I'd like to reboot the discussion around SOAP support in apiman.
Originally I was thinking we could implement it without parsing the full
message. I even have some code for doing this.
However, after thinking about it some more (and after some discussion
about soapaction vs. resource path in a separate jira) I'm thinking we
simply have an option that will parse the entire soap message upfront
*as an option*.
I'd like any opinions anyone might have on this matter. :) The idea
would be to handle the soap message in a java-standard fashion (jax-ws,
javax.xml.soap, SAAJ, etc). The resulting soap message would be
available to policies as part of the policy context, and it could be
processed however the policy wants.
When proxying to the back-end, the (possibly modified) soap message will
be serialized to a string and written to the back-end API.
Question for @Keith primarily: do you have any advice/code that
efficiently parses a soap message? And is there someone you've worked
with that has a lot of SOAP experience who could perhaps chime in some
I have redeployed the Apiman app on Openshift and created a new application
using Fabric8 (with maven archetype -> CXF CDI) When I open the Apiman GUI
and click on "Go To My Namespaces" or "Find a Namespace", the page is empty
Do we have to configure something else to see the project/namespace ?
I'm currently working on a Web Application Firewall idea on my free
time, and I think this might somehow fit within the scope of apiman.
Web Application Firewall is a proxy or filter that sits in front of an
application, accepting/rejecting requests. The main idea is to block
malicious requests before they reach the protected application. One
example of such component is ModSecurity.
I see that apiman already has some features around security, but I'm not
sure how far into this realm the project wants to go. Is there an
interest in having such a feature? If so, what would make most sense:
something completely inside apiman, or light integration with an
external service (in a microservices fashion)?
1 - https://www.modsecurity.org/
I get this warning /error message during mvn install phase
"Found 24 illegal transitive type dependencies in artifact" during build
process of "io.apiman:apiman-gateway-osgi-servlet:bundle:1.2.4-SNAPSHOT".
The mvn dependency:tree doesn't report any issues -
What could be the root cause ?