKYuc5Zjo2-Zdp-_Jl2EtlFomeutWNfnLW2ohqfYN2oCmICEZSTMypESzMnwuwcYx7k_TPlb/s320/codebg.gif); background: #f0f0f0; border: 1px dashed #CCCCCC; color: black; font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;"> {
"title" : "Configure HTTP Headers",
"description" : "Set the HTTP request header to populate with the value 'true' when the request is made. Also set the HTTP response header to populate with the value 'true' after the response is received from the back-end service.",
"type" : "object",
"properties": {
"requestHeader": {
"title" : "Request Header",
"type" : "string",
"minLength" : 1,
"maxLength" : 64
},
"responseHeader": {
"title" : "Response Header",
"type" : "string",
"minLength" : 1,
"maxLength" : 64
}
}
}
</code></pre>
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">That finishes the description of the policy’s configuration files. To complete the policy plugin, the example also requires the Java implementation for the policy itself. The policy implementation is contained in the src/main/java/io/apiman/plugins/config_policy/ConfigPolicy.java file. The policy is very simple as it merely appends a header to the http request and response. </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Java policy classes must implement the apiman IPolicy interface. This example takes that a step further by actually extending the io.apiman.gateway.engine.policies.AbstractMappedPolicy class. By doing so, the policy Java code can take advantage of the AbstractMappedPolicy’s class use of the Jackson (<a href="https://github.com/FasterXML/jackson">https://github.com/FasterXML/jackson</a>) JSON parser to parse the policy configuration data into a Java bean. (In this example, the bean is implemented in src/main/java/io/apiman/plugins/config_policy/ConfigBean.java.) If the policy implemented the IPolicy interface, instead of extending AbstractMappedPolicy, then the policy Java class would have to implement its own parser. </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">Building the Plugin and Installing it into the Maven Repo</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Building the plugin with maven is easy. Just execute this command from the directory that contains the plugin’s pom.xml file.</span></div>
<br />
<pre style="background-image: URL(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9hx6a_6-cCrOg4GQVLUU4KhYa5rF3zSKIVQptpK9XN-vKg32Mo0iR7T1obBQ4YIdOnTF5lKYuc5Zjo2-Zdp-_Jl2EtlFomeutWNfnLW2ohqfYN2oCmICEZSTMypESzMnwuwcYx7k_TPlb/s320/codebg.gif); background: #f0f0f0; border: 1px dashed #CCCCCC; color: black; font-family: arial; font-size: 12px; height: auto; line-height: 20px; overflow: auto; padding: 0px; text-align: left; width: 99%;"><code style="color: black; word-wrap: normal;"> mvn install
</code></pre>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">In case you’re wondering why, we’re installing the plugin into the maven repo. The answer is simply that in the current release of apiman, the only supported install path is from the maven repo. Future releases of apiman will likely support additional installation paths.</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">Installing a Plugin into apiman</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">In apiman, a policy plugin, once installed, is available on a system-wide basis. Accordingly, plugins can only be installed by an admin user. After you login as admin, you’ll see this in the admin UI:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"><img alt="apiman-1.png" height="213px;" src="https://lh4.googleusercontent.com/sLy_wmjq93B21esimzkkagMj4wBAC3LoLKgReeG4JiCZzkygiaCCj1DAsXQgwSYqJWnn49EH8gOaR0uZAvKbkgFggtY25GKZpt1BvQiCJlp3a-uivmqt8hh1dLhVL7Pb4-s" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="578px;" /></span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">After selecting “Manage Plugins,” you’ll see a screen that looks like this:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"><img alt="apiman-2.png" height="185px;" src="https://lh4.googleusercontent.com/e06xtUsv7r9YZj1mhvKqu1LxwSov4u_oMW2dAAN1vfPC3LJv1Skn95FE7pzL3K5b585I77QtlYCuKr6hWbIZQqicD4sj_hTy4hqmN98MYnlWS7KBum4PkuDWhYTsDn0tjws" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="624px;" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">And, if you then select “Add Plugin,” you’ll see this screen:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"><img alt="apiman-3.png" height="528px;" src="https://lh4.googleusercontent.com/1wbNgWizGXeSel6JtRE4FtWp9bib5HwJFc7qQKt_Ym-1YlN0dO0gf_pu9cX7caBCda8VjlyFjlP84Hnb8Tdi2NgDVZhNcdNbAFYJlDrRF5phaGG6Rzpk4SNqTvwSeX8URJk" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="527px;" /></span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">The GroupId, ArtifactId, and Version information is all available in the example plugin’s pom.xml file:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">GroupId: io.apiman.plugins</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">ArtifactId: apiman-plugins-config-policy</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Version: 1.0.3-SNAPSHOT</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">After you enter this information for the plugin and click on “Add Plugin,” you’ll see this displayed in the UI:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"><img alt="apiman-4.png" height="130px;" src="https://lh4.googleusercontent.com/LbG07hB-qdKcHmd7clobbBr8AkbaCpCba91uXWFa-kFL2CL5h4I5aXHo17N8RC0bSfeeujFPRd9FFJeuuJhRRb2rvJC1WnXIspFigBiyB1pjL2GxZt3UFuDrMWCbQkJPBag" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="530px;" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Congratulations! The plugin is installed and is ready to be used! Let’s add it to a service and see it in action. </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">Using the Installed Plugin </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">First, we have to log out of the admin account in the Admin UI and then log back in as the “serprov” service provider. Then, select our “echo” service, and create a new version of the service, based on the original version of the service:</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"><img alt="apiman-6.png" height="274px;" src="https://lh3.googleusercontent.com/yAgpddG709ZvIae2XsGq6mJVCj_r60tCqG1PeghnC0Xc4biAGitBdYyH45qloakRA5GMfWTIoICNiHoAcy7PycJ8xSAyiiW2kOeE3FhIfPI_CmFvxaGPjK9Z5NqrhkIunvc" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="522px;" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">And, when you add a new policy to the service, you’ll see the example config service that we just installed:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"><img alt="apiman-5.png" height="373px;" src="https://lh3.googleusercontent.com/sfKYvAusS8lpu-a7Mkg97qVpI3W-0S9Ipf3uvBD2uIUXUeFJWh0eWeook90Fb15NCMMu7V7h1vOUdsgFMgPrXOxlPuH_flKaUTMZCnOsF11Eb-ZMZHVDx95-DQc3CXnqLqM" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="520px;" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">When you select the Config Policy, you’ll be presented with a dialog where you can specify the values for the two properties defined in the policy:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"><img alt="apiman-7.png" height="347px;" src="https://lh6.googleusercontent.com/XP_FQj_uzY-o0y6syw65hHbHvmznrouhKBM0TlUlzvHV2raUzCaCJID_QH5IQAnSyyaFkTk6dYcxv_NVzYH3SIVtKC582TwgzqGUmvb6e4jx6kg2bLlP1mgRs6gzva7JBRM" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="531px;" /></span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Let’s fill in some easy to remember values:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"><img alt="apiman-8.png" height="99px;" src="https://lh5.googleusercontent.com/stwwDUwzFtZ4i_fnYM590al5dtVzjEW3xcU517CFUBgpFCAyYojKjqLyOOEbDzmM-NRjzZNenPVzp6QRVdD8yzUMFiEz6nxr2iV9Iq8yrPYxvDYKm8AWZrhPN3M_0sQ_OQY" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="537px;" /></span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">After adding the policy, you’ll see it displayed in the policies defined for the service:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"><img alt="apiman-9.png" height="148px;" src="https://lh5.googleusercontent.com/4IrmM0byHN28DrjZRT5LZV3VLEGIbKfqUTx4IvLal8cqGFBDj3NRD99sQiWjPrjdcFs3_Am2Urj4gYcuWaBqLeZd-NKtunrMpDUfor5He_Hg9G8R_zoYdVf_umDaXs6j-l4" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="515px;" /></span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">Then publish the service. In order to consume the service, login to the API Manager UI as the application developer “appdev,” and create a new application that uses the new service. (We covered the creation of new applications in detail in the first article in this series - </span><a href="http://java.dzone.com/articles/impatient-new-users" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://java.dzone.com/articles/impatient-new-users</span></a><span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">)</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">And when the service is invoked, you’ll see something like this:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"><img alt="apiman99.png" height="212px;" src="https://lh5.googleusercontent.com/GPzZL4jsDozsN2tGR8F4vMSHtWp-HkDAgTOnhDCkJXLRvFBuYJIr07mrAqL8s_2w6lfaO6HRmPn-Br_RaU_S7aKQb7PZQuy5I-88ktkzO4OXkzeiLRP80tA0J-EbUt-noow" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="524px;" /></span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">And this:</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;"><img alt="apiman100.png" height="215px;" src="https://lh6.googleusercontent.com/cpTG5Uka3hHLa-_3AownGUcIyh2kjWmgBxVSiK6E8vhpZ4KOwSMNCKANehTE0GzP1xLjASM4UHrPa8PoHdhRZeI8ljxdhls4wKTQfNmAXmRjz0E_RREwnGj7w8rQ17fIKiA" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="518px;" /></span></div>
<br />
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">In Conclusion</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">OK, let’s recap. apiman is a rapidly growing and developing project. Each new release brings new features. In release 1.0.2, it became possible for users to contribute custom policies into their apiman installation through the API Manager UI. </span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">Acknowledgements</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">As always, the author would like to acknowledge Eric Wittmann for his (never impatient) review comments and suggestions on writing this post, and for adding new features to apiman!</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: bold; text-decoration: none; vertical-align: baseline;">References</span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: none; vertical-align: baseline;">The first article in this series - </span><a href="http://java.dzone.com/articles/impatient-new-users" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: Arial; font-size: 15px; font-style: normal; font-variant: normal; font-weight: normal; text-decoration: underline; vertical-align: baseline;">http://java.dzone.com/articles/impatient-new-users</span></a></div>
<br />Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0tag:blogger.com,1999:blog-7133180390032268932.post-87339893352464608092015-01-09T04:34:00.000-08:002015-01-09T04:34:03.894-08:00apiman Reposted on DZone!The apiman post from December was just reposted on DZone: <a href="http://java.dzone.com/articles/impatient-new-users">http://java.dzone.com/articles/impatient-new-users</a><br />
<br />
A very cool approach to API Managament!<br />
<br />
<br />Len DiMaggiohttp://www.blogger.com/profile/07124585546929851174noreply@blogger.com0