Re: [Apiman-user] Docker image for Apiman 1.1.9.Final
by Ton Swieb
Hi Eric,
Thanks for kicking of the docker build.
I did find the 1.1.9.Final Docker image, but it looks like "latest" is
still pointing at 1.1.8.Final.
When doing a "docker pull jboss/apiman-wildfly" I end up with the
1.1.8.Final version instead of the 1.1.9.Final.
Regards,
Ton
2015-11-17 16:53 GMT+01:00 Eric Wittmann <eric.wittmann(a)redhat.com>:
> Alas we do not control the tagging of that docker image and sometimes
> forget to check to see if it was done. This time it was overlooked by the
> /r/jboss guys. :)
>
> I should be building now. Keep an eye on it and if you don't see a
> 1.1.9.Final docker image sometime soon let me know.
>
> Looks like there might be some docker hub issues ATM that may delay things.
>
> -Eric
>
> On 11/17/2015 7:26 AM, Ton Swieb wrote:
>
>> Hi,
>>
>> Is there a docker image available for the 1.1.9.Final release?
>> I would expect it to find it here:
>> https://hub.docker.com/r/jboss/apiman-wildfly/
>> But 1.1.8.Final is the latest I can find there.
>>
>> regards,
>>
>> Ton
>>
>>
>>
>> _______________________________________________
>> Apiman-user mailing list
>> Apiman-user(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/apiman-user
>>
>>
9 years, 2 months
Securing apiman admin resources and ports
by Paul Blair
One thing we're noticing working with apiman is that besides the apiman management console, running apiman on Wildfly exposes a Wildfly admin console as well. In addition, the Wildfly configuration exposes ports for ajp and several other things. We're looking to make sure all this is locked down and secure. I have a few questions relative to that:
One alternative for us would be to run the gateway and management console with embedded Jetty instead of Wildfly as described in the recent post on micro-services. Since we want all authentication to go through Keycloak it looks like we'd need to modify the authentication handlers/filters in the gateway. Is there a good example of how to go about writing an authentication handler for Keycloak?
What would we be giving up if we were to go with the micro-service approach rather than running on Wildfly? One thing I know we'd be giving up is the HA clustering. Is apiman stateless? Could we just run multiple Jetty instances and load balance across them?
If we stay on Wildfly we'd like to secure the Wildfly management console using Keycloak, which I read is possible using Wildfly 9. Is there any issue with deploying apiman to Wildfly 9?
9 years, 2 months
Forwarding HTTP requests to service implementations secured by OAuth
by Ton Swieb
Hi,
I am using Apiman 1.1.8.Final and I want to use a backend service in Apiman
which is secured by OAuth.
So instead of securing the Apiman side of the service, using the Keycloak
OAuth plugin, Apiman needs forward calls to a service implementation that
is secured by OAuth. I have got an OAuth token with a very long time to
live (days/weeks/months) which I can use.
Currently I only see the option to configure BASIC Authentication or
MTLS/Two-Way-SSL on the service implementation.
Would it be possible to add the HTTP Simple Header policy to the service
and set the Authorization header with "Bearer........." or will that be
stripped off by Apiman when forwarding the call to the backend service?
Kind regards,
Ton
9 years, 2 months
Initial gateway config
by Pavel Maslov
Hi everyone,
What should be the initial gateway configuration?
I am trying with the following settings and I get the "Authentication to
the gateway failed" message:
Configuration Endpoint: http://localhost:8080/apiman-gateway-api/
username: apimanager
password: apimanager
Thanks!
Regards,
Pavel Maslov, MS
9 years, 2 months
Launch Vertx 3, Jetty with Apiman UI
by Charles Moulliard
Hi,
Is it possible to start/launch vertx3 gateway
(target/apiman-gateway-platforms-vertx3-1.2.0-SNAPSHOT-fat.jar -conf
src/conf/conf.json) or Jetty locally and deploy also the web front end
of apiman ui ?
Regards,
Charles
9 years, 3 months
